sooka_maintenance
/
bsdsjj_siping


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226
							<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:security="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans
	http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
	http://www.springframework.org/schema/security
	http://www.springframework.org/schema/security/spring-security-3.1.xsd">
	<security:http pattern=" /platform/system/sysFile/file_*.ht" security="none" />
	<security:http pattern=" /platform/bpm/task/toStart.ht?**" security="none" />
	<security:http pattern="/js/**" security="none" /> 
	<security:http pattern="/commons/**" security="none" />
	<security:http pattern="/media/**" security="none" />
	<security:http pattern="/403*" security="none" />
	<security:http pattern="/404*" security="none" />
	<security:http pattern="/500*" security="none" />
	<security:http pattern="/weixin/assets/**" security="none" />
	<security:http pattern="/servlet/ValidCode" security="none" />
	
	<security:http entry-point-ref="multipleAuthenticationLoginEntry"
		servlet-api-provision="true">

		<!-- <security:session-management invalid-session-url="/loginRedirect.ht"> 
			<security:concurrency-control error-if-maximum-exceeded="false" max-sessions="1" 
			expired-url="/loginRedirect.ht"/> </security:session-management> -->
		<!--使用表单登录 -->
		<security:remember-me key="bpm3PrivateKey" />
		<security:logout logout-url="/logout"
			logout-success-url="/loginRedirect.ht" />
		<security:custom-filter ref="aopFilter" after="FORM_LOGIN_FILTER" />

		<security:custom-filter before="FILTER_SECURITY_INTERCEPTOR"
			ref="permissionFilter" />
		<security:access-denied-handler ref="htAccessDeniedHandler" />
		<security:custom-filter position="SWITCH_USER_FILTER"
			ref="switchUserProcessingFilter" />

	</security:http>

	<bean id="actionPageMap" class="java.util.HashMap">
		<constructor-arg>
			<map>
				<entry key="mobile" value="/mobileLogin.jsp"></entry>
			</map>

		</constructor-arg>
	</bean>

	<bean id="switchUserProcessingFilter" class="com.hotent.core.web.filter.HtSwitchUserFilter">
		<property name="userDetailsService" ref="sysUserDao" />
		<property name="switchUserUrl" value="/j_spring_security_switch_user" />
		<property name="exitUserUrl" value="/j_spring_security_exit_user" />
		<property name="targetUrl" value="/platform/console/main.ht" />
	</bean>


	<!--登录入口定义 -->
	<bean id="multipleAuthenticationLoginEntry"
		class="com.hotent.platform.web.filter.MultipleAuthenticationLoginEntry">
		<property name="defaultLoginUrl" value="/login.jsp" />
		<property name="directUrlResolvers">
			<list>
				<ref bean="mobileLoginEntry" />
				<ref bean="weixinLoginEntry" />
			</list>
		</property>
	</bean>

	<!-- 跳转到手机登陆页 -->
	<bean id="mobileLoginEntry"
		class="com.hotent.platform.web.filter.RequestUriDirectUrlResolver">
		<property name="pattern" value="/mobile" />
		<property name="directUrl" value="/mobileLogin.jsp" />
	</bean>
	<bean id="weixinLoginEntry"
		class="com.hotent.platform.web.filter.RequestUriDirectUrlResolver">
		<property name="pattern" value="/weixin" />
		<property name="directUrl" value="/weixin/login.html" />
	</bean>

	<bean id="htAccessDeniedHandler" class="com.hotent.platform.web.filter.HtAccessDeniedHandler">
		<property name="accessDeniedUrl" value="/commons/403.jsp"></property>
	</bean>

	<!-- 认证管理器，实现用户认证的入口，主要实现UserDetailsService接口即可 -->
	<security:authentication-manager alias="authenticationManager">
		<security:authentication-provider
			user-service-ref="sysUserDao">
			<security:password-encoder ref="passwordEncoder" />
		</security:authentication-provider>
	</security:authentication-manager>

	<bean id="passwordEncoder" class="com.hotent.platform.web.security.CustomPwdEncoder"></bean>

	<bean id="aopFilter" class="com.hotent.core.web.filter.AopFilter"></bean>
	<!-- 一个自定义的filter，必须包含authenticationManager,accessDecisionManager,securityMetadataSource三个属性，我们的所有控制将在这三个类中实现 -->

	<bean id="permissionFilter" class="com.hotent.core.web.filter.PermissionFilter">
		<property name="authenticationManager" ref="authenticationManager" />
		<property name="accessDecisionManager" ref="accessDecisionManager" />
		<property name="securityMetadataSource" ref="securityMetadataSource" />
	</bean>

	<!-- 访问决策器，决定某个用户具有的角色，是否有足够的权限去访问某个资源 -->
	<bean id="accessDecisionManager" class="com.hotent.platform.web.filter.HtDecisionManager" />

	<!-- 资源源数据定义，即定义某一资源可以被哪些角色访问 -->
	<bean id="securityMetadataSource" class="com.hotent.platform.web.filter.HtSecurityMetadataSource"
		scope="singleton">

