mirror of
				https://github.com/spring-projects/spring-security.git
				synced 2025-10-26 12:18:43 +00:00 
			
		
		
		
	SEC-181: Remove acegifier application.
This commit is contained in:
		
							parent
							
								
									ea42164af2
								
							
						
					
					
						commit
						156965b370
					
				| @ -1 +0,0 @@ | |||||||
| target |  | ||||||
| @ -1,52 +0,0 @@ | |||||||
| <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |  | ||||||
|  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> |  | ||||||
|  <modelVersion>4.0.0</modelVersion> |  | ||||||
|  <groupId>org.acegisecurity</groupId> |  | ||||||
|  <artifactId>acegi-security-samples-acegifier</artifactId> |  | ||||||
|  <packaging>war</packaging> |  | ||||||
|  <name>acegi-security-samples-acegifier</name> |  | ||||||
|  <parent> |  | ||||||
|    <groupId>org.acegisecurity</groupId> |  | ||||||
|    <artifactId>acegi-security-samples</artifactId> |  | ||||||
|    <version>1.0.5-SNAPSHOT</version> |  | ||||||
|  </parent> |  | ||||||
|  <dependencies> |  | ||||||
|    <dependency> |  | ||||||
|      <groupId>org.acegisecurity</groupId> |  | ||||||
|      <artifactId>acegi-security</artifactId> |  | ||||||
|      <version>${pom.version}</version> |  | ||||||
|      <type>jar</type> |  | ||||||
|    </dependency> |  | ||||||
|    <dependency> |  | ||||||
|      <groupId>org.springframework</groupId> |  | ||||||
|      <artifactId>spring-webmvc</artifactId> |  | ||||||
|      <version>2.0.4</version> |  | ||||||
|      <type>jar</type> |  | ||||||
|    </dependency> |  | ||||||
|    <dependency> |  | ||||||
|      <groupId>javax.servlet</groupId> |  | ||||||
|      <artifactId>servlet-api</artifactId> |  | ||||||
|      <version>2.4</version> |  | ||||||
|      <scope>provided</scope> |  | ||||||
|    </dependency> |  | ||||||
|    <dependency> |  | ||||||
|      <groupId>dom4j</groupId> |  | ||||||
|      <artifactId>dom4j</artifactId> |  | ||||||
|      <version>1.6</version> |  | ||||||
|      <type>jar</type> |  | ||||||
|    </dependency> |  | ||||||
|    <dependency> |  | ||||||
|      <groupId>jaxen</groupId> |  | ||||||
|      <artifactId>jaxen</artifactId> |  | ||||||
|      <version>1.1-beta-8</version> |  | ||||||
|      <type>jar</type> |  | ||||||
|    </dependency> |  | ||||||
|    <dependency> |  | ||||||
|      <groupId>freemarker</groupId> |  | ||||||
|      <artifactId>freemarker</artifactId> |  | ||||||
|      <version>2.3.4</version> |  | ||||||
|      <type>jar</type> |  | ||||||
|    </dependency> |  | ||||||
|  </dependencies> |  | ||||||
| 
 |  | ||||||
| </project> |  | ||||||
| @ -1,45 +0,0 @@ | |||||||
| <?xml version="1.0" encoding="ISO-8859-1"?> |  | ||||||
| <project> |  | ||||||
|   <extend>${basedir}/../project.xml</extend> |  | ||||||
|   <pomVersion>3</pomVersion> |  | ||||||
|   <artifactId>acegi-security-sample-acegifier</artifactId> |  | ||||||
|   <name>Acegi Security System for Spring - Acegifier sample</name> |  | ||||||
|   <siteDirectory>/home/groups/a/ac/acegisecurity/htdocs/multiproject/acegi-security-sample-acegifier</siteDirectory> |  | ||||||
|   <repository> |  | ||||||
|     <connection>scm:svn:https://acegisecurity.svn.sourceforge.net/svnroot/acegisecurity/trunk/acegisecurity</connection> |  | ||||||
|     <developerConnection>scm:svn:https://acegisecurity.svn.sourceforge.net/svnroot/acegisecurity/trunk/acegisecurity</developerConnection> |  | ||||||
|     <url>http://acegisecurity.svn.sourceforge.net/viewcvs.cgi/acegisecurity/trunk/acegisecurity/samples/acegifier/</url> |  | ||||||
|   </repository> |  | ||||||
|   <dependencies> |  | ||||||
|     <dependency> |  | ||||||
|       <groupId>dom4j</groupId> |  | ||||||
|       <artifactId>dom4j</artifactId> |  | ||||||
|       <version>1.6</version> |  | ||||||
|       <type>jar</type> |  | ||||||
|       <url>http://www.dom4j.org</url> |  | ||||||
|       <properties> |  | ||||||
|         <war.bundle>true</war.bundle> |  | ||||||
|       </properties> |  | ||||||
|     </dependency> |  | ||||||
|     <dependency> |  | ||||||
|       <groupId>jaxen</groupId> |  | ||||||
|       <artifactId>jaxen</artifactId> |  | ||||||
|       <version>1.1-beta-8</version> |  | ||||||
|       <type>jar</type> |  | ||||||
|       <url>http://www.jaxen.org</url> |  | ||||||
|       <properties> |  | ||||||
|         <war.bundle>true</war.bundle> |  | ||||||
|       </properties> |  | ||||||
|     </dependency> |  | ||||||
|     <dependency> |  | ||||||
|       <groupId>freemarker</groupId> |  | ||||||
|       <artifactId>freemarker</artifactId> |  | ||||||
|       <version>2.3.4</version> |  | ||||||
|       <type>jar</type> |  | ||||||
|       <url>http://www.freemarker.org/</url> |  | ||||||
|       <properties> |  | ||||||
|         <war.bundle>true</war.bundle> |  | ||||||
|       </properties> |  | ||||||
|     </dependency> |  | ||||||
|   </dependencies> |  | ||||||
| </project> |  | ||||||
| @ -1,144 +0,0 @@ | |||||||
| package acegifier; |  | ||||||
| 
 |  | ||||||
| import java.io.IOException; |  | ||||||
| import java.io.InputStream; |  | ||||||
| import java.util.List; |  | ||||||
| 
 |  | ||||||
| import javax.xml.transform.Source; |  | ||||||
| import javax.xml.transform.Transformer; |  | ||||||
| import javax.xml.transform.TransformerConfigurationException; |  | ||||||
| import javax.xml.transform.TransformerException; |  | ||||||
| import javax.xml.transform.TransformerFactory; |  | ||||||
| import javax.xml.transform.stream.StreamSource; |  | ||||||
| 
 |  | ||||||
| import org.dom4j.Document; |  | ||||||
| import org.dom4j.DocumentException; |  | ||||||
| import org.dom4j.DocumentHelper; |  | ||||||
| import org.dom4j.Node; |  | ||||||
| import org.dom4j.io.DocumentResult; |  | ||||||
| import org.dom4j.io.DocumentSource; |  | ||||||
| import org.dom4j.io.SAXReader; |  | ||||||
| import org.springframework.core.io.ClassPathResource; |  | ||||||
| import org.springframework.util.Assert; |  | ||||||
| 
 |  | ||||||
| /** |  | ||||||
|  * A utility to translate a web.xml file into a set of acegi security spring beans. |  | ||||||
|  * |  | ||||||
|  * <p> |  | ||||||
|  * Also produces a new "acegified" web.xml file with the necessary filters installed |  | ||||||
