Expressions for /api/v0

c84e52e8 · Matija Obreza · 120082ce · c84e52e8
Commit c84e52e8 authored Oct 02, 2013 by Matija Obreza
Hide whitespace changes
Inline Side-by-side

Showing with 21 additions and 7 deletions

src/main/resources/spring/spring-security-oauth.xml src/main/resources/spring/spring-security-oauth.xml +21 -7

No files found.
--- a/src/main/resources/spring/spring-security-oauth.xml
+++ b/src/main/resources/spring/spring-security-oauth.xml
@@ -4,6 +4,16 @@
                           http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
                           http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

+	<!-- <bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased" xmlns="http://www.springframework.org/schema/beans">
+		<constructor-arg>
+			<list>
+				<bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
+				<bean class="org.springframework.security.access.vote.RoleVoter" />
+				<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
+			</list>
+		</constructor-arg>
+	</bean> -->
+
 	<bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />

 	<bean id="clientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
@@ -20,9 +30,9 @@
 		<property name="clientDetailsService" ref="clientDetails" />
 	</bean>

-    <sec:authentication-manager id="clientAuthenticationManager">
-        <sec:authentication-provider user-service-ref="clientDetailsUserService" />
-    </sec:authentication-manager>
+	<sec:authentication-manager id="clientAuthenticationManager">
+		<sec:authentication-provider user-service-ref="clientDetailsUserService" />
+	</sec:authentication-manager>

 	<oauth:authorization-server client-details-service-ref="clientDetails" token-services-ref="tokenServices">
 		<oauth:authorization-code />
@@ -54,14 +64,18 @@
 		<sec:access-denied-handler ref="oauthAccessDeniedHandler" />
 		<sec:expression-handler ref="oauthWebExpressionHandler" />
 	</sec:http>
-	
-	<sec:http pattern="/api/v0/.*" authentication-manager-ref="clientAuthenticationManager" request-matcher="regex" create-session="stateless" entry-point-ref="oauthAuthenticationEntryPoint" use-expressions="true" xmlns="http://www.springframework.org/schema/security">
+
+	<sec:http pattern="/api/v0/.*" authentication-manager-ref="clientAuthenticationManager" request-matcher="regex" create-session="stateless" entry-point-ref="oauthAuthenticationEntryPoint" use-expressions="true"
+		xmlns="http://www.springframework.org/schema/security">
 		<sec:anonymous enabled="false" />
+		<sec:intercept-url pattern="/api/v0/.*" access="isAuthenticated()" />
+		<sec:intercept-url pattern="/**" access="denyAll()" />
 		<sec:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<sec:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
 		<sec:access-denied-handler ref="oauthAccessDeniedHandler" />
 		<sec:expression-handler ref="oauthWebExpressionHandler" />
 	</sec:http>
-	
+
 	<bean id="oauthAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
 		<property name="realmName" value="genesys2" />
 	</bean>
@@ -72,7 +86,7 @@
 	</bean>

 	<bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
-        <property name="authenticationManager" ref="clientAuthenticationManager" />
+		<property name="authenticationManager" ref="clientAuthenticationManager" />
 	</bean>

 </beans>