| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294 |
- <?xml version="1.0" encoding="UTF-8"?>
- <beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:mvc="http://www.springframework.org/schema/mvc"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:tx="http://www.springframework.org/schema/tx"
- xmlns:util="http://www.springframework.org/schema/util"
- xsi:schemaLocation="
- http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context
- http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/tx
- http://www.springframework.org/schema/tx/spring-tx.xsd
- http://www.springframework.org/schema/util
- http://www.springframework.org/schema/util/spring-util.xsd
- http://www.springframework.org/schema/mvc
- http://www.springframework.org/schema/mvc/spring-mvc.xsd">
-
- <!-- Authentication Extends support -->
- <!-- HttpHeader Support Start-->
- <bean id="httpHeaderSupport" class="org.maxkey.authn.support.httpheader.HttpHeaderConfig">
- <property name="enable" value="${config.support.httpheader.enable}"></property>
- <property name="headerName" value="${config.support.httpheader.headername}"></property>
- </bean>
-
- <mvc:interceptors>
- <mvc:interceptor>
- <mvc:mapping path="/*" />
- <bean class="org.maxkey.authn.support.httpheader.HttpHeaderEntryPoint" />
- </mvc:interceptor>
- </mvc:interceptors>
- <!-- HttpHeader Support End-->
-
- <!-- BASIC Support Start-->
- <mvc:interceptors>
- <mvc:interceptor>
- <mvc:mapping path="/*" />
- <bean class="org.maxkey.authn.support.basic.BasicEntryPoint" >
- <property name="enable" value="${config.support.basic.enable}"></property>
- </bean>
- </mvc:interceptor>
- </mvc:interceptors>
- <!-- BASIC Support End-->
-
- <!-- KERBEROS Support Start-->
- <bean id="kerberosService" class="org.maxkey.authn.support.kerberos.RemoteKerberosService">
- <property name="kerberosProxys" >
- <list>
- <!-- default -->
- <bean class="org.maxkey.authn.support.kerberos.KerberosProxy">
- <property name="userdomain" value="${config.support.kerberos.default.userdomain}"/>
- <property name="fullUserdomain" value="${config.support.kerberos.default.fulluserdomain}"/>
- <property name="crypto" value="${config.support.kerberos.default.crypto}"/>
- <property name="redirectUri" value="${config.support.kerberos.default.redirecturi}"/>
- </bean>
- </list>
- </property>
- </bean>
- <!-- KERBEROS Support End-->
-
- <!-- WsFederation Support Start -->
- <!--
- #identifier: the identifer for the ADFS server
- #url: the login url for ADFS
- #principal: the name of the attribute/assertion returned by ADFS that contains the principal's username.
- #relyingParty: the identifier of the CAS Server as it has been configured in ADFS.
- #tolerance: (optional) the amount of drift to allow when validating the timestamp on the token. Default: 10000 (ms)
- #attributeMutator: (optional) a class (defined by you) that can modify the attributes/assertions returned by the ADFS server
- #signingCertificate: ADFS's signing certificate used to validate the token/assertions issued by ADFS.