|  * and the security elements defined by the servlet DTD removed. |  | ||||||
|  * |  | ||||||
|  * <p> |  | ||||||
|  * This class wraps the XSL transform which actually does most of the work. |  | ||||||
|  * </p> |  | ||||||
|  * |  | ||||||
|  * @author Luke Taylor |  | ||||||
|  * @version $Id$ |  | ||||||
|  */ |  | ||||||
| public class WebXmlConverter { |  | ||||||
|     private static final String WEB_TO_SPRING_XSL_FILE = "web-to-spring.xsl"; |  | ||||||
|     private static final String NEW_WEB_XSLT_FILE = "acegi-web.xsl"; |  | ||||||
| 
 |  | ||||||
|     private Transformer acegiSecurityTransformer, newWebXmlTransformer; |  | ||||||
| 
 |  | ||||||
|     /** |  | ||||||
|      * The name of the spring-beans file which the beans will be stored in. |  | ||||||
|      * This is required when writing the new web.xml content. |  | ||||||
|      */ |  | ||||||
|     private String acegiOutputFileName = "applicationContext-acegi-security.xml"; |  | ||||||
| 
 |  | ||||||
|     /** The web.xml content to be converted */ |  | ||||||
|     private Source xmlSource; |  | ||||||
|     /** The results of the conversion */ |  | ||||||
|     private Document newWebXml, acegiBeansXml; |  | ||||||
| 
 |  | ||||||
|     public WebXmlConverter() throws IOException, TransformerConfigurationException { |  | ||||||
|         TransformerFactory tf = TransformerFactory.newInstance(); |  | ||||||
|         Source source = createTransformerSource(WEB_TO_SPRING_XSL_FILE); |  | ||||||
|         System.out.println("1"); |  | ||||||
|         acegiSecurityTransformer = tf.newTransformer(source); |  | ||||||
|         System.out.println("2"); |  | ||||||
|         newWebXmlTransformer = tf.newTransformer(createTransformerSource(NEW_WEB_XSLT_FILE)); |  | ||||||
|         System.out.println("3"); |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     private Source createTransformerSource(String fileName) throws IOException { |  | ||||||
|         ClassPathResource resource = new ClassPathResource(fileName); |  | ||||||
|         Source source = new StreamSource(resource.getInputStream()); |  | ||||||
|         return source; |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     /** |  | ||||||
|      * Performs the transformations on the input source. |  | ||||||
|      * Creates new web.xml content and a set of acegi-security Spring beans which can be |  | ||||||
|      * accessed through the appropriate getter methods. |  | ||||||
|      */ |  | ||||||
|     public void doConversion() throws IOException, TransformerException { |  | ||||||
|         Assert.notNull(xmlSource, "The XML input must be set"); |  | ||||||
| 
 |  | ||||||
|         // Create the modified web.xml file |  | ||||||
|         newWebXmlTransformer.setParameter("acegi-security-context-file", acegiOutputFileName); |  | ||||||
| //        newWebXmlTransformer.setParameter("cas-proxy-url", "http://localhost:8433/cas/proxy"); |  | ||||||
|         DocumentResult result = new DocumentResult(); |  | ||||||
|         newWebXmlTransformer.transform(xmlSource, result); |  | ||||||
|         newWebXml = result.getDocument(); |  | ||||||
| 
 |  | ||||||
|         result = new DocumentResult(); |  | ||||||
|         acegiSecurityTransformer.transform(xmlSource, result); |  | ||||||
|         acegiBeansXml = result.getDocument(); |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     /** Set the input as an xml string */ |  | ||||||
|     public void setInput(String xml) throws DocumentException { |  | ||||||
|         setInput(DocumentHelper.parseText(xml)); |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     /** Set the input as a stream */ |  | ||||||
|     public void setInput(InputStream in) throws DocumentException { |  | ||||||
|         SAXReader reader = new SAXReader(); |  | ||||||
|         setInput(reader.read(in)); |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     /** set the input as a dom4j document */ |  | ||||||
|     public void setInput(Document document) throws DocumentException { |  | ||||||
|         validateWebXml(document); |  | ||||||
|         xmlSource = new DocumentSource(document); |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     /** Checks the web.xml to make sure it contains correct data */ |  | ||||||
|     private void validateWebXml(Document document) throws DocumentException { |  | ||||||
|         Node authMethodNode = |  | ||||||
|                 document.selectSingleNode("/web-app/login-config/auth-method"); |  | ||||||
|         if (authMethodNode == null) |  | ||||||
|             throw new DocumentException("login-config and auth-method must be present"); |  | ||||||
|         String authMethod =  authMethodNode.getStringValue().toUpperCase(); |  | ||||||
|         if (!authMethod.equals("BASIC") && !authMethod.equals("FORM")) { |  | ||||||
|             throw new DocumentException("unsupported auth-method: " + authMethod); |  | ||||||
|         } |  | ||||||
|         List roles = document.selectNodes("/web-app/security-role"); |  | ||||||
|         if (roles.isEmpty()) { |  | ||||||
|             throw new DocumentException("Each role used must be defined in a security-role element"); |  | ||||||
|         } |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     public String getAcegiOutputFileName() { |  | ||||||
|         return acegiOutputFileName; |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     public void setAcegiOutputFileName(String acegiOutputFileName) { |  | ||||||
|         this.acegiOutputFileName = acegiOutputFileName; |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     /** Returns the converted web.xml content */ |  | ||||||
|     public Document getNewWebXml() { |  | ||||||
|         return newWebXml; |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     /** |  | ||||||
|      * Returns the created spring-beans xml content which should be used in |  | ||||||
|      * the application context file. |  | ||||||
|      */ |  | ||||||
|     public Document getAcegiBeans() { |  | ||||||
|         return acegiBeansXml; |  | ||||||
|     } |  | ||||||
| } |  | ||||||
| @ -1,158 +0,0 @@ | |||||||
