<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:security="http://www.springframework.org/schema/security"
       xmlns="http://www.springframework.org/schema/beans"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
	   						http://www.springframework.org/schema/beans/spring-beans.xsd
           					http://www.springframework.org/schema/security
           					http://www.springframework.org/schema/security/spring-security.xsd">

    <security:http create-session="stateless">
        <security:http-basic/>
        <security:intercept-url pattern="/mvc/ui/**"
                                access="ROLE_USER"/>
        <security:intercept-url pattern="/mvc/inspector/**"
                                access="ROLE_USER"/>

        <security:logout logout-url="/logout" logout-success-url="/mvc/ui/index.do" invalidate-session="true"
                         delete-cookies="JSESSIONID, rinfra-user"/>
    </security:http>

    <security:authentication-manager>
        <security:authentication-provider>
            <security:password-encoder hash="md5"/>
            <security:user-service>
                <security:user name="${dnet.modular.ui.authorization.default.superAdmin}"
                               password="${dnet.admin.password}"
                               authorities="ROLE_USER"/>
                <security:user name="${dnet.guest.username}" password="${dnet.guest.password}"
                               authorities="ROLE_USER"/>
            </security:user-service>
        </security:authentication-provider>
    </security:authentication-manager>

</beans>
