Configure a custom authentication filter

For the moment the same behavior than before the authentication filter is kept. Later it will be used to do some redirects depending on if the user is bound or not to any resource. In order to define a custom authentication filter it's needed to set auto-config="false" see http://static.springsource.org/spring-security/site/docs/2.0.x/reference/ns-config.html#ns-auto-config We also need an entry point specified by "entry-point-ref" attribute. FEA: ItEr76S28UserDashboard
2012-05-16 09:01:27 +02:00 · 2012-05-16 09:01:27 +02:00 · ce34595afd
commit ce34595afd
parent 9027217e2d
1 changed files with 26 additions and 3 deletions
--- a/libreplan-webapp/src/main/resources/libreplan-webapp-spring-security-config.xml
+++ b/libreplan-webapp/src/main/resources/libreplan-webapp-spring-security-config.xml
@ -9,7 +9,8 @@
    <!-- NOTE: see http://static.springsource.org/spring-security/site/docs/2.0.x/apidocs/org/springframework/security/vote/AuthenticatedVoter.html
        for an explanation of the meaning of IS_AUTHENTICATED_ANONYMOUSLY and IS_AUTHENTICATED_FULLY. -->

-    <http auto-config="true" realm="LibrePlan Web Application">
+    <http auto-config="false" realm="LibrePlan Web Application"
+        entry-point-ref="customAuthenticationEntryPoint">

        <!-- Web services -->
        <intercept-url pattern="/ws/rest/**" access="ROLE_WS_READER"
@ -36,6 +37,7 @@
            access="IS_AUTHENTICATED_ANONYMOUSLY" />
        <intercept-url pattern="/common/layout/timeout.zul"
            access="IS_AUTHENTICATED_ANONYMOUSLY" />
+
        <intercept-url pattern="/advance/**" access="ROLE_ADMINISTRATION" />
        <intercept-url pattern="/resources/criterions/**"
            access="ROLE_ADMINISTRATION" />
@ -54,8 +56,11 @@
            access="ROLE_ADMINISTRATION" />
        <intercept-url pattern="/expensesheet/**" access="ROLE_ADMINISTRATION,ROLE_EXPENSE_TRACKING"/>
        <intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY" />
-        <form-login login-page="/common/layout/login.zul"
-            authentication-failure-url="/common/layout/login.zul?login_error=true" />
+
+        <anonymous />
+        <http-basic />
+        <logout />
+        <remember-me />

    </http>

@ -115,4 +120,22 @@
        Provider. -->
    <beans:bean id="ldapUserDetailsService"
        class="org.libreplan.web.users.services.LDAPUserDetailsService" />
+
+    <!-- Configured a custom authentication filter -->
+    <authentication-manager alias="authenticationManager" />
+
+    <beans:bean id="customAuthenticationFilter"
+        class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter" >
+        <custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
+        <beans:property name="authenticationManager" ref="authenticationManager" />
+        <beans:property name="defaultTargetUrl" value="/planner/index.zul" />
+        <beans:property name="authenticationFailureUrl" value="/common/layout/login.zul?login_error=true" />
+        <beans:property name="allowSessionCreation" value="true" />
+    </beans:bean>
+
+    <beans:bean id="customAuthenticationEntryPoint"
+        class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
+        <beans:property name="loginFormUrl" value="/common/layout/login.zul"/>
+    </beans:bean>
+
 </beans:beans>