| /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited |  | ||||||
|  * |  | ||||||
|  * Licensed under the Apache License, Version 2.0 (the "License"); |  | ||||||
|  * you may not use this file except in compliance with the License. |  | ||||||
|  * You may obtain a copy of the License at |  | ||||||
|  * |  | ||||||
|  *     http://www.apache.org/licenses/LICENSE-2.0 |  | ||||||
|  * |  | ||||||
|  * Unless required by applicable law or agreed to in writing, software |  | ||||||
|  * distributed under the License is distributed on an "AS IS" BASIS, |  | ||||||
|  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |  | ||||||
|  * See the License for the specific language governing permissions and |  | ||||||
|  * limitations under the License. |  | ||||||
|  */ |  | ||||||
| 
 |  | ||||||
| package acegifier.web; |  | ||||||
| 
 |  | ||||||
| import acegifier.WebXmlConverter; |  | ||||||
| 
 |  | ||||||
| import org.acegisecurity.util.FilterChainProxy; |  | ||||||
| import org.acegisecurity.util.InMemoryResource; |  | ||||||
| 
 |  | ||||||
| import org.dom4j.Document; |  | ||||||
| import org.dom4j.DocumentException; |  | ||||||
| 
 |  | ||||||
| import org.dom4j.io.OutputFormat; |  | ||||||
| import org.dom4j.io.XMLWriter; |  | ||||||
| 
 |  | ||||||
| import org.springframework.beans.BeansException; |  | ||||||
| import org.springframework.beans.factory.support.DefaultListableBeanFactory; |  | ||||||
| import org.springframework.beans.factory.xml.XmlBeanDefinitionReader; |  | ||||||
| 
 |  | ||||||
| import org.springframework.validation.BindException; |  | ||||||
| import org.springframework.validation.Errors; |  | ||||||
| 
 |  | ||||||
| import org.springframework.web.servlet.ModelAndView; |  | ||||||
| import org.springframework.web.servlet.mvc.SimpleFormController; |  | ||||||
| 
 |  | ||||||
| import java.io.ByteArrayOutputStream; |  | ||||||
| import java.io.IOException; |  | ||||||
| 
 |  | ||||||
| import java.util.HashMap; |  | ||||||
| import java.util.Map; |  | ||||||
| 
 |  | ||||||
| import javax.servlet.http.HttpServletRequest; |  | ||||||
| import javax.servlet.http.HttpServletResponse; |  | ||||||
| 
 |  | ||||||
| import javax.xml.transform.TransformerException; |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| /** |  | ||||||
|  * Takes a submitted web.xml, applies the transformer to it and returns the resulting modified web.xml and |  | ||||||
|  * acegi-app-context.xml file contents. |  | ||||||
|  * |  | ||||||
|  * @author Luke Taylor |  | ||||||
|  * @version $Id$ |  | ||||||
|  */ |  | ||||||
| public class AcegifierController extends SimpleFormController { |  | ||||||
|     //~ Constructors =================================================================================================== |  | ||||||
| 
 |  | ||||||
|     public AcegifierController() {} |  | ||||||
| 
 |  | ||||||
|     //~ Methods ======================================================================================================== |  | ||||||
| 
 |  | ||||||
|     /** |  | ||||||
|      * Creates a BeanFactory from the spring beans XML document |  | ||||||
|      * |  | ||||||
|      * @param beans DOCUMENT ME! |  | ||||||
|      * |  | ||||||
|      * @return DOCUMENT ME! |  | ||||||
|      */ |  | ||||||
|     private DefaultListableBeanFactory createBeanFactory(Document beans) { |  | ||||||
|         DefaultListableBeanFactory bf = new DefaultListableBeanFactory(); |  | ||||||
|         XmlBeanDefinitionReader beanReader = new XmlBeanDefinitionReader(bf); |  | ||||||
|         beanReader.loadBeanDefinitions(new InMemoryResource(beans.asXML().getBytes())); |  | ||||||
| 
 |  | ||||||
|         return bf; |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     public ModelAndView onSubmit(HttpServletRequest request, HttpServletResponse response, Object command, |  | ||||||
|         BindException errors) throws Exception { |  | ||||||
|         AcegifierForm conversion = (AcegifierForm) command; |  | ||||||
|         WebXmlConverter converter = new WebXmlConverter(); |  | ||||||
|         int nBeans = 0; |  | ||||||
|         Document newWebXml = null; |  | ||||||
|         Document acegiBeans = null; |  | ||||||
| 
 |  | ||||||
|         try { |  | ||||||
|             converter.setInput(conversion.getWebXml()); |  | ||||||
|             converter.doConversion(); |  | ||||||
|             newWebXml = converter.getNewWebXml(); |  | ||||||
|             acegiBeans = converter.getAcegiBeans(); |  | ||||||
|             nBeans = validateAcegiBeans(conversion, acegiBeans, errors); |  | ||||||
|         } catch (DocumentException de) { |  | ||||||
|             errors.rejectValue("webXml", "webXmlDocError", "There was a problem with your web.xml: " + de.getMessage()); |  | ||||||
|         } catch (TransformerException te) { |  | ||||||
|             errors.rejectValue("webXml", "transFailure", |  | ||||||
|                 "There was an error during the XSL transformation: " + te.getMessage()); |  | ||||||
|         } |  | ||||||
| 
 |  | ||||||
|         if (errors.hasErrors()) { |  | ||||||
|             return showForm(request, response, errors); |  | ||||||
|         } |  | ||||||
| 
 |  | ||||||
|         Map model = new HashMap(); |  | ||||||
|         model.put("webXml", prettyPrint(newWebXml)); |  | ||||||
|         model.put("acegiBeansXml", prettyPrint(acegiBeans)); |  | ||||||
|         model.put("nBeans", new Integer(nBeans)); |  | ||||||
| 
 |  | ||||||
|         return new ModelAndView("acegificationResults", model); |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     /** |  | ||||||
|      * Creates a formatted XML string from the supplied document |  | ||||||
|      * |  | ||||||
|      * @param document DOCUMENT ME! |  | ||||||
|      * |  | ||||||
|      * @return DOCUMENT ME! |  | ||||||
|      * |  | ||||||
|      * @throws IOException DOCUMENT ME! |  | ||||||
|      */ |  | ||||||
|     private String prettyPrint(Document document) throws IOException { |  | ||||||
|         ByteArrayOutputStream output = new ByteArrayOutputStream(); |  | ||||||
|         OutputFormat format = OutputFormat.createPrettyPrint(); |  | ||||||
|         format.setTrimText(false); |  | ||||||
| 
 |  | ||||||
