GitLab wurde erfolgreich aktualisiert. Durch regelmäßige Updates bleibt das THM GitLab sicher. Danke für Ihre Geduld.

Commit 24ce741d authored by Julian Hochstetter's avatar Julian Hochstetter

upgrade to spring 3.1.2 and spring-security 3.1.1

switch to oauth2 authentication which allows facebook, twitter, google
etc authentication
parent c030c089
......@@ -6,7 +6,8 @@
<version>2.0.0-SNAPSHOT</version>
<packaging>war</packaging>
<properties>
<spring.version>3.0.7.RELEASE</spring.version>
<org.springframework-version>3.1.2.RELEASE</org.springframework-version>
<org.springframework.security-version>3.1.0.RELEASE</org.springframework.security-version>
</properties>
<repositories>
<repository>
......@@ -19,7 +20,12 @@
<name>THM Maven Mirror</name>
<url>http://maven.mni.thm.de/content/groups/public</url>
</repository>
</repositories>
<repository>
<id>sonatype-snapshots</id>
<name>Sonatype Snapshot Repository</name>
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
</repository>
</repositories>
<dependencies>
<dependency>
<groupId>de.thm.arsnova</groupId>
......@@ -33,40 +39,44 @@
<version>1.8.0</version>
<type>war</type>
</dependency>
<!-- Spring -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${spring.version}</version>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${org.springframework-version}</version>
<exclusions>
<!-- Exclude Commons Logging in favor of SLF4j -->
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas-client</artifactId>
<version>${spring.version}</version>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<!-- Security -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring.version}</version>
<version>${org.springframework.security-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-openid</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-facebook</artifactId>
<version>1.0.1.RELEASE</version>
<artifactId>spring-security-web</artifactId>
<version>${org.springframework.security-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-twitter</artifactId>
<version>1.0.2.RELEASE</version>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>${org.springframework.security-version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas</artifactId>
<version>${org.springframework.security-version}</version>
</dependency>
<dependency>
<groupId>jstl</groupId>
......@@ -113,7 +123,7 @@
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
<version>${org.springframework-version}</version>
</dependency>
<dependency>
<groupId>junit</groupId>
......@@ -121,6 +131,13 @@
<version>4.10</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>
com.github.leleuj.springframework.security
</groupId>
<artifactId>spring-security-oauth-client</artifactId>
<version>1.0.0-SNAPSHOT</version>
</dependency>
</dependencies>
<build>
<plugins>
......
......@@ -18,109 +18,101 @@
*/
package de.thm.arsnova;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.scribe.up.provider.impl.FacebookProvider;
import org.scribe.up.provider.impl.Google2Provider;
import org.scribe.up.provider.impl.TwitterProvider;
import org.scribe.up.session.HttpUserSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
import org.springframework.security.cas.authentication.CasAuthenticationToken;
import org.springframework.security.cas.web.CasAuthenticationEntryPoint;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.token.Sha512DigestUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
import de.thm.arsnova.entities.User;
import de.thm.arsnova.services.IUserService;
@Controller
public class LoginController {
@Autowired
TwitterProvider twitterProvider;
public static final Logger logger = LoggerFactory.getLogger(LoginController.class);
@Autowired
Google2Provider googleProvider;
@RequestMapping(method = RequestMethod.GET, value = "/doCasLogin")
public ModelAndView doCasLogin(HttpServletRequest request) {
String referer = request.getHeader("referer");
String target = "";
if (referer != null && referer.endsWith("dojo-index.html")) {
target = "dojo-index.html";
}
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if(authentication == null) {
return null;
}
User user = (User) authentication.getPrincipal();
logger.info("CAS Login for: " + user.getUsername());
return new ModelAndView("redirect:/" + target + "#auth/checkCasLogin/" + user.getUsername());
}
@Autowired
FacebookProvider facebookProvider;
@RequestMapping(method = RequestMethod.GET, value = "/doOpenIdLogin")
public ModelAndView doOpenIdLogin() {
String userHash = hashUser();
logger.info("OpenID Login for user with hash " + userHash);
return new ModelAndView("redirect:/#auth/checkCasLogin/" + userHash);
}
@Autowired
CasAuthenticationEntryPoint casEntryPoint;
@Autowired
IUserService userService;
@RequestMapping(method = RequestMethod.GET, value = "/doGuestLogin")
public ModelAndView doGuestLogin(final HttpServletRequest request) {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new GrantedAuthorityImpl("ROLE_GUEST"));
String username = "Guest" + Sha512DigestUtils.shaHex(request.getSession().getId()).substring(0, 10);
User user = new User(username, "", true, true, true, true, authorities);
Authentication token = new UsernamePasswordAuthenticationToken(user, null, authorities);
SecurityContextHolder.getContext().setAuthentication(token);
request.getSession(true).setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
public static final Logger logger = LoggerFactory
.getLogger(LoginController.class);
String userHash = hashUser();
logger.info("Guest Login for user " + user);
