|
Help is available by sending an email to csf-support@mit.edu |
Using X509 Applicaiton Certificates with CSF Security requires that the following be done:
Each of the above is described below.
<bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
<security:filter-chain-map path-type="ant">
<security:filter-chain pattern="/css/**" filters="logoutFilter" />
<security:filter-chain pattern="/images/**" filters="logoutFilter" />
<security:filter-chain pattern="/js/**" filters="logoutFilter" />
<security:filter-chain pattern="/docs/**" filters="logoutFilter" />
<security:filter-chain pattern="/**" filters="ssoX509SecurityContextPersistenceFilter,
logoutFilter,
ssoX509AuthenticationProcessingFilter,
basicAuthenticationProcessingFilter,
exceptionTranslationFilter,
filterSecurityInterceptor,
switchUserProcessingFilter"
/>
</security:filter-chain-map>
</bean>
<bean id="ssoX509SecurityContextPersistenceFilter" class="edu.mit.csf.security.spring.filter.SsoX509SecurityContextPersistenceFilter"/>
<bean id="ssoX509AuthenticationProcessingFilter" class="edu.mit.csf.security.spring.filter.SsoX509AuthenticationProcessingFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="allowedEntities" ref="allowedEntities"/>
</bean>
|
<bean id="allowedEntities" class="edu.mit.csf.base.configuration.CompactApacheApplicationConfiguration" init-method="init">
<property name="locations">
<list>
<value>file:${user.dir}/esapis/allowedEntities.properties</value>
<value>file:${user.home}/allowedEntities.properties</value>
</list>
</property>
</bean>
|