|         XMLWriter writer = new XMLWriter(output, format); |  | ||||||
|         writer.write(document); |  | ||||||
|         writer.flush(); |  | ||||||
|         writer.close(); |  | ||||||
| 
 |  | ||||||
|         return output.toString(); |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     /** |  | ||||||
|      * Validates the acegi beans, based on the input form data, and returns the number of spring beans defined |  | ||||||
|      * in the document. |  | ||||||
|      * |  | ||||||
|      * @param conversion DOCUMENT ME! |  | ||||||
|      * @param beans DOCUMENT ME! |  | ||||||
|      * @param errors DOCUMENT ME! |  | ||||||
|      * |  | ||||||
|      * @return DOCUMENT ME! |  | ||||||
|      */ |  | ||||||
|     private int validateAcegiBeans(AcegifierForm conversion, Document beans, Errors errors) { |  | ||||||
|         DefaultListableBeanFactory bf = createBeanFactory(beans); |  | ||||||
| 
 |  | ||||||
|         //TODO: actually do some proper validation! |  | ||||||
|         try { |  | ||||||
|             bf.getBean("filterChainProxy", FilterChainProxy.class); |  | ||||||
|         } catch (BeansException be) { |  | ||||||
|             errors.rejectValue("webXml", "beansInvalid", |  | ||||||
|                 "There was an error creating or accessing the bean factory " + be.getMessage()); |  | ||||||
|         } |  | ||||||
| 
 |  | ||||||
|         return bf.getBeanDefinitionCount(); |  | ||||||
|     } |  | ||||||
| } |  | ||||||
| @ -1,38 +0,0 @@ | |||||||
| /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited |  | ||||||
|  * |  | ||||||
|  * Licensed under the Apache License, Version 2.0 (the "License"); |  | ||||||
|  * you may not use this file except in compliance with the License. |  | ||||||
|  * You may obtain a copy of the License at |  | ||||||
|  * |  | ||||||
|  *     http://www.apache.org/licenses/LICENSE-2.0 |  | ||||||
|  * |  | ||||||
|  * Unless required by applicable law or agreed to in writing, software |  | ||||||
|  * distributed under the License is distributed on an "AS IS" BASIS, |  | ||||||
|  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |  | ||||||
|  * See the License for the specific language governing permissions and |  | ||||||
|  * limitations under the License. |  | ||||||
|  */ |  | ||||||
| 
 |  | ||||||
| package acegifier.web; |  | ||||||
| 
 |  | ||||||
| /** |  | ||||||
|  * Form backing object for the Acegifier controller. |  | ||||||
|  * |  | ||||||
|  * @author Luke Taylor |  | ||||||
|  * @version $Id$ |  | ||||||
|  */ |  | ||||||
| public class AcegifierForm { |  | ||||||
|     //~ Instance fields ================================================================================================ |  | ||||||
| 
 |  | ||||||
|     private String webXml; |  | ||||||
| 
 |  | ||||||
|     //~ Methods ======================================================================================================== |  | ||||||
| 
 |  | ||||||
|     public String getWebXml() { |  | ||||||
|         return webXml; |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     public void setWebXml(String webXml) { |  | ||||||
|         this.webXml = webXml; |  | ||||||
|     } |  | ||||||
| } |  | ||||||
| @ -1,118 +0,0 @@ | |||||||
| <?xml version="1.0" encoding="UTF-8"?> |  | ||||||
| 
 |  | ||||||
| <!--  |  | ||||||
|  | XSL Sheet used by the web.xml to acegi-security beans converter |  | ||||||
|  | to create the new acegified web.xml. |  | ||||||
|  | $Id$ |  | ||||||
|  --> |  | ||||||
| 
 |  | ||||||
| <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0"> |  | ||||||
| 
 |  | ||||||
| <!-- The CAS proxy url (left empty if not to be used) --> |  | ||||||
| <xsl:param name="cas-proxy-url"/> |  | ||||||
| <!-- The acegi context file name - used in the --> |  | ||||||
| <xsl:param name="acegi-security-context-file" select="'applicationContext-acegi-security.xml'"/> |  | ||||||
| 
 |  | ||||||
| <xsl:output doctype-public="-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" |  | ||||||
|         doctype-system="http://java.sun.com/dtd/web-app_2_3.dtd" |  | ||||||
|         indent="yes"/> |  | ||||||
| 
 |  | ||||||
| <!-- Identity template which we override for specific cases --> |  | ||||||
| <xsl:template match="@*|node()"> |  | ||||||
|     <xsl:copy> |  | ||||||
|         <xsl:apply-templates select="@*|node()"/> |  | ||||||
|     </xsl:copy> |  | ||||||
| </xsl:template> |  | ||||||
|      |  | ||||||
| <xsl:template match="web-app"> |  | ||||||
| <web-app> |  | ||||||
|     <xsl:apply-templates select="icon|display-name|description|distributable"/>   |  | ||||||
|     <xsl:apply-templates select="context-param"/> |  | ||||||
|     <xsl:call-template name="insert-spring-context-param"/> |  | ||||||
|     <xsl:if test="$cas-proxy-url"> |  | ||||||
| 	<!-- Required for CAS ProxyTicketReceptor servlet. This is the |  | ||||||
| 	     URL to CAS' "proxy" actuator, where a PGT and TargetService can |  | ||||||
| 	     be presented to obtain a new proxy ticket. THIS CAN BE |  | ||||||
| 	     REMOVED IF THE APPLICATION DOESN'T NEED TO ACT AS A PROXY --> |  | ||||||
|     <context-param> |  | ||||||
|         <param-name>edu.yale.its.tp.cas.proxyUrl</param-name> |  | ||||||
|         <param-value><xsl:value-of select="$cas-proxy-url"/></param-value> |  | ||||||
|     </context-param> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
|     </xsl:if> |  | ||||||
| 
 |  | ||||||
|     <filter> |  | ||||||
|         <filter-name>Acegi Filter Chain Proxy</filter-name> |  | ||||||
|         <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class> |  | ||||||
|         <init-param> |  | ||||||
|             <param-name>targetClass</param-name> |  | ||||||
|             <param-value>org.acegisecurity.util.FilterChainProxy</param-value> |  | ||||||
|         </init-param> |  | ||||||
|     </filter> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|     <xsl:apply-templates select="filter"/>    |  | ||||||
|      |  | ||||||
|   <filter-mapping> |  | ||||||
|     <filter-name>Acegi Filter Chain Proxy</filter-name> |  | ||||||
|     <url-pattern>/*</url-pattern> |  | ||||||
|   </filter-mapping> |  | ||||||
|   <xsl:text>

