<!-- ===================== METHOD SECURITY ==================== -->
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource">
<ref bean="dataSource"/>
</property>
</bean>
<bean id="customEditorConfigurer" class="org.springframework.beans.factory.config.CustomEditorConfigurer">
<property name="customEditors">
<map>
<entry key="net.sf.acegisecurity.intercept.method.MethodDefinitionSource">
<bean class="com.huaweisymantec.autosolution.atcenter.security.util.DataSourceMethodDefinitionSourceEditor">
<property name="jdbcTemplate"> <ref bean="jdbcTemplate"/> </property>
</bean>
</entry>
</map>
</property>
</bean>
<bean id="autoProxyCreator" class="org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator">
<property name="interceptorNames">
<list>
<value>securityInterceptor</value>
</list>
</property>
<property name="beanNames">
<list>
<value>*Action</value>
</list>
</property>
<property name="proxyTargetClass" value="true"/>
</bean>
<bean id="securityInterceptor" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref bean="httpRequestAccessDecisionManager"/></property>
<property name="objectDefinitionSource">
<value>
select authority,PROTECTED_RES from auth where authority like 'AUTH_%Action%' and type='METHOD'
</value>
</property>
</bean>
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource">
<ref bean="dataSource"/>
</property>
</bean>
<bean id="customEditorConfigurer" class="org.springframework.beans.factory.config.CustomEditorConfigurer">
<property name="customEditors">
<map>
<entry key="net.sf.acegisecurity.intercept.method.MethodDefinitionSource">
<bean class="com.huaweisymantec.autosolution.atcenter.security.util.DataSourceMethodDefinitionSourceEditor">
<property name="jdbcTemplate"> <ref bean="jdbcTemplate"/> </property>
</bean>
</entry>
</map>
</property>
</bean>
<bean id="autoProxyCreator" class="org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator">
<property name="interceptorNames">
<list>
<value>securityInterceptor</value>
</list>
</property>
<property name="beanNames">
<list>
<value>*Action</value>
</list>
</property>
<property name="proxyTargetClass" value="true"/>
</bean>
<bean id="securityInterceptor" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref bean="httpRequestAccessDecisionManager"/></property>
<property name="objectDefinitionSource">
<value>
select authority,PROTECTED_RES from auth where authority like 'AUTH_%Action%' and type='METHOD'
</value>
</property>
</bean>
<property name="dataSource"><ref bean="dataSource"/></property>
<property name="usersByUsernameQuery">
<value>SELECT User_HWId as USERNAME,User_Active as PASSWORD,1 as ENABLE FROM testuser WHERE User_HWId=? and User_Active=1</value>
</property>
<property name="authoritiesByUsernameQuery">
<value>
SELECT u.User_HWId,a.Authority FROM `testuser` u ,`role` r, `user_role` ur,`auth` a,`role_auth` ra
where u.User_Id=ur.User_Id
and r.Role_Id=ur.Role_Id
and ur.Role_Id=ra.Role_Id
and a.Auth_Id=ra.Auth_Id
and u.User_HWId=?
</value>
</property>
</bean>
<property name="key"><value>foobar</value></property>
<property name="userAttribute"><value>anonymousUser,AUTH_ANONYMOUS,AUTH_TaskAction_detail,AUTH_TaskAction_showLog,AUTH_TaskAction_download</value></property>
</bean>
--------------------------------------------------------------------------
<bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/add*au.action=AUTH_ProductAction_add
/Login!loadAllUsers.action=AUTH_UserAction_query
/RoleAction!queryRoles.action=AUTH_RoleAction_query
</value>
</property>
</bean>