<?xml version="1.0" encoding="UTF-8"?>
<!--
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:egov-security="http://maven.egovframe.go.kr/schema/egov-security"
	xmlns:security="http://www.springframework.org/schema/security"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
		http://maven.egovframe.go.kr/schema/egov-security http://maven.egovframe.go.kr/schema/egov-security/egov-security-3.10.0.xsd"> 
 -->
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:egov-security="http://www.egovframe.go.kr/schema/egov-security"
	xmlns:security="http://www.springframework.org/schema/security"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
		http://www.egovframe.go.kr/schema/egov-security http://maven.egovframe.go.kr/schema/egov-security/egov-security-3.7.xsd">

    <security:http pattern="/css/**" security="none"/>
	<security:http pattern="/html/**" security="none"/>
    <security:http pattern="/images/**" security="none"/>
 	<security:http pattern="/js/**" security="none"/>
 	<security:http pattern="/resource/**" security="none"/>
 	<security:http pattern="\A/WEB-INF/jsp/.*\Z" request-matcher="regex" security="none"/>
 	
 	<!-- 분쟁조정 서블릿 mapping 경로들 -->
 	<security:http pattern="/img/**" security="none"/>
 	<security:http pattern="/site/**" security="none"/>
	<security:http pattern="/ico/**"  security="none"/>
	<security:http pattern="/font/**" security="none"/>
	<security:http pattern="/ark/**"  security="none"/>
	<security:http pattern="/editor/**"  security="none"/>
	<!-- 분쟁조정 서블릿 mapping 경로들 끝 -->
 	
 	<security:http pattern="/kccadrPb/**" security="none"/>
 	<security:http pattern="/kofair_case_seed/**" security="none"/>
 	
    <egov-security:config id="securityConfig"
        loginUrl="/uat/uia/actionMain.do"
        logoutSuccessUrl="/uat/uia/actionMain.do"
        loginFailureUrl="/uat/uia/actionSecurityLogin.do?login_error=1"
        accessDeniedUrl="/sec/ram/accessDenied.do"		
		
        dataSource="egov.dataSource"
        			
        jdbcUsersByUsernameQuery="SELECT USER_ID, ESNTL_ID AS PASSWORD, 1 ENABLED, USER_NM, USER_ZIP, 
        							USER_ADRES, USER_EMAIL, USER_SE,  '-' ORGNZT_ID, ESNTL_ID, 
        							'-' ORGNZT_NM, AUTHOR_CODE AS AUTHORITY, OFFM_TELNO, MBTLNUM,
        							DEPT
        							FROM COMVNUSERMASTER A 
        							INNER JOIN LETTNEMPLYRSCRTYESTBS B ON A.ESNTL_ID = B.SCRTY_DTRMN_TRGET_ID 
        							WHERE CONCAT(USER_SE, USER_ID) = ?"
        
        jdbcAuthoritiesByUsernameQuery="SELECT A.SCRTY_DTRMN_TRGET_ID USER_ID, A.AUTHOR_CODE AUTHORITY 
        							FROM LETTNEMPLYRSCRTYESTBS A, COMVNUSERMASTER B 
        							WHERE A.SCRTY_DTRMN_TRGET_ID = B.ESNTL_ID AND B.USER_ID = ?"
        							
        jdbcMapClass="kcc.let.uat.uia.service.impl.EgovSessionMapping"

        requestMatcherType="regex"
        hash="plaintext"
        hashBase64="false"
		
		concurrentMaxSessons="1"
		concurrentExpiredUrl="/uat/uia/actionMain.do"

		defaultTargetUrl="/uat/uia/actionMain.do"
		
		
    />
 	<!--  sqlHierarchicalRoles="
       		SELECT a.CHLDRN_ROLE child, a.PARNTS_ROLE parent 
       		FROM LETTNROLES_HIERARCHY a LEFT JOIN LETTNROLES_HIERARCHY b on (a.CHLDRN_ROLE = b.PARNTS_ROLE)" -->
       		
    <!-- <egov-security:secured-object-config id="securedObjectConfig"
    	roleHierarchyString="
			ROLE_ADMIN > ROLE_ADR_ADMIN
			ROLE_ADR_ADMIN > ROLE_USER_MANAGER
			ROLE_USER_MANAGER > ROLE_USER_MEMBER
			ROLE_USER_MEMBER > ROLE_ANONYMOUS"
			
       sqlRolesAndUrl="
       		SELECT a.ROLE_PTTRN url, b.AUTHOR_CODE authority 
       		FROM LETTNROLEINFO a, LETTNAUTHORROLERELATE b 
       		WHERE a.ROLE_CODE = b.ROLE_CODE AND a.ROLE_TY = 'url'  
       		ORDER BY a.ROLE_SORT"
    /> -->
    	<!-- roleHierarchyString="
			ROLE_ADMIN > ROLE_ADMIN2
			ROLE_ADMIN2 > ROLE_ANONYMOUS
			" -->
    <egov-security:secured-object-config id="securedObjectConfig"
		sqlHierarchicalRoles="
			SELECT a.CHLDRN_ROLE child, a.PARNTS_ROLE parent 
			FROM LETTNROLES_HIERARCHY a LEFT JOIN LETTNROLES_HIERARCHY b on (a.CHLDRN_ROLE = b.PARNTS_ROLE)"
			
		sqlRolesAndUrl="
			SELECT a.ROLE_PTTRN url, b.AUTHOR_CODE authority 
			FROM LETTNROLEINFO a, LETTNAUTHORROLERELATE b 
			WHERE a.ROLE_CODE = b.ROLE_CODE AND a.ROLE_TY = 'url'  
			ORDER BY a.ROLE_SORT, b.AUTHOR_CODE desc"
    />

	<egov-security:initializer id="initializer" supportMethod="false" supportPointcut="false" />

    <!-- URL에 세미콜론(semicolon)허용 여부(기본값/false) -->
	<bean id="egovStrictHttpFirewall" class="org.springframework.security.web.firewall.StrictHttpFirewall">
		<property name="allowSemicolon" value="true"/>
	</bean>
	<security:http-firewall ref="egovStrictHttpFirewall"/>
		
</beans>