- -->
- <!--
- <bean id="wsFederationConfiguration" class="org.maxkey.authn.support.wsfederation.WsFederationConfiguration">
- <property name="identifier" value="${config.support.wsfederation.identifier}" />
- <property name="url" value="${config.support.wsfederation.url}" />
- <property name="logoutUrl" value="${config.support.wsfederation.logoutUrl}" />
- <property name="principal" value="${config.support.wsfederation.principal}" />
- <property name="relyingParty" value="${config.support.wsfederation.relyingParty}" />
- <property name="tolerance" value="${config.support.wsfederation.tolerance}" />
- <property name="upnSuffix" value="${config.support.wsfederation.upn.suffix}" />
- <property name="attributeMutator">
- <bean class="org.maxkey.authn.support.wsfederation.WsFedAttributeMutatorImpl" />
- </property>
- <property name="signingCertificates">
- <list>
- <value>classpath:${config.support.wsfederation.signingCertificate}</value>
- </list>
- </property>
- </bean>
-
- <bean id="wsFederationService" class="org.maxkey.authn.support.wsfederation.WsFederationServiceImpl">
- <property name="wsFederationConfiguration" ref="wsFederationConfiguration" />
- </bean>
- -->
- <!-- WsFederation Support End -->
-
- <!-- Social Sign On Support Start-->
- <!-- Social Sign On Endpoint-->
- <context:component-scan base-package="org.maxkey.web.authentication.support.socialsignon" />
-
-
- <bean id="socialSignOnWeibo" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider">
- <property name="provider" value="${config.socialsignon.sinaweibo.provider}"/>
- <property name="providerName" value="${config.socialsignon.sinaweibo.provider.name}"/>
- <property name="icon" value="${config.socialsignon.sinaweibo.icon}"/>
- <property name="clientId" value="${config.socialsignon.sinaweibo.client.id}"/>
- <property name="clientSecret" value="${config.socialsignon.sinaweibo.client.secret}"/>
- <property name="sortOrder" value="${config.socialsignon.sinaweibo.sortorder}"/>
- </bean>
-
- <bean id="socialSignOnGoogle" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider">
- <property name="provider" value="${config.socialsignon.google.provider}"/>
- <property name="providerName" value="${config.socialsignon.google.provider.name}"/>
- <property name="icon" value="${config.socialsignon.google.icon}"/>
- <property name="clientId" value="${config.socialsignon.google.client.id}"/>
- <property name="clientSecret" value="${config.socialsignon.google.client.secret}"/>
- <property name="sortOrder" value="${config.socialsignon.google.sortorder}"/>
- </bean>
-
- <bean id="socialSignOnQQ" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider">
- <property name="provider" value="${config.socialsignon.qq.provider}"/>
- <property name="providerName" value="${config.socialsignon.qq.provider.name}"/>
- <property name="icon" value="${config.socialsignon.qq.icon}"/>
- <property name="clientId" value="${config.socialsignon.qq.client.id}"/>
- <property name="clientSecret" value="${config.socialsignon.qq.client.secret}"/>
- <property name="sortOrder" value="${config.socialsignon.qq.sortorder}"/>
- </bean>
- <bean id="socialSignOnMicrosoft" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider">
- <property name="provider" value="${config.socialsignon.microsoft.provider}"/>
- <property name="providerName" value="${config.socialsignon.microsoft.provider.name}"/>
- <property name="icon" value="${config.socialsignon.microsoft.icon}"/>
- <property name="clientId" value="${config.socialsignon.microsoft.client.id}"/>
- <property name="clientSecret" value="${config.socialsignon.microsoft.client.secret}"/>
- <property name="sortOrder" value="${config.socialsignon.microsoft.sortorder}"/>
- </bean>
- <bean id="socialSignOnFacebook" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider">
- <property name="provider" value="${config.socialsignon.facebook.provider}"/>
- <property name="providerName" value="${config.socialsignon.facebook.provider.name}"/>
- <property name="icon" value="${config.socialsignon.facebook.icon}"/>
- <property name="clientId" value="${config.socialsignon.facebook.client.id}"/>
- <property name="clientSecret" value="${config.socialsignon.facebook.client.secret}"/>
- <property name="sortOrder" value="${config.socialsignon.facebook.sortorder}"/>
- </bean>
- <bean id="socialSignOndingtalk" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider">
- <property name="provider" value="${config.socialsignon.dingtalk.provider}"/>
- <property name="providerName" value="${config.socialsignon.dingtalk.provider.name}"/>
- <property name="icon" value="${config.socialsignon.dingtalk.icon}"/>
- <property name="clientId" value="${config.socialsignon.dingtalk.client.id}"/>
