<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<!-- configuramos los permisos para los distintos ruteos
y login y logout page
-->
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/*" access="isAuthenticated()" />
<intercept-url pattern="/login*" access="permitAll" />
<form-login login-page="/"
default-target-url="/login?method=redirectHandler" authentication-failure-url="/" />
<logout logout-success-url="/jsp/logout.jsp" />
</http>
<!-- definimos que la autenticacion sea a traves de DB
con dos querys, una retorna el usuario y la otra los permisos
-->
<authentication-manager alias="authenticationManager">
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select REPLACE(NRODOC,'.','') as username,CLAVE as password, 1 AS enabled from ALUMNOS where REPLACE(NRODOC,'.','') = ?"
authorities-by-username-query="SELECT REPLACE(NRODOC,'.','') as username, 'ROLE_USER' as authority FROM ALUMNOS WHERE REPLACE(NRODOC,'.','') = ?"
/>
</authentication-provider>
</authentication-manager>
</beans:beans>