		<property name="anonymousUrls">
			<set>
						<value>/xtbg/platform/system/sysFile/getJson.ht</value>
			<value>/platform/</value>
			<value>/platform/system/sysFile/HtmlDialog.ht</value>
			<value>/platform/system/sysUser/get.ht</value>
			<value>/mobile/system/file/avatarUpload.ht</value>
			<value>/xtbg/platform/bpm/processRun/info.ht</value>
			<value>/mobileLogin.jsp</value>
			<value>/write/WriteFile.jsp</value>
				<value>/platform/bpm/bpmProCopyto/getCopyUserByInstId.ht</value>
				<value>/platform/system/sysUser/dialog.ht</value> 
				<value>/platform/system/sysUserDialog.jsp</value>
				<value>/platform/system/sysOrg/getTreeData.ht</value>
				<value>/platform/system/sysOrg/dialog.ht</value>
				<value>/mobileLogin.jsp</value>
				<value>/mobileLogin.ht</value>
				<value>/platform/bpm/bpmTaskExe/assign.ht</value>
				<value>/platform/bpm/bpmTaskExe/assignSave.ht</value>
				<value>/platform/mobile/lang/changLang.ht</value>
				<value>/xtbg/platform/bpm/task/startFlow.ht</value>
				<value>/xtbg/platform/bpm/task/toStart.ht</value>
				<value>/platform/bpm/processRun/info.ht</value>
				<value>/xtbg/platform/system/sysUser/selector.ht</value>
				<value>/loginRedirect.ht</value>
				<value>/login.jsp</value>
				<value>/login.ht</value>
				<value>/bpmImage</value>
				<value>/platform/bpm/bpmProCopyto/forward.ht</value>
				<value>/platform/bpm/processRun/processImage.ht</value>
				<value>/platform/bpm/processRun/getFlowStatusByInstanceId.ht</value>
				<value>/platform/bpm/processRun/taskUser.ht</value>
				<value>/platform/bpm/taskOpinion/list.ht</value>
				<value>/platform/bpm/bpmTaskExe/assign.ht</value>
				<value>/mobile/bpm/bpmMobileTask/startFlowForm.ht
				</value>
				<value>/platform/bpm/bpmDefinition/flowImg.ht</value>
				<value>/platform/bpm/*</value>
				<value>/platform/system/sysUser/selector.ht</value>
				<value>/weixin/bpm/getFormPreviewData.ht
				</value>
				<value>/platform/system/sysFile/getUserData.ht
				</value>
				<value>/weixin/orgDialog/getOrgListByDim.ht
				</value>
				<value>/weixin/orgDialog/userList.ht
				</value>
				<value>/weixin/orgDialog/getDimList.ht
				</value>
				
				<value>/mobile/bpm/bpmMobileTask/pendingMatters.ht</value>
				<!-- songlin     platform/bpm/task/toStart.ht -->
				
				<value>/platform/bpm/task/toStart.ht</value>
				
				<value>/platform/system/sysFile/getUserData.ht</value>
				<!-- 附件上传接口 宋霖20190105 ADD -->
				<value>/platform/file/fileManage/feedback.ht</value>
				<value>/platform/system/sysFile/fileUpload.ht</value>
				<!-- 附件列表接口 宋霖20190105 ADD -->
				<value>/platform/file/fileManage/fujianList.ht</value>
				<!-- 附件下载接口 宋霖20190105 DEL -->
				<value>/platform/file/fileManage/download.ht</value>
				<!-- 附件列表 宋霖20190105 LIST -->
				<value>/platform/file/fileManage/toStart.ht</value>
				<!-- 待办事宜列表 宋霖20190105 LIST -->
				<value>/platform/file/fileManage/pendingMattersList.ht</value>
				<value>/platform/file/fileManage/transmitComplete.ht</value>
				<!-- 流程审批 李梦20190228 ADD -->
				<value>/platform/file/fileManage/complete.ht</value>
				<!-- 流程审批 李梦20190228 ADD -->
				<value>/platform/file/fileManage/alreadyCompletedMattersList.ht</value>
				<value>/platform/file/fileManage/download2.ht</value>
				<value>/platform/system/sysOrg/dialog.ht</value>
				<value>/platform/system/sysUser/dialog.ht</value>
				<value>/platform/system/sysUser/flowDialog.ht</value>
				<value>/platform/system/sysUser/gradeDialog.ht</value>
				<value>/platform/system/sysUserDialog.jsp</value>
				<value>/platform/bpm/task/tranTaskUserMap.ht</value>
				<value>/platform/bpm/task/freeJump.ht</value>
				<value>/platform/bpm/taskTranTaskUserMap.jsp</value>
				<value>/platform/file/fileManage/SysBulletinList.ht</value>
				<value>/platform/file/fileManage/SysBulletinListHY.ht</value>
				<value>/platform/system/sysFile/contentUpload.ht</value>
				<value>/platform/system/sysFile/getContentFileByRunId.ht</value>
				
				
				<!-- flex附件上传的 -->
				<value>/platform/bpm/bpmDefinition/getXmlImport.ht</value>
				<value>/mobile/system/mobileLogin.ht</value>
				<value>/mobile/system/mobileLogout.ht</value>
				<value>/mobile/system/mobileApkVersion/info.ht </value>
                

				<value>/proxy</value>
				<value>/weixin/weixin.appcache</value>

				<!-- 修改密码页面 -->
				<value>/platform/system/sysUser/commonResetPwdView.ht</value>
				<value>/platform/system/sysUser/commonResetPwd.ht</value>
				<value>/proxy</value>
				<value>/receive</value>
				<value>/weixin/login.html</value>
				<value>/weixin/login.ht</value>
				<value>/platform/system/sysFile/getFileById.ht</value>
				<value>/platform/system/sysFile/download.ht</value>
				<value>/weixin/bulletin/detail.html</value>
				<value>/weixin/bulletin/detail.ht</value>
			</set>
		</property>
	</bean>
</beans>