theresajayne · July 20, 2011 14:54
diff --git a/gistfile1.txt b/gistfile1.txt
 <?xml version="1.0" encoding="UTF-8"?>

 <!--
  - Sample namespace-based configuration
  -
  - $Id: applicationContext-security.xml 3019 2008-05-01 17:51:48Z luke_t $
  -->

 <beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
    http://www.springframework.org/security http://www.springframework.org/schema/security/spring-security-3.0.4.xsd">

    <global-method-security secured-annotations="enabled">
    </global-method-security>

    <http auto-config="true">
         <!-- Don't set any role restrictions on login.jsp -->
        <intercept-url pattern="/login.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY" />
       <!-- <intercept-url pattern="/loginController" access="IS_AUTHENTICATED_ANONYMOUSLY" /> -->
        <intercept-url pattern="/css/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
        <intercept-url pattern="/images/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />

        <!-- Restrict access to ALL other pages -->
        <intercept-url pattern="/**" access="ROLE_USER, ROLE_ADMIN" />




        <!-- Set the login page and what to do if login fails -->
        <form-login login-page="/login.jsp" 
            default-target-url="/InBrand-2/moduleController/"
            access-denied-page="/dashboard"
            always-use-default-target="false" 
            authentication-failure-url="/login.jsp"
            />
    </http>


 <authentication-provider>
    <password-encoder hash="md5"/>
    <jdbc-user-service data-source-ref="defaultDataSource"
        authorities-by-username-query="select username , authority from authority where username=?"
        users-by-username-query="select user_name as username, user_password as password, 'true' as enabled from USERS where user_name=?"/>
 </authentication-provider>
    <!--
    Usernames/Passwords are
        rod/koala
        dianne/emu
        scott/wombat
        peter/opal
    -->
  <!--  <authentication-provider>
        <password-encoder hash="md5"/>
        <user-service>
            <user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
            <user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
            <user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
            <user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
        </user-service>
    </authentication-provider>  -->
 
 </beans:beans>
	<?xml version="1.0" encoding="UTF-8"?>

	<!--
	- Sample namespace-based configuration
	-
	- $Id: applicationContext-security.xml 3019 2008-05-01 17:51:48Z luke_t $
	-->

	<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:beans="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
	http://www.springframework.org/security http://www.springframework.org/schema/security/spring-security-3.0.4.xsd">

	<global-method-security secured-annotations="enabled">
	</global-method-security>

	<http auto-config="true">
	<!-- Don't set any role restrictions on login.jsp -->
	<intercept-url pattern="/login.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY" />
	<!-- <intercept-url pattern="/loginController" access="IS_AUTHENTICATED_ANONYMOUSLY" /> -->
	<intercept-url pattern="/css/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
	<intercept-url pattern="/images/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />

	<!-- Restrict access to ALL other pages -->
	<intercept-url pattern="/**" access="ROLE_USER, ROLE_ADMIN" />




	<!-- Set the login page and what to do if login fails -->
	<form-login login-page="/login.jsp"
	default-target-url="/InBrand-2/moduleController/"
	access-denied-page="/dashboard"
	always-use-default-target="false"
	authentication-failure-url="/login.jsp"
	/>
	</http>


	<authentication-provider>
	<password-encoder hash="md5"/>
	<jdbc-user-service data-source-ref="defaultDataSource"
	authorities-by-username-query="select username , authority from authority where username=?"
	users-by-username-query="select user_name as username, user_password as password, 'true' as enabled from USERS where user_name=?"/>
	</authentication-provider>
	<!--
	Usernames/Passwords are
	rod/koala
	dianne/emu
	scott/wombat
	peter/opal
	-->
	<!-- <authentication-provider>
	<password-encoder hash="md5"/>
	<user-service>
	<user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
	<user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
	<user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
	<user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
	</user-service>
	</authentication-provider> -->

	</beans:beans>