SuperX
/
kern
7
0
Fork 0
Code Issues 9 Pull Requests Projects Releases Wiki Activity
SuperX-Kernmodul
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
127 Commits
10 Branches
0 Tags
1.3 GiB
 
 
 
 
 
 
Tree: 4a89c6ec82
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4a89c6ec82'
${ noResults }
kern/superx/WEB-INF/saiku/applicationContext-saiku-we...

109 lines
6.1 KiB
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:b="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<b:import resource="applicationContext-spring-security.xml" />
<mvc:annotation-driven />
<mvc:cors>
<mvc:mapping
path="/api/**"
allowed-origins="*" allowed-headers="Content-Type, content-type, x-requested-with, Access-Control-Allow-Origin, Access-Control-Allow-Headers, x-auth-token, x-app-id, Origin,Accept, X-Requested-With, Access-Control-Request-Method, Access-Control-Request-Headers"
allowed-methods="*"
exposed-headers="x-auth-token, Access-Control-Allow-Origin" />
</mvc:cors>
<global-method-security secured-annotations="disabled" pre-post-annotations="enabled">
</global-method-security>
<http auto-config='false'
entry-point-ref="http403ForbiddenEntryPoint"
use-expressions="true"
create-session="never">
<headers>
<frame-options policy="SAMEORIGIN" />
</headers>
<access-denied-handler error-page="/403.jsp" />
<!-- wird von Spring nicht in allen Fällen berücksichtigt, daher auch in web.xml als errorpage für 403 hinterlegt -->
<csrf disabled="false" request-handler-ref="requestHandler" request-matcher-ref="csrfMatcher" token-repository-ref="tokenRepository" />
<cors />
<!-- fuer Superx-Standalone-->
<intercept-url pattern="/403.jsp" access="permitAll"/>
<intercept-url pattern="/doku/**" access="permitAll" />
<intercept-url pattern="/xml/index.*" access="permitAll"/>
<intercept-url pattern="/xml/css/**" access="permitAll"/>
<intercept-url pattern="/xml/font/**" access="permitAll"/>
<intercept-url pattern="/xml/js/**" access="permitAll"/>
<intercept-url pattern="/index.*" access="permitAll"/>
<intercept-url pattern="/images/**" access="permitAll"/>
<intercept-url pattern="/style/**" access="permitAll"/>
<!-- bis hier -->
<!--
Allow all HTTP OPTIONS requests to /api/** without authentication.
This permits CORS preflight requests to pass through unrestricted,
which is essential for cross-origin requests to succeed.
-->
<intercept-url pattern="/api/**" method="OPTIONS" access="permitAll" />
<intercept-url pattern="/api/**" access="isAuthenticated()" />
<intercept-url pattern="/rest/saiku/session*" access="isAuthenticated()" />
<intercept-url pattern="/rest/**" access="permitAll" />
<intercept-url pattern="/json/**" access="permitAll" />
<intercept-url pattern="/test/**" access="isAuthenticated()" />
<intercept-url pattern="/html/**" access="isAuthenticated()" />
<intercept-url pattern="/dbt/projects/hisinone/transform/target/**" access="isAuthenticated()" />
<intercept-url pattern="/xml/*.css" access="permitAll" />
<intercept-url pattern="/xml/his1/index.jsp*" access="permitAll"/>
<intercept-url pattern="/xml/his1/css/**" access="permitAll"/>
<intercept-url pattern="/xml/his1/images/**" access="permitAll"/>
<intercept-url pattern="/xml/his1/fonts/**" access="permitAll"/>
<intercept-url pattern="/xml/js/**" access="permitAll"/>
<intercept-url pattern="/xml/**" access="isAuthenticated()"/>
<intercept-url pattern="/*/custom/**" access="isAuthenticated()"/>
<intercept-url pattern="/servlet/**" access="permitAll" />
<intercept-url pattern="/saiku" access="permitAll" />
<intercept-url pattern="/saiku/**" access="isAuthenticated()" />
<intercept-url pattern="/edit/**" access="isAuthenticated()" />
<intercept-url pattern="/dbformslib/**" access="isAuthenticated()" />
<intercept-url pattern="/**" access="denyAll" />
<logout logout-url="/logout"/>
<custom-filter ref="characterEncodingFilter" after="FIRST"/>
<custom-filter ref="sxGastAnmeldungFilter" after="ANONYMOUS_FILTER" />
<custom-filter position="PRE_AUTH_FILTER" ref="sxSessionAuthenticationFilter" />
<custom-filter after="SESSION_MANAGEMENT_FILTER" ref="sessionCookieFilter" />
</http>
<b:bean id="sxGastAnmeldungFilter" class="de.superx.saiku.SuperXGastAnmeldungFilter">
<b:constructor-arg index="0" value="superx_bi"/>
</b:bean>
<!-- SuperX Session pre-authentication -->
<b:bean id="sxSessionAuthenticationFilter" class="de.superx.saiku.SuperxPreAuthenticatedProcessingFilter">
<b:property name="authenticationManager" ref="authenticationManager"/>
</b:bean>
<b:bean id="http403ForbiddenEntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />
<b:bean id="csrfMatcher" class="de.superx.spring.CsRfRequestMatcher" />
<b:bean id="tokenRepository" class="org.springframework.security.web.csrf.CookieCsrfTokenRepository"
p:cookieHttpOnly="false" />
<b:bean id="characterEncodingFilter" class="org.springframework.web.filter.CharacterEncodingFilter">
<b:property name="encoding" value="utf-8" />
<b:property name="forceEncoding" value="true" />
</b:bean>
<b:bean id="sessionCookieFilter" class="de.superx.spring.SessionCookieFilter" />
<b:bean id="requestHandler" class="org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler"/>
</b:beans>