<beans xmlns="http://www.springframework.org/schema/beans"

    xmlns:security="http://www.springframework.org/schema/security"

    xmlns:util="http://www.springframework.org/schema/util"

    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xsi:schemaLocation="

        http://www.springframework.org/schema/beans

        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd

        http://www.springframework.org/schema/security

        http://www.springframework.org/schema/security/spring-security-3.2.xsd

        http://www.springframework.org/schema/util

        http://www.springframework.org/schema/util/spring-util-3.0.xsd"

>

    <util:properties id="propsLocations">

        <prop key="servletContextProps">WEB-INF/renkan.properties</prop>

        <prop key="classpathProps">classpath:renkan_run.properties</prop>

    </util:properties>

    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">

        <property name="order" value="1000"/>

        <property name="location" value="#{propsLocations.servletContextProps}"/>

        <property name="ignoreUnresolvablePlaceholders" value="true"/>

        <property name="IgnoreResourceNotFound" value="false"/>

    </bean> 

    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">

        <property name="order" value="1"/>

        <property name="location" value="#{propsLocations.classpathProps}"/>

        <property name="ignoreUnresolvablePlaceholders" value="true"/>

        <property name="IgnoreResourceNotFound" value="true"/>

    </bean>

    <bean class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" id="renkanPasswordEncoder">

        <constructor-arg name="strength" value="10" type="int"/>

    </bean>

    <bean class="org.iri_research.renkan.services.RenkanUserDetailsService" id="renkanUserDetailsService" />

    <security:http auto-config="true" use-expressions="true">

        <security:intercept-url pattern="/admin" access="hasRole('ROLE_ADMIN')" />

        <security:intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" />

        <security:form-login login-page="/auth/login" authentication-failure-url="/auth/loginfailed" password-parameter="password" username-parameter="username" />

        <security:logout />

    </security:http>

    <security:authentication-manager>

        <security:authentication-provider>

            <security:password-encoder hash="sha-256"/>

            <security:user-service>

                <security:user name="${user.admin.name}" password="${user.admin.password}" authorities="ROLE_ADMIN, ROLE_USER"/>

            </security:user-service>

        </security:authentication-provider>

        <security:authentication-provider user-service-ref='renkanUserDetailsService'>

            <security:password-encoder ref="renkanPasswordEncoder" />

        </security:authentication-provider>

    </security:authentication-manager>

    <!--security:authentication-manager>

        <security:authentication-provider user-service-ref='renkanUserDetailsService'>

            <security:password-encoder ref="renkanPasswordEncoder" />

        </security:authentication-provider>

    </security:authentication-manager-->

</beans>