</xsl:text> |  | ||||||
|      |  | ||||||
|   <xsl:apply-templates select="filter-mapping"/> |  | ||||||
| 
 |  | ||||||
|   <!-- Only add a spring context loader listener if there isn't one there already --> |  | ||||||
|   <xsl:if test="not(./listener/listener-class[string()='org.springframework.web.context.ContextLoaderListener'])"> |  | ||||||
| 	<listener> |  | ||||||
| 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> |  | ||||||
| 	</listener> |  | ||||||
|   <xsl:text>

</xsl:text> |  | ||||||
|   </xsl:if> |  | ||||||
| 
 |  | ||||||
|   <xsl:apply-templates select="listener"/> |  | ||||||
|      |  | ||||||
|   <!-- Run any remaining non-security elements through the identity template --> |  | ||||||
|   <xsl:apply-templates select="servlet|servlet-mapping|session-config|mime-mapping|welcome-file-list|error-page|taglib|resource-env-ref|resource-ref|env-entry|ejb-ref|ejb-local-ref"/> |  | ||||||
|      |  | ||||||
| </web-app> |  | ||||||
| </xsl:template> |  | ||||||
| 
 |  | ||||||
| <!--  |  | ||||||
|  | Looks for the case where we have an existing Spring context and appends |  | ||||||
|  | the acegi file to the list of app. context files. Otherwise just copies the contents. |  | ||||||
|  --> |  | ||||||
| <xsl:template match="context-param"> |  | ||||||
|     <context-param> |  | ||||||
|     <xsl:choose> |  | ||||||
|         <xsl:when test="./param-name = 'contextConfigLocation'"> |  | ||||||
|             <param-name>contextConfigLocation</param-name> |  | ||||||
|             <param-value> |  | ||||||
|                 <xsl:value-of select="./param-value"/> |  | ||||||
|                 <xsl:value-of select="concat('    /WEB-INF/',$acegi-security-context-file)"/><xsl:text>
      </xsl:text>                 |  | ||||||
|             </param-value> |  | ||||||
|         </xsl:when> |  | ||||||
|         <xsl:otherwise> |  | ||||||
|             <xsl:apply-templates /> |  | ||||||
|         </xsl:otherwise> |  | ||||||
|     </xsl:choose> |  | ||||||
|     </context-param> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| </xsl:template> |  | ||||||
| 
 |  | ||||||
| <!--  |  | ||||||
|  | Inserts a Spring config location context-param if one doesn't already exist. |  | ||||||
|  | If there is one, do nothing as it will be handled by the context-param template above. |  | ||||||
|  -->  |  | ||||||
| <xsl:template name="insert-spring-context-param"> |  | ||||||
|     <xsl:if test="not(./context-param/param-name[string() = 'contextConfigLocation'])"> |  | ||||||
|     <context-param> |  | ||||||
|         <param-name>contextConfigLocation</param-name> |  | ||||||
|         <param-value> |  | ||||||
|             <xsl:value-of select="concat('/WEB-INF/',$acegi-security-context-file)"/><xsl:text>
</xsl:text> |  | ||||||
|         </param-value> |  | ||||||
|     </context-param> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
|     </xsl:if> |  | ||||||
| </xsl:template> |  | ||||||
|      |  | ||||||
| </xsl:stylesheet> |  | ||||||
| @ -1,302 +0,0 @@ | |||||||
| <?xml version="1.0" encoding="UTF-8"?> |  | ||||||
| 
 |  | ||||||
| <!--  |  | ||||||
|  | XSL Sheet used by the web.xml to acegi-security beans converter |  | ||||||
|  | $Id$ |  | ||||||
|  --> |  | ||||||
| 
 |  | ||||||
| <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0"> |  | ||||||
| 
 |  | ||||||
| <xsl:output doctype-public="-//SPRING//DTD BEAN//EN" |  | ||||||
|             doctype-system="http://www.springframework.org/dtd/spring-beans.dtd" |  | ||||||
|             indent="no"/> |  | ||||||
| 
 |  | ||||||
| <!-- Variables for case conversions --> |  | ||||||
| <xsl:variable name="lowercase" select="'abcdefghijklmnopqrstuvwxyz'"/> |  | ||||||
| <xsl:variable name="uppercase" select="'ABCDEFGHIJKLMNOPQRSTUVWXYZ'"/>     |  | ||||||
| 
 |  | ||||||
| <xsl:variable name="welcome-files" select="web-app/welcome-file-list/welcome-file"/> |  | ||||||
| 
 |  | ||||||
| <!-- Convert the auth-method content to upper case --> |  | ||||||
| <xsl:variable name="auth-method" select="translate(string(web-app/login-config/auth-method), $lowercase, $uppercase)"/> |  | ||||||
| 
 |  | ||||||
| <!--  |  | ||||||
|  | Find the security-role elements in the file and uses them to build a list of  |  | ||||||
|  | all defined roles. |  | ||||||
|  --> |  | ||||||
| <xsl:variable name="all-roles"> |  | ||||||
|     <xsl:for-each select="web-app/security-role/role-name"> |  | ||||||
|         <xsl:text>ROLE_</xsl:text> |  | ||||||
|         <xsl:value-of select="translate(string(), $lowercase, $uppercase)"/>            |  | ||||||
|         <xsl:if test="position() != last()">,</xsl:if> |  | ||||||
|     </xsl:for-each>     |  | ||||||
| </xsl:variable> |  | ||||||
| 
 |  | ||||||
| <!--  |  | ||||||
|  | The list of filters for use in filterToBeanProxy  |  | ||||||
|  --> |  | ||||||
| <xsl:variable name="filter-list"> |  | ||||||
| <xsl:text>/**=httpSessionContextIntegrationFilter</xsl:text> |  | ||||||
| <xsl:choose> |  | ||||||
|     <xsl:when test="$auth-method = 'FORM'"> |  | ||||||
|         <xsl:text>,authenticationProcessingFilter</xsl:text> |  | ||||||
|     </xsl:when> |  | ||||||
|     <xsl:when test="$auth-method = 'BASIC'"> |  | ||||||
|         <xsl:text>,basicProcessingFilter</xsl:text> |  | ||||||
|     </xsl:when> |  | ||||||
|     <xsl:otherwise> |  | ||||||
|         <xsl:message terminate="yes">Unsupported auth-method in web.xml, must be FORM or BASIC</xsl:message> |  | ||||||
|     </xsl:otherwise> |  | ||||||
| </xsl:choose> |  | ||||||
| <xsl:text>,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor</xsl:text> |  | ||||||
| </xsl:variable> |  | ||||||
|      |  | ||||||
| <!--  |  | ||||||
|  | The main template (where the processing work starts) |  | ||||||
|  -->     |  | ||||||
| <xsl:template match = "web-app"> |  | ||||||
| 
 |  | ||||||
| <beans> |  | ||||||
|     <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource"> |  | ||||||
|       <property name="basename"><value>messages</value></property> |  | ||||||
|     </bean> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
|     <xsl:call-template name="filter-to-bean-proxy"/> |  | ||||||
|     <xsl:call-template name="authentication-beans"/> |  | ||||||
|     <xsl:apply-templates select="./login-config"/> |  | ||||||
|     <xsl:call-template name="filter-invocation-interceptor"/> |  | ||||||
| </beans> |  | ||||||
| </xsl:template> |  | ||||||
| 
 |  | ||||||
| <!-- |  | ||||||
|  | Mainly static set of beans. The InMemoryDaoImpl instance is created with a single user |  | ||||||
|  | called "superuser" who has all the defined roles in the web.xml file. |  | ||||||
|  -->    |  | ||||||
| <xsl:template name="authentication-beans"> |  | ||||||
|     <xsl:comment>======================== AUTHENTICATION =======================</xsl:comment> |  | ||||||
|      |  | ||||||
|     <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> |  | ||||||
|       <property name="messageSource"><ref local="messageSource"/></property> |  | ||||||
|       <property name="providers"> |  | ||||||
|          <list> |  | ||||||
|             <ref local="daoAuthenticationProvider"/> |  | ||||||
|             <ref local="anonymousAuthenticationProvider"/> |  | ||||||
|              <ref local="rememberMeAuthenticationProvider"/> |  | ||||||
|          </list> |  | ||||||
|       </property> |  | ||||||
|     </bean> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
|     <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> |  | ||||||
|       <property name="messageSource"><ref local="messageSource"/></property> |  | ||||||
|       <property name="userDetailsService"><ref local="inMemoryDaoImpl"/></property> |  | ||||||
|       <!-- property name="userCache"><ref local="userCache"/></property--> |  | ||||||
|     </bean> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|     <bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> |  | ||||||
|         <property name="userMap"> |  | ||||||
|             <value>     |  | ||||||
|         superuser=password,<xsl:value-of select="$all-roles"/> |  | ||||||
|             <xsl:text>
      </xsl:text> |  | ||||||
|             </value> |  | ||||||
|         </property> |  | ||||||
|     </bean> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|     <bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"> |  | ||||||
|       <property name="key"><value>foobar</value></property> |  | ||||||
|       <property name="userAttribute"><value>anonymousUser,ROLE_ANONYMOUS</value></property> |  | ||||||
|     </bean> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|     <bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> |  | ||||||
|       <property name="messageSource"><ref local="messageSource"/></property> |  | ||||||
|       <property name="key"><value>foobar</value></property> |  | ||||||
|     </bean> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|     <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|     <bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter"> |  | ||||||
|       <property name="rememberMeServices"><ref local="rememberMeServices"/></property> |  | ||||||
|     </bean> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|     <bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices"> |  | ||||||
|       <property name="userDetailsService"><ref local="inMemoryDaoImpl"/></property> |  | ||||||
|       <property name="key"><value>springRocks</value></property> |  | ||||||
|     </bean> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|     <bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> |  | ||||||
|       <property name="messageSource"><ref local="messageSource"/></property> |  | ||||||
|       <property name="key"><value>springRocks</value></property> |  | ||||||
|     </bean> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| </xsl:template> |  | ||||||
| 
 |  | ||||||
| <!--  |  | ||||||
|  | Processes the login-config definition and inserts the ExceptionTranslationFilter with  |  | ||||||
|  | the appropriate beans for either form or basic authentication. |  | ||||||
|  --> |  | ||||||
| <xsl:template match="login-config"> |  | ||||||
| 
 |  | ||||||
|    <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> |  | ||||||
|       <property name="authenticationEntryPoint"> |  | ||||||
|     <xsl:choose> |  | ||||||
|         <xsl:when test="$auth-method = 'FORM'"> |  | ||||||
|       <ref local="authenticationProcessingFilterEntryPoint"/> |  | ||||||
|         </xsl:when> |  | ||||||
|         <xsl:when test="$auth-method = 'BASIC'"> |  | ||||||
|       <ref local="basicProcessingFilterEntryPoint"/>               |  | ||||||
|         </xsl:when> |  | ||||||
|     </xsl:choose> |  | ||||||
|       </property> |  | ||||||
|    </bean> |  | ||||||
|    <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|     <xsl:choose> |  | ||||||
|         <xsl:when test="$auth-method = 'FORM'"> |  | ||||||
|             <xsl:call-template name="form-login"/> |  | ||||||
|         </xsl:when> |  | ||||||
|         <xsl:when test="$auth-method = 'BASIC'"> |  | ||||||
|    <bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter"> |  | ||||||
|       <property name="authenticationManager"><ref local="authenticationManager"/></property> |  | ||||||
|       <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property> |  | ||||||
|    </bean> |  | ||||||
|    <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|    <bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint"> |  | ||||||
|       <property name="realmName"><value>Your Realm</value></property> |  | ||||||
|    </bean> |  | ||||||
|    <xsl:text>

