dromara
/
MaxKey
-ын хуулбар https://gitee.com/dromara/MaxKey.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196
							<?xml version="1.0" encoding="UTF-8" ?>
<beans 	xmlns="http://www.springframework.org/schema/beans"
		xmlns:context="http://www.springframework.org/schema/context"
		xmlns:mvc="http://www.springframework.org/schema/mvc"
		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
		xmlns:p="http://www.springframework.org/schema/p"
		xmlns:util="http://www.springframework.org/schema/util"
		xsi:schemaLocation="
	        http://www.springframework.org/schema/beans 
			http://www.springframework.org/schema/beans/spring-beans.xsd
			http://www.springframework.org/schema/context 
			http://www.springframework.org/schema/context/spring-context.xsd
	        http://www.springframework.org/schema/util     
	        http://www.springframework.org/schema/util/spring-util.xsd
	        http://www.springframework.org/schema/mvc 
			http://www.springframework.org/schema/mvc/spring-mvc.xsd">
			
	<!-- enable autowire -->
    <context:annotation-config />
    <!-- language select must remove -->
	<mvc:annotation-driven />
  
	 <!-- 
	 * Self-issued Provider Metadata
	 *
	 * http://openid.net/specs/openid-connect-core-1_0.html#SelfIssued 
	 * -->
	<bean id="oidcProviderMetadata" class="org.maxkey.config.oidc.OIDCProviderMetadataDetails">
		<property name="issuer" value="${config.oidc.metadata.issuer}" />
		<property name="authorizationEndpoint" value="${config.oidc.metadata.authorizationEndpoint}" />
		<property name="tokenEndpoint" value="${config.oidc.metadata.tokenEndpoint}" />
		<property name="userinfoEndpoint" value="${config.oidc.metadata.userinfoEndpoint}" />
	</bean>
	
	<bean id="jwkSetKeyStore" class="org.maxkey.crypto.jose.keystore.JWKSetKeyStore">
		<property name="location" value="classpath:config/keystore.jwks" />
	</bean>
	
	<bean id="jwtSignerValidationService" class="org.maxkey.crypto.jwt.signer.service.impl.DefaultJwtSigningAndValidationService">
		<constructor-arg name="keyStore" ref="jwkSetKeyStore" />
		<property name="defaultSignerKeyId" value="maxkey_rsa" />
 		<property name="defaultSigningAlgorithmName" value="RS256" />
	</bean>

	<bean id="jwtEncryptionService" class="org.maxkey.crypto.jwt.encryption.service.impl.DefaultJwtEncryptionAndDecryptionService">
		<constructor-arg name="keyStore" ref="jwkSetKeyStore" />
		<property name="defaultAlgorithm" value="RSA1_5" />
		<property name="defaultDecryptionKeyId" value="maxkey_rsa" />
		<property name="defaultEncryptionKeyId" value="maxkey_rsa" />
	</bean>

	<bean id="jwtLoginService" class="org.maxkey.authn.support.jwt.JwtLoginService">
		<property name="jwtSignerValidationService" ref="jwtSignerValidationService" />
 		<property name="jwtProviderMetadata"  ref="oidcProviderMetadata" />
	</bean>
		
	<!-- web Controller InterceptorAdapter  -->
	<mvc:interceptors>
		<!-- web Controller InterceptorAdapter for platform permission  -->
		<mvc:interceptor>
			<mvc:mapping path="/main*/**" />
			<mvc:mapping path="/main*/**" />
			<mvc:mapping path="/orgs*/**" />
			<mvc:mapping path="/userinfo*/**" />
			<mvc:mapping path="/apps*/**" />
			<mvc:mapping path="/app*/**" />
			<mvc:mapping path="/groups*/**" />
			<mvc:mapping path="/groupMember*/**" />
			<mvc:mapping path="/groupPrivileges*/**" />
			<mvc:mapping path="/config*/**" />
			<mvc:mapping path="/logs*/**" />
			
