webapp/src/test/resources/test-spring-security.xml - atlas - Git at Google

 <?xml version="1.0" encoding="UTF-8"?>
 <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor
     license agreements. See the NOTICE file distributed with this work for additional
     information regarding copyright ownership. The ASF licenses this file to
     You under the Apache License, Version 2.0 (the "License"); you may not use
     this file except in compliance with the License. You may obtain a copy of
     the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required
     by applicable law or agreed to in writing, software distributed under the
     License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
     OF ANY KIND, either express or implied. See the License for the specific
     language governing permissions and limitations under the License. -->

 <beans:beans xmlns="http://www.springframework.org/schema/security"
              xmlns:beans="http://www.springframework.org/schema/beans"
              xmlns:security="http://www.springframework.org/schema/security"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xmlns:context="http://www.springframework.org/schema/context"
              xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
 						http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

     <security:http pattern="/login.jsp" security="none" />
     <security:http pattern="/css/**" security="none" />
     <security:http pattern="/img/**" security="none" />
     <security:http pattern="/libs/**" security="none" />
     <security:http pattern="/js/**" security="none" />
     <security:http pattern="/ieerror.html" security="none" />
     <security:http pattern="/api/atlas/admin/status" security="none" />
     <security:http pattern="/api/atlas/admin/metrics" security="none" />

     <security:http create-session="always"
                    entry-point-ref="entryPoint">
         <security:session-management
                 session-fixation-protection="newSession" />
         <intercept-url pattern="/**" access="isAuthenticated()" />
         <custom-filter ref="ssoAuthenticationFilter" after="BASIC_AUTH_FILTER" />

         <security:custom-filter ref="krbAuthenticationFilter" after="SERVLET_API_SUPPORT_FILTER" />
         <security:custom-filter ref="csrfPreventionFilter" after="REMEMBER_ME_FILTER" />

         <form-login
                 login-page="/login.jsp"
                 login-processing-url="/j_spring_security_check"
                 authentication-success-handler-ref="atlasAuthenticationSuccessHandler"
                 authentication-failure-handler-ref="atlasAuthenticationFailureHandler"
                 username-parameter="j_username"
                 password-parameter="j_password" />

         <security:logout logout-success-url="/login.jsp" delete-cookies="ATLASSESSIONID"
                          logout-url="/logout.html" />
         <http-basic />
         <headers disabled="true"/>
         <csrf disabled="true"/>
     </security:http>

     <beans:bean id="userDAO" class="org.apache.atlas.web.dao.UserDao" init-method="init"/>
     <beans:bean id="userDetailsService" class="org.apache.atlas.web.service.UserService">
         <beans:constructor-arg ref="userDAO"/>
     </beans:bean>
     <beans:bean id="atlasLDAPProvider" class="org.apache.atlas.web.security.AtlasLdapAuthenticationProvider"/>
     <beans:bean id="atlasFileProvider" class="org.apache.atlas.web.security.AtlasFileAuthenticationProvider">
         <beans:constructor-arg ref="userDetailsService"/>
     </beans:bean>
     <beans:bean id="atlasADProvider" class="org.apache.atlas.web.security.AtlasADAuthenticationProvider"/>
     <beans:bean id="atlasPamProvider" class="org.apache.atlas.web.security.AtlasPamAuthenticationProvider"/>
     <beans:bean id="atlasAuthenticationProvider" class="org.apache.atlas.web.security.AtlasAuthenticationProvider">
         <beans:constructor-arg index="0" ref="atlasLDAPProvider"/>
         <beans:constructor-arg index="1" ref="atlasFileProvider"/>
         <beans:constructor-arg index="2" ref="atlasADProvider"/>
         <beans:constructor-arg index="3" ref="atlasPamProvider"/>
     </beans:bean>

     <beans:bean id="krbAuthenticationFilter" class="org.apache.atlas.web.filters.AtlasAuthenticationFilter">
     </beans:bean>

     <beans:bean id="ssoAuthenticationFilter" class="org.apache.atlas.web.filters.AtlasKnoxSSOAuthenticationFilter">
         <beans:constructor-arg name="authenticationProvider" ref="atlasAuthenticationProvider"/>
     </beans:bean>

     <beans:bean id="csrfPreventionFilter" class="org.apache.atlas.web.filters.AtlasCSRFPreventionFilter">
     </beans:bean>

     <beans:bean id="atlasAuthenticationSuccessHandler"
                 class="org.apache.atlas.web.security.AtlasAuthenticationSuccessHandler" />

     <beans:bean id="atlasAuthenticationFailureHandler"
                 class="org.apache.atlas.web.security.AtlasAuthenticationFailureHandler" />

     <beans:bean id="formAuthenticationEntryPoint"
                 class="org.apache.atlas.web.filters.AtlasAuthenticationEntryPoint">
         <beans:constructor-arg value="/login.jsp"/>
     </beans:bean>

     <beans:bean id="authenticationEntryPoint"
                 class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
         <beans:property name="realmName" value="atlas.com" />
     </beans:bean>

     <beans:bean id="entryPoint" class="org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint">
         <beans:constructor-arg>
             <beans:map>
                 <beans:entry key="hasHeader('User-Agent','Mozilla')" value-ref="formAuthenticationEntryPoint" />
             </beans:map>
         </beans:constructor-arg>
         <beans:property name="defaultEntryPoint" ref="authenticationEntryPoint"/>
     </beans:bean>


     <security:authentication-manager
             alias="authenticationManager">
         <security:authentication-provider
                 ref="atlasAuthenticationProvider" />
     </security:authentication-manager>

