<b:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
						http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">

	<!-- <debug /> -->

    <!-- 使用spring-security进行后台鉴权 -->
	<!--<global-method-security jsr250-annotations="enabled" pre-post-annotations="enabled" secured-annotations="enabled"/>-->

	<!-- Static resources -->
	<http pattern="/version.html" security="none" />
	<http pattern="/ping.html" security="none" />

	<http entry-point-ref="restAuthenticationEntryPoint"
		create-session="stateless">
		<!-- https://springcloud.cc/spring-security-zhcn.html -->
		<intercept-url pattern="/api/v1/cache/getallcache" access="permitAll" />
		<intercept-url pattern="/api/v1/user/login" access="permitAll" />
		<intercept-url pattern="/api/v1/approval/**" access="permitAll" />
		<intercept-url pattern="/ebs/api/v1/dd/**" access="permitAll" />
        <intercept-url pattern="/api/**" access="authenticated" />
		<intercept-url pattern="/**" access="permitAll" />
		<headers>
			<frame-options policy="SAMEORIGIN" />
		</headers>
		<csrf disabled="true" />
		<custom-filter position="PRE_AUTH_FILTER" ref="jwtAuthenticationFilter" />
	</http>

	<b:bean id="jwtAuthenticationFilter" class="pwc.taxtech.atms.security.JwtAuthenticationFilter">
		<b:property name="authenticationManager" ref="authenticationManager" />
		<b:property name="authenticationSuccessHandler" ref="jwtAuthenticationSuccessHandler" />
	</b:bean>

	<authentication-manager alias="authenticationManager">
		<authentication-provider ref="jwtAuthenticationProvider" />
	</authentication-manager>

</b:beans>