</xsl:text> |  | ||||||
|         </xsl:when> |  | ||||||
|     </xsl:choose> |  | ||||||
|              |  | ||||||
| </xsl:template> |  | ||||||
| 
 |  | ||||||
| <!--  |  | ||||||
|  |   Converts a form login configuration to an Acegi AuthenticationProcessingFilter and its entry point. |  | ||||||
|  |   The content of the form-login-page element is used for the loginFormUrl property of the entry point  |  | ||||||
|  |   and the form-error-page is used for the authenticationFailureUrl property of the filter. |  | ||||||
|  |    |  | ||||||
|  |   The user must manually change the form Url to "j_acegi_security_check" in their login page. |  | ||||||
|  --> |  | ||||||
| <xsl:template name="form-login"> |  | ||||||
|   <xsl:comment>Make sure that these properties match your setup. In particular, remember to switch your login |  | ||||||
|   form action from "j_security_check" to "j_acegi_security_check" |  | ||||||
|   </xsl:comment> |  | ||||||
|   <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> |  | ||||||
|     <property name="authenticationManager"><ref bean="authenticationManager"/></property> |  | ||||||
|     <property name="authenticationFailureUrl"><value><xsl:value-of select="form-login-config/form-error-page"/></value></property> |  | ||||||
|     <property name="defaultTargetUrl"><value>/</value></property> |  | ||||||
|     <property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property> |  | ||||||
|     <property name="rememberMeServices"><ref local="rememberMeServices"/></property> |  | ||||||
|   </bean> |  | ||||||
|   <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
|   <bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> |  | ||||||
|     <property name="loginFormUrl"><value><xsl:value-of select="form-login-config/form-login-page"/></value></property> |  | ||||||
|     <property name="forceHttps"><value>false</value></property> |  | ||||||
|   </bean> |  | ||||||
|   <xsl:text>