     <security:global-method-security pre-post-annotations="enabled" />
 </beans:beans>
	<?xml version="1.0" encoding="UTF-8"?>
	<!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor
	license agreements. See the NOTICE file distributed with this work for additional
	information regarding copyright ownership. The ASF licenses this file to
	You under the Apache License, Version 2.0 (the "License"); you may not use
	this file except in compliance with the License. You may obtain a copy of
	the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required
	by applicable law or agreed to in writing, software distributed under the
	License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
	OF ANY KIND, either express or implied. See the License for the specific
	language governing permissions and limitations under the License. -->

	<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:beans="http://www.springframework.org/schema/beans"
	xmlns:security="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:context="http://www.springframework.org/schema/context"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
	http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

	<security:http pattern="/login.jsp" security="none" />
	<security:http pattern="/css/**" security="none" />
	<security:http pattern="/img/**" security="none" />
	<security:http pattern="/libs/**" security="none" />
	<security:http pattern="/js/**" security="none" />
	<security:http pattern="/ieerror.html" security="none" />
	<security:http pattern="/api/atlas/admin/status" security="none" />
	<security:http pattern="/api/atlas/admin/metrics" security="none" />

	<security:http create-session="always"
	entry-point-ref="entryPoint">
	<security:session-management
	session-fixation-protection="newSession" />
	<intercept-url pattern="/**" access="isAuthenticated()" />
	<custom-filter ref="ssoAuthenticationFilter" after="BASIC_AUTH_FILTER" />

	<security:custom-filter ref="krbAuthenticationFilter" after="SERVLET_API_SUPPORT_FILTER" />
	<security:custom-filter ref="csrfPreventionFilter" after="REMEMBER_ME_FILTER" />

	<form-login
	login-page="/login.jsp"
	login-processing-url="/j_spring_security_check"
	authentication-success-handler-ref="atlasAuthenticationSuccessHandler"
	authentication-failure-handler-ref="atlasAuthenticationFailureHandler"
	username-parameter="j_username"
	password-parameter="j_password" />

	<security:logout logout-success-url="/login.jsp" delete-cookies="ATLASSESSIONID"
	logout-url="/logout.html" />
	<http-basic />
	<headers disabled="true"/>
	<csrf disabled="true"/>
	</security:http>

	<beans:bean id="userDAO" class="org.apache.atlas.web.dao.UserDao" init-method="init"/>
	<beans:bean id="userDetailsService" class="org.apache.atlas.web.service.UserService">
	<beans:constructor-arg ref="userDAO"/>
	</beans:bean>
	<beans:bean id="atlasLDAPProvider" class="org.apache.atlas.web.security.AtlasLdapAuthenticationProvider"/>
	<beans:bean id="atlasFileProvider" class="org.apache.atlas.web.security.AtlasFileAuthenticationProvider">
	<beans:constructor-arg ref="userDetailsService"/>
	</beans:bean>
	<beans:bean id="atlasADProvider" class="org.apache.atlas.web.security.AtlasADAuthenticationProvider"/>
	<beans:bean id="atlasPamProvider" class="org.apache.atlas.web.security.AtlasPamAuthenticationProvider"/>
	<beans:bean id="atlasAuthenticationProvider" class="org.apache.atlas.web.security.AtlasAuthenticationProvider">
	<beans:constructor-arg index="0" ref="atlasLDAPProvider"/>
	<beans:constructor-arg index="1" ref="atlasFileProvider"/>
	<beans:constructor-arg index="2" ref="atlasADProvider"/>
	<beans:constructor-arg index="3" ref="atlasPamProvider"/>
	</beans:bean>

	<beans:bean id="krbAuthenticationFilter" class="org.apache.atlas.web.filters.AtlasAuthenticationFilter">
	</beans:bean>

	<beans:bean id="ssoAuthenticationFilter" class="org.apache.atlas.web.filters.AtlasKnoxSSOAuthenticationFilter">
	<beans:constructor-arg name="authenticationProvider" ref="atlasAuthenticationProvider"/>
	</beans:bean>

	<beans:bean id="csrfPreventionFilter" class="org.apache.atlas.web.filters.AtlasCSRFPreventionFilter">
	</beans:bean>

	<beans:bean id="atlasAuthenticationSuccessHandler"
	class="org.apache.atlas.web.security.AtlasAuthenticationSuccessHandler" />

	<beans:bean id="atlasAuthenticationFailureHandler"
	class="org.apache.atlas.web.security.AtlasAuthenticationFailureHandler" />

	<beans:bean id="formAuthenticationEntryPoint"
	class="org.apache.atlas.web.filters.AtlasAuthenticationEntryPoint">
	<beans:constructor-arg value="/login.jsp"/>
	</beans:bean>

	<beans:bean id="authenticationEntryPoint"
	class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
	<beans:property name="realmName" value="atlas.com" />
	</beans:bean>

	<beans:bean id="entryPoint" class="org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint">
	<beans:constructor-arg>
	<beans:map>
	<beans:entry key="hasHeader('User-Agent','Mozilla')" value-ref="formAuthenticationEntryPoint" />
	</beans:map>
	</beans:constructor-arg>
	<beans:property name="defaultEntryPoint" ref="authenticationEntryPoint"/>
	</beans:bean>


	<security:authentication-manager
	alias="authenticationManager">
	<security:authentication-provider
	ref="atlasAuthenticationProvider" />
	</security:authentication-manager>

	<security:global-method-security pre-post-annotations="enabled" />
	</beans:beans>