			<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
		</mvc:interceptor>	
		<!-- web Controller InterceptorAdapter for platform log  -->
		<mvc:interceptor>
			<mvc:mapping path="/users/*" /> 
			<mvc:mapping path="/userinfo/*" />
			<mvc:mapping path="/enterprises/*" />
			<mvc:mapping path="/employees/*" />
			<mvc:mapping path="/authInfo/*" />
			<mvc:mapping path="/usercenter/*"/>
			<mvc:mapping path="/retrievePassword/*"/>
			<mvc:mapping path="/roles/*"/>
			<mvc:mapping path="/applications/*"/>
			<mvc:mapping path="/approles/*"/>
			<bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
		</mvc:interceptor>
		
		 <ref bean="localeChangeInterceptor" />
	</mvc:interceptors>
    <!-- 
     <bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
		<constructor-arg ref="jdbcTemplate"/>
		<property name="validity" value="${config.login.remeberme.validity}"/>
	</bean>
	 -->
	<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.InMemoryRemeberMeService">
	</bean>	
	
	<bean id="timeBasedKeyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
		<property name="type" value="totp" />
		<property name="digits" value="6" />
		<property name="issuer" value="maxkey" />
		<property name="domain" value="maxkey.org" />
		<property name="period" value="30" />
		
	</bean>
	
	<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
		<constructor-arg ref="jdbcTemplate" /> 
	</bean>
	
	<!-- Authentication Password Encoder Config -->
	<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>   
	
	<bean id="passwordReciprocal" class="org.maxkey.crypto.password.PasswordReciprocal"></bean>
	
	<!-- Captcha Producer  Config -->
	<bean id="captchaProducer" class="com.google.code.kaptcha.impl.DefaultKaptcha">
        <property name="config">
                <bean class="com.google.code.kaptcha.util.Config">
                        <constructor-arg type="java.util.Properties">
                                <props>
                                        <prop key="kaptcha.image.width">70</prop> 
                                        <prop key="kaptcha.image.height">25</prop>
                                        <prop key="kaptcha.border">no</prop>
                                        <prop key="kaptcha.obscurificator.impl">com.google.code.kaptcha.impl.ShadowGimpy</prop>
                                        <prop key="kaptcha.textproducer.font.size">23</prop>
                                        <prop key="kaptcha.textproducer.char.string">0123456789</prop>
                                        <prop key="kaptcha.textproducer.char.length">4</prop>
                                        <prop key="kaptcha.noise.impl">com.google.code.kaptcha.impl.NoNoise</prop>
                                        <!-- <prop key="kaptcha.noise.color">white</prop>
                                          -->
                                </props>
                        </constructor-arg>
                </bean>
        </property>
	</bean>

   	<bean id="savedRequestSuccessHandler" class="org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler"> </bean>

	<!-- LDAP Realm 
	<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
		<constructor-arg ref="jdbcTemplate"/>
		<property name="ldapServers">
			<list>
				<bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
					<property name="ldapUtils">
						<bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
							<property name="providerUrl" value="ldap://localhost:389"></property>
							<property name="principal" value="cn=root"></property>
							<property name="credentials" value="rootroot"></property>
							<property name="baseDN" value="dc=connsec,dc=com"></property>
						</bean>
					</property>
					<property name="filterAttribute" value="uid"></property>
				</bean>	
			</list>
		</property>
	</bean> -->
	
	<!-- Active Directory  Realm 
	<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
		<constructor-arg ref="jdbcTemplate"/>
		<property name="activeDirectoryServers">
			<list>
				<bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
					<property name="activeDirectoryUtils">
						<bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
							<property name="providerUrl" value="ldap://localhost:389"></property>
							<property name="principal" value="cn=root"></property>
							<property name="credentials" value="rootroot"></property>
							<property name="domain" value="connsec"></property>
						</bean>
					</property>
				</bean>	
			</list>
		</property>
	</bean> -->
	
	<!-- Default Realm-->
	<!-- realm use jdbc -->
	<bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
		<constructor-arg ref="jdbcTemplate"/>
	</bean>
	
	<!-- Authentication providers -->
    <bean id="authenticationProvider" class="org.maxkey.authn.RealmAuthenticationProvider" >
    </bean>

	<mvc:annotation-driven />

	<mvc:default-servlet-handler />

</beans>