</xsl:text> |  | ||||||
| </xsl:template> |  | ||||||
| 
 |  | ||||||
| <!-- |  | ||||||
|  | Outputs a standard filterToBeanProxy bean. |  | ||||||
|  --> |  | ||||||
| <xsl:template name="filter-to-bean-proxy"> |  | ||||||
|   <xsl:comment>======================== FILTER CHAIN =======================</xsl:comment> |  | ||||||
| 
 |  | ||||||
| 	<xsl:comment>if you wish to use channel security, add "channelProcessingFilter," in front |  | ||||||
| 	      of "httpSessionContextIntegrationFilter" in the list below</xsl:comment> |  | ||||||
| 	<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> |  | ||||||
|     <property name="filterInvocationDefinitionSource"> |  | ||||||
|        <value> |  | ||||||
|         CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON |  | ||||||
|         PATTERN_TYPE_APACHE_ANT |  | ||||||
|         <xsl:value-of select="$filter-list"/> |  | ||||||
|         <xsl:text>
      </xsl:text> |  | ||||||
|        </value> |  | ||||||
|     </property> |  | ||||||
| 	</bean> |  | ||||||
|   <xsl:text>

</xsl:text> |  | ||||||
| 
 |  | ||||||
| </xsl:template> |  | ||||||
|      |  | ||||||
| <xsl:template name="filter-invocation-interceptor"> |  | ||||||
|   <bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> |  | ||||||
|     <property name="messageSource"><ref local="messageSource"/></property> |  | ||||||
|     <property name="allowIfAllAbstainDecisions"><value>false</value></property> |  | ||||||
|     <property name="decisionVoters"> |  | ||||||
|       <list> |  | ||||||
|         <ref bean="roleVoter"/> |  | ||||||
|       </list> |  | ||||||
|     </property> |  | ||||||
|   </bean> |  | ||||||
|   <xsl:text>