- <property name="clientSecret" value="${config.socialsignon.dingtalk.client.secret}"/>
- <property name="sortOrder" value="${config.socialsignon.dingtalk.sortorder}"/>
- </bean>
-
- <bean id="socialSignOnProviderService" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService">
- <property name="socialSignOnProviders" >
- <list>
- <ref bean="socialSignOnWeibo" />
- <ref bean="socialSignOnQQ"/>
- <ref bean="socialSignOnGoogle"/>
- <ref bean="socialSignOnMicrosoft"/>
- <ref bean="socialSignOnFacebook"/>
- <ref bean="socialSignOndingtalk"/>
-
- </list>
- </property>
- </bean>
-
- <bean id="socialsAssociateService" class="org.maxkey.authn.support.socialsignon.service.JdbcSocialsAssociateService">
- <constructor-arg ref="jdbcTemplate"/>
- </bean>
- <!-- Social Sign On Support End -->
-
- <!-- enable autowire -->
- <context:annotation-config />
-
- <!-- language select must remove -->
- <mvc:annotation-driven />
-
- <!-- web Controller InterceptorAdapter -->
- <mvc:interceptors>
- <!-- web Controller InterceptorAdapter for platform permission -->
- <mvc:interceptor>
- <!-- for permission -->
- <mvc:mapping path="/index*/**" />
- <mvc:mapping path="/logs*/**" />
- <mvc:mapping path="/userinfo*/**" />
- <mvc:mapping path="/profile*/**" />
- <mvc:mapping path="/safe*/**" />
- <mvc:mapping path="/historys*/**" />
- <mvc:mapping path="/appList*/**" />
- <bean class="org.maxkey.web.interceptor.PermissionAdapter" />
- </mvc:interceptor>
- <!-- web Controller InterceptorAdapter for platform log -->
- <mvc:interceptor>
- <mvc:mapping path="/users/*" />
- <mvc:mapping path="/userinfo/*" />
- <mvc:mapping path="/authInfo/*" />
- <mvc:mapping path="/retrievePassword/*"/>
- <bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
- </mvc:interceptor>
- <!-- web Controller sso Adapter -->
- <mvc:interceptor>
- <mvc:mapping path="/authz/basic/*" />
- <mvc:mapping path="/authz/ltpa/*" />
- <mvc:mapping path="/authz/desktop/*" />
- <mvc:mapping path="/authz/formbased/*" />
- <mvc:mapping path="/authz/tokenbased/*"/>
- <mvc:mapping path="/authz/saml20/idpinit/*"/>
- <mvc:mapping path="/authz/saml20/assertion"/>
- <mvc:mapping path="/authz/cas/login"/>
- <mvc:mapping path="/authz/cas/granting"/>
- <bean class="org.maxkey.web.interceptor.PreLoginAppAdapter" />
- </mvc:interceptor>
- <!-- web Controller sso Adapter -->
- <mvc:interceptor>
- <mvc:mapping path="/authz/basic/*" />
- <mvc:mapping path="/authz/ltpa/*" />
- <mvc:mapping path="/authz/desktop/*" />
- <mvc:mapping path="/authz/formbased/*" />
- <mvc:mapping path="/authz/tokenbased/*"/>
- <mvc:mapping path="/authz/saml20/idpinit/*"/>
- <mvc:mapping path="/authz/saml20/assertion"/>
- <mvc:mapping path="/authz/cas/granting"/>
- <bean class="org.maxkey.web.interceptor.HistoryLoginAppAdapter" />
- </mvc:interceptor>
- <ref bean="localeChangeInterceptor" />
- </mvc:interceptors>
- <bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
- </bean>
- <!--
- <bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
- </bean>
- -->
-
- <!-- for Forgot Password -->
- <bean id="tfaMailOptAuthn" class="org.maxkey.crypto.password.opt.impl.MailOtpAuthn">
- </bean>
-
- <bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
- </bean>
- <!-- LDAP Realm
- <bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
- <constructor-arg ref="jdbcTemplate"/>
- <property name="ldapServers">
- <list>
- <bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
- <property name="ldapUtils">
- <bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
- <property name="providerUrl" value="ldap://localhost:389"></property>
- <property name="principal" value="cn=root"></property>
- <property name="credentials" value="rootroot"></property>
- <property name="baseDN" value="dc=connsec,dc=com"></property>
- </bean>
- </property>
- <property name="filterAttribute" value="uid"></property>
- </bean>
- </list>
- </property>
- </bean> -->
-
- <!-- Active Directory Realm
- <bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
- <constructor-arg ref="jdbcTemplate"/>
- <property name="activeDirectoryServers">
- <list>
- <bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
- <property name="activeDirectoryUtils">
- <bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
- <property name="providerUrl" value="ldap://localhost:389"></property>
- <property name="principal" value="cn=root"></property>
- <property name="credentials" value="rootroot"></property>
- <property name="domain" value="connsec"></property>
- </bean>
- </property>
- </bean>
- </list>
- </property>
- </bean> -->
-
- <!-- Default Realm-->
- <!-- realm use jdbc -->
- <bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
- <constructor-arg ref="jdbcTemplate"/>
- </bean>
-
- <mvc:annotation-driven />
- <mvc:default-servlet-handler />
-
- </beans>
|