return new ModelAndView("redirect:/#auth/checkCasLogin/" + userHash);
@RequestMapping(method = RequestMethod.GET, value = "/doLogin")
public ModelAndView doLogin(@RequestParam("type") String type, HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
if("cas".equals(type)) {
casEntryPoint.commence(request, response, null);
} else if("twitter".equals(type)) {
String authUrl = twitterProvider.getAuthorizationUrl(new HttpUserSession(request));
return new ModelAndView("redirect:" + authUrl);
} else if("facebook".equals(type)) {
String authUrl = facebookProvider.getAuthorizationUrl(new HttpUserSession(request));
return new ModelAndView("redirect:" + authUrl);
} else if("google".equals(type)) {
String authUrl = googleProvider.getAuthorizationUrl(new HttpUserSession(request));
return new ModelAndView("redirect:" + authUrl);
} else if("guest".equals(type)) {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new SimpleGrantedAuthority("ROLE_GUEST"));
String username = "Guest" + Sha512DigestUtils.shaHex(request.getSession().getId()).substring(0, 10);
org.springframework.security.core.userdetails.User user =
new org.springframework.security.core.userdetails.User(username, "", true, true, true, true, authorities);
Authentication token = new UsernamePasswordAuthenticationToken(user, null, authorities);
SecurityContextHolder.getContext().setAuthentication(token);
request.getSession(true).setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
return new ModelAndView("redirect:/#auth/checkLogin");
}
return null;
}
@RequestMapping(method = RequestMethod.GET, value = "/whoami")
@ResponseBody
public String whoami() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if(authentication == null || authentication.getPrincipal() == null) {
return null;
}
return authentication.getPrincipal().toString();
public User whoami() {
return userService.getUser(SecurityContextHolder.getContext().getAuthentication());
}
@RequestMapping(method = RequestMethod.GET, value = "/logout")
public ModelAndView doLogout(final HttpServletRequest request) {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
request.getSession().invalidate();
if(auth instanceof CasAuthenticationToken) {
if (auth instanceof CasAuthenticationToken) {
return new ModelAndView("redirect:/j_spring_cas_security_logout");
}
return new ModelAndView("redirect:/");
}
private String hashUser() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
String userHash;
try {
User user = (User) authentication.getPrincipal();
userHash = new ShaPasswordEncoder(256).encodePassword(user.getUsername(), "");
} catch (ClassCastException e) {
// Principal is of type String
userHash = new ShaPasswordEncoder(256).encodePassword(
(String)authentication.getPrincipal(),
""
);
}
return userHash;
}
}
package de.thm.arsnova.entities;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.scribe.up.profile.facebook.FacebookProfile;
import org.scribe.up.profile.google.Google2Profile;
import org.scribe.up.profile.twitter.TwitterProfile;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
public class User {
private String username;
public User(Google2Profile profile) {
setUsername(profile.getEmail());
}
public User(TwitterProfile profile) {
setUsername(profile.getScreenName());
}
public User(FacebookProfile profile) {
setUsername(profile.getLink());
}
public User(AttributePrincipal principal) {
setUsername(principal.getName());
}
public User(AnonymousAuthenticationToken token) {
setUsername("anonymous");
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
}
package de.thm.arsnova.services;
import org.springframework.security.core.Authentication;
import de.thm.arsnova.entities.User;
public interface IUserService {
User getUser(Authentication authentication);
}
package de.thm.arsnova.services;
import org.scribe.up.profile.facebook.FacebookProfile;
import org.scribe.up.profile.google.Google2Profile;
import org.scribe.up.profile.twitter.TwitterProfile;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.cas.authentication.CasAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Service;
import com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationToken;
import de.thm.arsnova.entities.User;
@Service
public class UserService implements IUserService {
@Override
public User getUser(Authentication authentication) {
if (authentication == null || authentication.getPrincipal() == null) {
return null;
}
if(authentication instanceof OAuthAuthenticationToken) {
OAuthAuthenticationToken token = (OAuthAuthenticationToken) authentication;
if(token.getUserProfile() instanceof Google2Profile) {
Google2Profile profile = (Google2Profile) token.getUserProfile();
return new User(profile);
} else if(token.getUserProfile() instanceof TwitterProfile) {
TwitterProfile profile = (TwitterProfile) token.getUserProfile();
return new User(profile);
} else if(token.getUserProfile() instanceof FacebookProfile) {
FacebookProfile profile = (FacebookProfile) token.getUserProfile();
return new User(profile);
}
} else if (authentication instanceof CasAuthenticationToken) {
CasAuthenticationToken token = (CasAuthenticationToken) authentication;
return new User(token.getAssertion().getPrincipal());
} else if(authentication instanceof AnonymousAuthenticationToken){
AnonymousAuthenticationToken token = (AnonymousAuthenticationToken) authentication;
return new User(token);
}
return null;
}
}
......@@ -3,10 +3,10 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.4.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<context:component-scan base-package="de.thm.arsnova" />
<context:annotation-config />
......
