Versions Compared

Old Version 8

changes.mady.by.user David E Tanner

Saved on

compared with

New Version 9

changes.mady.by.user David E Tanner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel

Anchor
Using X509 Application Certificates with CSF Security version 2
Using X509 Application Certificates with CSF Security version 2

Using X509 Application Certificates with CSF Security version 2

Using X509 Applicaiton Certificates with CSF Security requires that the following be done:

  • add three new beans to your application's applicationContext spring security xml,
  • add one new bean to your application's conf xml,
  • create a new allowEntities.properties file.

Each of the above is described below.

  1. Add the following 3 beans to your application's appicationContext spring security xml.  You many already have a filterChainProxy already defined in your security XML. If   If the filterChainProxy is already defined, then replace it with the filterChainProxy given below.
    Code Block
    
    <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
        <security:filter-chain-map path-type="ant">
            <security:filter-chain pattern="/css/**" filters="logoutFilter" />
            <security:filter-chain pattern="/images/**" filters="logoutFilter" />
            <security:filter-chain pattern="/js/**" filters="logoutFilter" />
            <security:filter-chain pattern="/docs/**" filters="logoutFilter" />
            <security:filter-chain pattern="/**" filters="ssoX509SecurityContextPersistenceFilter,
           		logoutFilter,
           		ssoX509AuthenticationProcessingFilter,
           		basicAuthenticationProcessingFilter,
           		exceptionTranslationFilter,
           		filterSecurityInterceptor,
           		switchUserProcessingFilter"
            />
        </security:filter-chain-map>
    </bean>

    <bean id="ssoX509SecurityContextPersistenceFilter" class="edu.mit.csf.security.spring.filter.SsoX509SecurityContextPersistenceFilter"/>
    
    <bean id="ssoX509AuthenticationProcessingFilter" class="edu.mit.csf.security.spring.filter.SsoX509AuthenticationProcessingFilter">
        <property name="authenticationManager" ref="authenticationManager"/>
        <property name="allowedEntities" ref="allowedEntities"/>
    </bean>
    Code Block
    
    <bean id="allowedEntities" class="edu.mit.csf.base.configuration.CompactApacheApplicationConfiguration" init-method="init">
        <property name="locations">
            <list>
                <value>file:${user.dir}/esapis/allowedEntities.properties</value>
                <value>file:${user.home}/allowedEntities.properties</value>
            </list>
        </property>
    </bean>