<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
         xmlns:b="http://www.springframework.org/schema/beans"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <global-method-security secured-annotations="enabled" jsr250-annotations="enabled"/>
    
    <http pattern="/paginas/itbi/**" use-expressions="true" authentication-manager-ref="itbiAuthenticationManager">
        <intercept-url pattern="/paginas/itbi/**" access="hasAnyRole('ROLE_ITBI','ROLE_ADMIN')"/>
        <form-login login-page="/paginas/loginItbi.jsf" authentication-failure-url="/paginas/loginItbi.xhtml" default-target-url='/home.jsf'/>
        <access-denied-handler error-page="/paginas/loginItbi.jsf"/>
        <logout logout-success-url="/index.jsp"/>
    </http>
    
    <http pattern="/paginas/dipam/**" use-expressions="true" authentication-manager-ref="dipamAuthenticationManager">
        <intercept-url pattern="/paginas/dipam/**" access="hasAnyRole('ROLE_DIPAM','ROLE_ADMIN')"/>
        <form-login login-page="/paginas/loginDipam.jsf" authentication-failure-url="/paginas/loginDipam.xhtml" default-target-url='/home.jsf'/>
        <access-denied-handler error-page="/paginas/loginDipam.jsf"/>
        <logout logout-success-url="/index.jsp"/>
    </http>
    
    <http pattern="/paginas/admin/**" use-expressions="true" authentication-manager-ref="adminAuthenticationManager">
        <intercept-url pattern="/paginas/admin/**" access="hasRole('ROLE_ADMIN')"/>
        <form-login login-page="/paginas/login.jsf" authentication-failure-url="/paginas/login.xhtml" default-target-url='/home.jsf'/>
        <access-denied-handler error-page="/paginas/login.jsf"/>
        <logout logout-success-url="/index.jsp"/>
    </http>
    
    <http pattern="/paginas/empresas/**" use-expressions="true" authentication-manager-ref="empresasAuthenticationManager">
        <intercept-url pattern="/paginas/empresas/**" access="hasAnyRole('ROLE_EMPRESAS', 'ROLE_SIA', 'ROLE_ADMIN')"/>
        <form-login login-page="/paginas/loginEmpresas.jsf" authentication-failure-url="/paginas/loginEmpresas.xhtml" default-target-url='/home.jsf'/>
        <access-denied-handler error-page="/paginas/loginEmpresas.jsf"/>
        <logout logout-success-url="/index.jsp"/>
    </http>
    
    <http pattern="/paginas/auditor/**" use-expressions="true" authentication-manager-ref="siaAuthenticationManager">
        <intercept-url pattern="/paginas/auditor/**" access="hasAnyRole('ROLE_SIA','ROLE_ADMIN')"/>
        <form-login login-page="/paginas/loginAuditor.jsf" authentication-failure-url="/paginas/loginAuditor.xhtml" default-target-url='/paginas/auditor/formAuditor.jsf'/>
        <access-denied-handler error-page="/paginas/loginAuditor.jsf"/>
        <logout logout-success-url="/index.jsp"/>
    </http>
    
    <http pattern="/paginas/auditoriaImoveis/**" use-expressions="true" authentication-manager-ref="siaAuthenticationManager">
        <intercept-url pattern="/paginas/auditoriaImoveis/**" access="hasAnyRole('ROLE_SIA','ROLE_ADMIN')"/>
        <form-login login-page="/paginas/loginAtualizaImovel.jsf"
                    authentication-failure-url="/paginas/loginAtualizaImovel.jsf"
                    default-target-url='/paginas/auditoriaImoveis/formAuditor.jsf'/>
        <access-denied-handler error-page="/paginas/loginAtualizaImovel.jsf"/>
        <logout logout-success-url="/index.jsp"/>
    </http>

    <http pattern="/paginas/auditoriaContribuinte/**" use-expressions="true" authentication-manager-ref="siaAuthenticationManager">
        <intercept-url pattern="/paginas/auditoriaContribuinte/**" access="hasAnyRole('ROLE_SIA','ROLE_ADMIN')"/>
        <form-login login-page="/paginas/loginAtualizaContribuinte.jsf"
                    authentication-failure-url="/paginas/loginAtualizaContribuinte.jsf"
                    default-target-url='/paginas/auditoriaContribuinte/formAuditor.jsf'/>
        <access-denied-handler error-page="/paginas/loginAtualizaContribuinte.jsf"/>
        <logout logout-success-url="/index.jsp"/>
    </http>

    <http pattern="/**" use-expressions="true" authentication-manager-ref="commonAuthenticationManager">
        <intercept-url pattern="/paginas/public/**" access="permitAll"/>
        <intercept-url pattern="/paginas/login.jsf" access="permitAll"/>
        <intercept-url pattern="/paginas/loginItbi.jsf" access="permitAll"/>
        <intercept-url pattern="/paginas/loginAuditor.jsf" access="permitAll"/>
        <intercept-url pattern="/paginas/loginEmpresas.jsf" access="permitAll"/>
        <intercept-url pattern="/paginas/loginDipam.jsf" access="permitAll"/>
        <intercept-url pattern="/paginas/loginAtualizaImovel.jsf" access="permitAll"/>
        <intercept-url pattern="/paginas/loginAtualizaContribuinte.jsf" access="permitAll"/>
        <form-login login-page="/paginas/login.jsf" authentication-failure-url="/paginas/login.xhtml" default-target-url='/home.jsf'/>
        <access-denied-handler error-page="/paginas/login.jsf"/>
        <logout logout-success-url="/index.jsp"/>
    </http>
    
    <authentication-manager id="commonAuthenticationManager">
        <authentication-provider user-service-ref="commonUserDetailsService"/>
    </authentication-manager>
    <authentication-manager id="siaAuthenticationManager">
        <authentication-provider user-service-ref="siaUserDetailsService"/>
    </authentication-manager>
    <authentication-manager id="itbiAuthenticationManager">
        <authentication-provider user-service-ref="itbiUserDetailsService"/>
    </authentication-manager>
    <authentication-manager id="adminAuthenticationManager">
        <authentication-provider user-service-ref="adminUserDetailsService"/>
    </authentication-manager>
    <authentication-manager id="empresasAuthenticationManager">
        <authentication-provider user-service-ref="empresasUserDetailsService"/>
    </authentication-manager>
    <authentication-manager id="dipamAuthenticationManager">
        <authentication-provider user-service-ref="dipamUserDetailsService"/>
    </authentication-manager>
    
    <b:bean id="commonUserDetailsService" class="br.com.fiorilli.servicosweb.springsecurity.service.ServicosWebCommonUserService"/>
    <b:bean id="siaUserDetailsService" class="br.com.fiorilli.servicosweb.springsecurity.service.ServicosWebSiaUserService"/>
    <b:bean id="itbiUserDetailsService" class="br.com.fiorilli.servicosweb.springsecurity.service.ServicosWebItbiUserService"/>
    <b:bean id="adminUserDetailsService" class="br.com.fiorilli.servicosweb.springsecurity.service.ServicosWebAdminUserService"/>
    <b:bean id="empresasUserDetailsService" class="br.com.fiorilli.servicosweb.springsecurity.service.ServicosWebEmpresasUserService"/>
    <b:bean id="dipamUserDetailsService" class="br.com.fiorilli.servicosweb.springsecurity.service.ServicosWebDipamUserService"/>
    
</b:beans>