......@@ -5,10 +5,10 @@
xmlns:security="http://www.springframework.org/schema/security"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.4.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<context:component-scan base-package="de.thm.arsnova" />
<context:annotation-config />
......
......@@ -3,12 +3,13 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<bean id="propertyPlaceholderConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"
p:ignoreUnresolvablePlaceholders="false">
p:ignoreUnresolvablePlaceholders="false"
p:ignoreResourceNotFound="true">
<property name="locations" >
<list>
<value>config.properties.example</value>
......@@ -22,19 +23,4 @@
<context:component-scan base-package="de.thm.arsnova" />
<context:annotation-config />
<bean id="connectionFactoryLocator"
class="org.springframework.social.connect.support.ConnectionFactoryRegistry">
<property name="connectionFactories">
<list>
<bean
class="org.springframework.social.facebook.connect.FacebookConnectionFactory">
<!-- constructor-arg value="${facebook.clientId}" />
<constructor-arg value="${facebook.clientSecret}" /-->
<constructor-arg value="clientId" />
<constructor-arg value="clientSecret" />
</bean>
</list>
</property>
</bean>
</beans>
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<context:component-scan base-package="de.thm.arsnova" />
<context:annotation-config />
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="facebookAuthProvider" />
<security:authentication-provider ref="twitterAuthProvider" />
<security:authentication-provider ref="googleAuthProvider" />
<security:authentication-provider ref="casAuthenticationProvider" />
</security:authentication-manager>
<sec:http entry-point-ref="casEntryPoint" disable-url-rewriting="true">
<sec:intercept-url pattern="/j_spring_security_check"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<sec:intercept-url pattern="/doCasLogin" access="ROLE_USER" />
<sec:custom-filter ref="casAuthenticationFilter" position="CAS_FILTER" />
<sec:openid-login user-service-ref="openidUserDetailsService"
default-target-url="${security.openid-target-url}" />
<sec:custom-filter ref="singleSignOutFilter" before="CAS_FILTER"/>
<sec:custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER"/>
</sec:http>
<security:http entry-point-ref="facebookEntryPoint">
<security:custom-filter ref="facebookFilter" before="CAS_FILTER" />
<security:custom-filter ref="twitterFilter" after="CAS_FILTER" />
<security:custom-filter ref="googleFilter" before="FORM_LOGIN_FILTER" />
<security:custom-filter ref="casAuthenticationFilter" position="CAS_FILTER" />
<security:custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" />
</security:http>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="casAuthenticationProvider" />
</sec:authentication-manager>
<bean id="casAuthenticationFilter"
<!-- ######################### FACEBOOK ######################### -->
<bean id="facebookEntryPoint" class="com.github.leleuj.ss.oauth.client.web.OAuthAuthenticationEntryPoint"
p:provider-ref="facebookProvider" />
<bean id="facebookProvider" class="org.scribe.up.provider.impl.FacebookProvider"
p:key="${security.facebook.key}"
p:secret="${security.facebook.secret}"
p:callbackUrl="${security.arsnova-url}/j_spring_facebook_security_check" />
<bean id="facebookFilter" class="com.github.leleuj.ss.oauth.client.web.OAuthAuthenticationFilter"
p:filterProcessesUrl="/j_spring_facebook_security_check"
p:provider-ref="facebookProvider"
p:authenticationManager-ref="authenticationManager"
p:authenticationFailureHandler-ref="failureHandler"
p:authenticationSuccessHandler-ref="successHandler" />
<bean id="facebookAuthProvider" class="com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationProvider"
p:provider-ref="facebookProvider" />
<!-- ######################### TWITTER ######################### -->
