<?xml version="1.0" encoding="UTF-8"?> | |
<!-- | |
~ Licensed to the Apache Software Foundation (ASF) under one | |
~ or more contributor license agreements. See the NOTICE file | |
~ distributed with this work for additional information | |
~ regarding copyright ownership. The ASF licenses this file | |
~ to you under the Apache License, Version 2.0 (the | |
~ "License"); you may not use this file except in compliance | |
~ with the License. You may obtain a copy of the License at | |
~ | |
~ http://www.apache.org/licenses/LICENSE-2.0 | |
~ | |
~ Unless required by applicable law or agreed to in writing, | |
~ software distributed under the License is distributed on an | |
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
~ KIND, either express or implied. See the License for the | |
~ specific language governing permissions and limitations | |
~ under the License. | |
--> | |
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> | |
<beans> | |
<!-- Sample RDBMS data source that would exist in any application - not Apache Ki related. --> | |
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> | |
<property name="driverClassName" value="org.hsqldb.jdbcDriver"/> | |
<property name="url" value="jdbc:hsqldb:mem:jsecurity-spring"/> | |
<property name="username" value="sa"/> | |
</bean> | |
<!-- Populates the sample database with sample users and roles. --> | |
<bean id="bootstrapDataPopulator" class="org.apache.ki.samples.spring.BootstrapDataPopulator"> | |
<property name="dataSource" ref="dataSource"/> | |
</bean> | |
<!-- Simulated business-tier "Manager", not Apache Ki related, just an example --> | |
<bean id="sampleManager" class="org.apache.ki.samples.spring.DefaultSampleManager"/> | |
<!-- ========================================================= | |
Apache Ki Core Components - Not Spring Specific | |
========================================================= --> | |
<!-- Apache Ki's main business-tier object for web-enabled applications | |
(use DefaultSecurityManager instead when there is no web environment)--> | |
<bean id="securityManager" class="org.apache.ki.web.DefaultWebSecurityManager"> | |
<!-- Single realm app. If you have multiple realms, use the 'realms' property instead. --> | |
<property name="realm" ref="jdbcRealm"/> | |
<property name="sessionMode" value="jsecurity"/> | |
</bean> | |
<!-- Used by the SecurityManager to access security data (users, roles, etc). | |
Many other realm implementations can be used too (PropertiesRealm, | |
LdapRealm, etc. --> | |
<bean id="jdbcRealm" class="org.apache.ki.realm.jdbc.JdbcRealm"> | |
<property name="dataSource" ref="dataSource"/> | |
<property name="credentialsMatcher"> | |
<!-- The 'bootstrapDataPopulator' Sha256 hashes the password | |
(using the username as the salt) then base64 encodes it: --> | |
<bean class="org.apache.ki.authc.credential.Sha256CredentialsMatcher"> | |
<!-- true means hex encoded, false means base64 encoded --> | |
<property name="storedCredentialsHexEncoded" value="false"/> | |
<!-- We salt the password using the username, the most common practice: --> | |
<property name="hashSalted" value="true"/> | |
</bean> | |
</property> | |
</bean> | |
<!-- ========================================================= | |
Apache Ki Spring-specific integration | |
========================================================= --> | |
<!-- Post processor that automatically invokes init() and destroy() methods | |
for Spring-configured Apache Ki objects so you don't have to | |
1) specify an init-method and destroy-method attributes for every bean | |
definition and | |
2) even know which Apache Ki objects require these methods to be | |
called. --> | |
<bean id="lifecycleBeanPostProcessor" class="org.apache.ki.spring.LifecycleBeanPostProcessor"/> | |
<!-- Enable Apache Ki Annotations for Spring-configured beans. Only run after | |
the lifecycleBeanProcessor has run: --> | |
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" | |
depends-on="lifecycleBeanPostProcessor"/> | |
<bean class="org.apache.ki.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> | |
<property name="securityManager" ref="securityManager"/> | |
</bean> | |
<!-- Secure Spring remoting: Ensure any Spring Remoting method invocations can be associated | |
with a Subject for security checks. --> | |
<bean id="secureRemoteInvocationExecutor" class="org.apache.ki.spring.remoting.SecureRemoteInvocationExecutor"> | |
<property name="securityManager" ref="securityManager"/> | |
</bean> | |
</beans> |