dcoraboeuf#285 Switching back to XML configuration for the back-end s…

…ecurity layer
cpf · Nov 29, 2013 · a0094dc · a0094dc
1 parent 53e878e
commit a0094dc
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 61 deletions.
diff --git a/ontrack-backend/src/main/java/net/ontrack/backend/config/BackendSecurityConfig.java b/ontrack-backend/src/main/java/net/ontrack/backend/config/BackendSecurityConfig.java
@@ -1,67 +1,9 @@
 package net.ontrack.backend.config;
 
-import net.ontrack.core.support.MapBuilder;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.config.BeanPostProcessor;
-import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.access.AccessDecisionManager;
-import org.springframework.security.access.ConfigAttribute;
-import org.springframework.security.access.SecurityConfig;
-import org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
-
-import java.util.Arrays;
-import java.util.List;
+import org.springframework.context.annotation.ImportResource;
 
 @Configuration
-@EnableGlobalMethodSecurity
-public class BackendSecurityConfig extends GlobalMethodSecurityConfiguration {
-
-    private final MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource = new MapBasedMethodSecurityMetadataSource();
-
-    @Autowired
-    private AccessDecisionManager accessDecisionManager;
-
-    @Autowired
-    private List<AuthenticationProvider> authenticationProviderList;
-
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        for (AuthenticationProvider authenticationProvider : authenticationProviderList) {
-            auth.authenticationProvider(authenticationProvider);
-        }
-    }
-
-    @Override
-    @Bean
-    public AuthenticationManager authenticationManager() throws Exception {
-        return super.authenticationManager();
-    }
-
-    @Override
-    protected AccessDecisionManager accessDecisionManager() {
-        return accessDecisionManager;
-    }
-
-    @Override
-    protected MapBasedMethodSecurityMetadataSource customMethodSecurityMetadataSource() {
-        return mapBasedMethodSecurityMetadataSource;
-    }
-
-    @Bean
-    public BeanPostProcessor protectPointcutPostProcessor() {
-        BackendProtectPointcutPostProcessor processor = new BackendProtectPointcutPostProcessor(mapBasedMethodSecurityMetadataSource);
-        processor.setPointcutMap(
-                MapBuilder.<String, List<ConfigAttribute>>create()
-                        .with("execution(@net.ontrack.core.security.ProjectGrant * net.ontrack.backend.*.*(..))", Arrays.<ConfigAttribute>asList(new SecurityConfig("project")))
-                        .with("execution(@net.ontrack.core.security.GlobalGrant * net.ontrack.backend.*.*(..))", Arrays.<ConfigAttribute>asList(new SecurityConfig("global")))
-                        .get()
-        );
-        return processor;
-    }
+@ImportResource("classpath:META-INF/spring/backend-security.xml")
+public class BackendSecurityConfig {
 }
diff --git a/ontrack-backend/src/main/resources/META-INF/spring/backend-security.xml b/ontrack-backend/src/main/resources/META-INF/spring/backend-security.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans xmlns="http://www.springframework.org/schema/security"
+             xmlns:beans="http://www.springframework.org/schema/beans"
+             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+             xsi:schemaLocation="
+http://www.springframework.org/schema/beans
+http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
+http://www.springframework.org/schema/security
+http://www.springframework.org/schema/security/spring-security-3.2.xsd">
+
+    <global-method-security access-decision-manager-ref="ontrackDecisionManager">
+        <protect-pointcut expression="execution(@net.ontrack.core.security.ProjectGrant * net.ontrack.backend.*.*(..))" access="project" />
+        <protect-pointcut expression="execution(@net.ontrack.core.security.GlobalGrant * net.ontrack.backend.*.*(..))" access="admin" />
+    </global-method-security>
+
+</beans:beans>