<bean id="twitterProvider" class="org.scribe.up.provider.impl.TwitterProvider"
p:key="${security.twitter.key}"
p:secret="${security.twitter.secret}"
p:callbackUrl="${security.arsnova-url}/j_spring_twitter_security_check" />
<bean id="twitterFilter" class="com.github.leleuj.ss.oauth.client.web.OAuthAuthenticationFilter"
p:filterProcessesUrl="/j_spring_twitter_security_check"
p:provider-ref="twitterProvider"
p:authenticationManager-ref="authenticationManager"
p:authenticationFailureHandler-ref="failureHandler"
p:authenticationSuccessHandler-ref="successHandler" />
<bean id="twitterAuthProvider" class="com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationProvider"
p:provider-ref="twitterProvider" />
<!-- ######################### GOOGLE ######################### -->
<bean id="googleProvider" class="org.scribe.up.provider.impl.Google2Provider"
p:key="${security.google.key}"
p:secret="${security.google.secret}"
p:scope-ref="googleScope"
p:callbackUrl="${security.arsnova-url}/j_spring_google_security_check" />
<bean id="googleScope" class="org.scribe.up.provider.impl.Google2Provider.Google2Scope" factory-method="valueOf">
<constructor-arg index="0" value="EMAIL" />
</bean>
<bean id="googleFilter" class="com.github.leleuj.ss.oauth.client.web.OAuthAuthenticationFilter"
p:filterProcessesUrl="/j_spring_google_security_check"
p:provider-ref="googleProvider"
p:authenticationManager-ref="authenticationManager"
p:authenticationFailureHandler-ref="failureHandler"
p:authenticationSuccessHandler-ref="successHandler" />
<bean id="googleAuthProvider" class="com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationProvider"
p:provider-ref="googleProvider" />
<!-- ######################### CAS ######################### -->
<bean id="casAuthenticationFilter"
class="org.springframework.security.cas.web.CasAuthenticationFilter"
p:authenticationManager-ref="authenticationManager" />
p:authenticationManager-ref="authenticationManager"
p:authenticationFailureHandler-ref="failureHandler"
p:authenticationSuccessHandler-ref="successHandler" />
<bean id="casEntryPoint"
class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"
......@@ -38,7 +99,7 @@
<bean id="casServiceProperties"
class="org.springframework.security.cas.ServiceProperties"
p:service="${security.cas-check-url}"
p:service="${security.arsnova-url}/j_spring_cas_security_check"
p:sendRenew="false" />
<bean id="casAuthenticationProvider"
......@@ -52,8 +113,7 @@
<bean id="casTicketValidator" class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator">
<constructor-arg value="${security.cas-server-url}" />
</bean>
<bean id="singleSignOutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter" />
<bean id="requestSingleLogoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter"
p:filterProcessesUrl="/j_spring_cas_security_logout" >
......@@ -63,4 +123,13 @@
"org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
</constructor-arg>
</bean>
<bean id="successHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"
p:alwaysUseDefaultTargetUrl="false"
p:defaultTargetUrl="/#auth/checkLogin"/>
<bean id="failureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/login.jsp" />
</bean>
</beans>
security.arsnova-url=http://localhost:8080/arsnova-war
security.openid-target-url=http://localhost:8080/arsnova-war/doOpenIdLogin
security.cas-check-url=http://localhost:8080/arsnova-war/j_spring_cas_security_check
security.cas-server-url=https://cas.thm.de/cas
security.facebook.key=318531508227494
security.facebook.secret=e3f38cfc72bb63e35641b637081a6177
security.twitter.key=bmk6i12UPjxEUPwtxAuQ
security.twitter.secret=k3E52IJIYEUoeTWAakGldoyFYAS0OIEtDj050UzBrFw
security.google.key=110959746118.apps.googleusercontent.com
security.google.secret=CkzUJZswY8rjWCCYnHVovyGA
couchdb.host=localhost
couchdb.port=5984
couchdb.name=arsnova
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment