<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<description>Shiro Configuration</description>
<!-- <context:property-placeholder location="classpath:*.properties" />-->
<context:component-scan base-package="com.miv.shiro.*.service" />
<bean id="WebRealm" class="com.miv.shiro.common.WebRealm">
<property name="loginService" ref="loginService" />
<property name="rolesService" ref="rolesService" />
</bean>
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"/>
<!--
Shiro's main business-tier object for web-enabled applications (use
org.apache.shiro.web.mgt.DefaultWebSecurityManager instead when there
is no web environment)
-->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="cacheManager" ref="cacheManager"/>
<!--
Single realm app (realm configured next, below). If you have multiple
realms, use the 'realms' property instead.
-->
<property name="realm" ref="WebRealm" />
<!--
Uncomment this next property if you want heterogenous session access
or clusterable/distributable sessions. The default value is 'http'
which uses the Servlet container's HttpSession as the underlying
Session implementation. <property name="sessionMode" value="native"/>
-->
</bean>
<!--
Post processor that automatically invokes init() and destroy() methods
-->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<!--
Define the Shiro Filter here (as a FactoryBean) instead of directly in
web.xml - web.xml uses the DelegatingFilterProxy to access this bean.
This allows us to wire things with more control as well utilize nice
Spring things such as PropertiesPlaceholderConfigurer and abstract
beans or anything else we might need:
-->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl" value="/login/init" />
<property name="successUrl" value="/index" />
<property name="unauthorizedUrl" value="/login/error" />
<property name="filters">
<util:map>
<entry key="authc">
<bean class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter"/>
</entry>
<entry key="miv">
<bean class="com.miv.shiro.common.MIVshiroFilter"/>
</entry>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/login/** = anon
/resources/** = anon
/userPortal/** = miv["user"]
/userportal/** = miv["user"]
/agencyPortal/user/checkUnique = miv["agency","user"]
/agencyPortal/** = miv["agency"]
/agencyportal/** = miv["agency"]
/callcenterPortal/** = miv["callCenter"]
/callcenterportal/** = miv["callCenter"]
/** = anon
</value>
</property>
</bean>
</beans>