yacos/YACOSWeb/WebContent/WEB-INF/applicationContextAcegi.xml

<?xml version="1.0" encoding="UTF-8" ?>

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">

<!--  CONFIGURATION AUTHENTICATION -->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
  <property name="filterInvocationDefinitionSource">
    <value>
      CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
      PATTERN_TYPE_APACHE_ANT
      /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
    </value>
  </property>
</bean>

<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
  <property name="authenticationEntryPoint">
    <bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
      <property name="loginFormUrl" value="/login.jsp"/>
      <property name="forceHttps" value="false"/>
    </bean>
  </property>
  <property name="accessDeniedHandler">
    <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
      <property name="errorPage" value="/denied.jsp"/>
    </bean>
  </property>
</bean>

<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
  <property name="authenticationManager" ref="authenticationManager"/>
  <property name="authenticationFailureUrl" value="/jsp/login.jsp?errorId=1"/>
  <property name="defaultTargetUrl" value="/"/>
  <property name="filterProcessesUrl" value="/j_acegi_security_check"/>
  <property name="rememberMeServices" ref="rememberMeServices"/>
</bean>

<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
  <property name="providers">
    <list>
      <ref local="daoAuthenticationProvider"/>
      <bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
        <property name="key" value="changeThis"/>
      </bean>
      <bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
        <property name="key" value="changeThis"/>
      </bean>
    </list>
  </property>
</bean>

<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
  <property name="userDetailsService" ref="userDetailsService"/>
  <property name="userCache">
    <bean class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
      <property name="cache">
        <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
          <property name="cacheManager">
            <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
          </property>
          <property name="cacheName" value="userCache"/>
        </bean>
      </property>
    </bean>
  </property>
</bean>

<bean id="userDetailsService" class="org.yacos.auth.UserDetailsService">
<!--  <property name="userProperties">-->
<!--    <bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">-->
<!--      <property name="location" value="/WEB-INF/users.properties"/>-->
<!--    </bean>-->
<!--  </property>-->
</bean>



<!-- AUTHORIZATION SERVICES -->
<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
  <property name="authenticationManager" ref="authenticationManager"/>
  <property name="accessDecisionManager">
    <bean class="org.acegisecurity.vote.AffirmativeBased">
      <property name="allowIfAllAbstainDecisions" value="false"/>
      <property name="decisionVoters">
        <list>
          <bean class="org.acegisecurity.vote.RoleVoter"/>
          <bean class="org.acegisecurity.vote.AuthenticatedVoter"/>
        </list>
      </property>
    </bean>
  </property>
  <property name="objectDefinitionSource">
    <value>
      CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
      PATTERN_TYPE_APACHE_ANT
      /secure/**=ROLE_ADMIN,ROLE_AUTHOR,ROLE_MEMBER
      /secure/**=IS_AUTHENTICATED_REMEMBERED
      /**=IS_AUTHENTICATED_ANONYMOUSLY
    </value>
  </property>
</bean>

<!-- LOGOUT -->
<bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
  <constructor-arg value="/index.jsp"/>
  <constructor-arg>
    <list>
      <ref bean="rememberMeServices"/>
      <bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
    </list>
  </constructor-arg>
</bean>

<bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
  <property name="userDetailsService" ref="userDetailsService"/>
  <property name="tokenValiditySeconds" value="1800"></property>
  <property name="key" value="changeThis"/>
</bean>

<!-- OTHERS -->
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>

<bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>

<bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
  <property name="authenticationManager" ref="authenticationManager"/>
  <property name="rememberMeServices" ref="rememberMeServices"/>
</bean>

<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
  <property name="key" value="changeThis"/>
  <property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
</bean>

<bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/>


<!--<bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalEntityManagerFactoryBean">-->
<!--	<property name="persistenceUnitName" value="YACOSCore"/>-->
<!--</bean>-->

</beans>