</xsl:text> |  | ||||||
|   <xsl:comment>An access decision voter that reads ROLE_* configuration settings</xsl:comment> |  | ||||||
|   <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>             |  | ||||||
|   <xsl:text>

</xsl:text> |  | ||||||
|      |  | ||||||
|     <xsl:comment>  |  | ||||||
|        Note the order that entries are placed against the objectDefinitionSource is critical. |  | ||||||
|        The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL. |  | ||||||
|        Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last. |  | ||||||
|        We also include ROLE_ANONYMOUS (the anonymous role) for web.xml role-names of "*". This is obviously different from the |  | ||||||
|        original intention but there isn't a direct mapping to the acegi way of doing things. You should modify the permissions as required, |  | ||||||
|        removing anonymous access where necessary. |  | ||||||
|     </xsl:comment> |  | ||||||
|   <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> |  | ||||||
|     <property name="messageSource"><ref local="messageSource"/></property> |  | ||||||
|     <property name="authenticationManager"><ref bean="authenticationManager"/></property> |  | ||||||
|     <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property> |  | ||||||
|     <property name="objectDefinitionSource"> |  | ||||||
|       <value> |  | ||||||
|           <xsl:text>
        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON</xsl:text> |  | ||||||
|           <xsl:text>
        PATTERN_TYPE_APACHE_ANT</xsl:text> |  | ||||||
|           <xsl:apply-templates select="security-constraint"/> |  | ||||||
|           <xsl:text>
        /*=ROLE_ANONYMOUS</xsl:text> <!-- by default allow anonymous access to top level urls -->  |  | ||||||
|           <xsl:text>
      </xsl:text> |  | ||||||
|         </value> |  | ||||||
|       </property> |  | ||||||
|     </bean> |  | ||||||
|     <xsl:text>

</xsl:text> |  | ||||||
| </xsl:template> |  | ||||||
|      |  | ||||||
| <!-- |  | ||||||
|  | Converts a security-constraint (a url-pattern and the associated role-name elements) |  | ||||||
|  | to the form |  | ||||||
|  |     antUrlPattern=list of allowed roles |  | ||||||
|  | Roles are converted to upper case and have the "ROLE_" prefix appended. |  | ||||||
|  | |  | ||||||
|  | In the case of role-name='*', signifying "any authenticated role", the complete list of roles |  | ||||||
|  | defined in the web.xml file is used along with the anonymous role - so *unauthenticated* users can |  | ||||||
|  | access the url. |  | ||||||
|  | |  | ||||||
|  | URLs which end in a wild card, will be converted to end in the recursive path version '**', |  | ||||||
|  | e.g. /private/* becomes /private/** |  | ||||||
|  --> |  | ||||||
| <xsl:template match="security-constraint"> |  | ||||||
|     <xsl:variable name="url" select="web-resource-collection/url-pattern"/> |  | ||||||
|     <xsl:text>
        </xsl:text> |  | ||||||
|     <xsl:value-of select="$url"/> |  | ||||||
|     <xsl:if test="substring($url, string-length($url)) = '*'">*</xsl:if> |  | ||||||
|     <xsl:text>=</xsl:text> |  | ||||||
|     <xsl:for-each select="./auth-constraint/role-name"> |  | ||||||
|         <xsl:choose> |  | ||||||
|             <xsl:when test="string() = '*'"> |  | ||||||
|                 <xsl:text>ROLE_ANONYMOUS,</xsl:text> |  | ||||||
|                 <xsl:value-of select="$all-roles"/> |  | ||||||
|             </xsl:when> |  | ||||||
|             <xsl:otherwise> |  | ||||||
|                 <xsl:text>ROLE_</xsl:text> |  | ||||||
|                 <xsl:value-of select="translate(string(), $lowercase, $uppercase)"/> |  | ||||||
|             </xsl:otherwise> |  | ||||||
|         </xsl:choose> |  | ||||||
|         <xsl:if test="position() != last()">,</xsl:if> |  | ||||||
|     </xsl:for-each> |  | ||||||
| </xsl:template> |  | ||||||
| 
 |  | ||||||
| </xsl:stylesheet> |  | ||||||
| @ -1,56 +0,0 @@ | |||||||
| <?xml version="1.0" encoding="UTF-8"?> |  | ||||||
| <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> |  | ||||||
| 
 |  | ||||||
| <!-- |  | ||||||
|  | Spring web setup for the acegifier. |  | ||||||
|  | |  | ||||||
|  | $Id$ |  | ||||||
|  --> |  | ||||||
| 
 |  | ||||||
| <beans> |  | ||||||
|     <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource"> |  | ||||||
|       <property name="basename"><value>messages</value></property> |  | ||||||
|     </bean> |  | ||||||
| 
 |  | ||||||
|     <bean id="conversionController" class="acegifier.web.AcegifierController"> |  | ||||||
|         <property name="formView" value="acegificationForm" /> |  | ||||||
|         <property name="commandClass" value="acegifier.web.AcegifierForm"/> |  | ||||||
|     </bean> |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
|     <bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"> |  | ||||||
|         <property name="mappings"> |  | ||||||
|             <props> |  | ||||||
|                 <prop key="/convert.htm">conversionController</prop> |  | ||||||
| 			</props> |  | ||||||
|         </property> |  | ||||||
|     </bean> |  | ||||||
| <!-- |  | ||||||
| 	<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver"> |  | ||||||
| 		<property name="prefix"><value>/WEB-INF/jsp/</value></property> |  | ||||||
| 		<property name="suffix"><value>.jsp</value></property> |  | ||||||
| 	</bean> |  | ||||||
|  -->        |  | ||||||
|     <bean |  | ||||||
|       id="freemarkerConfig" |  | ||||||
|       class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer"> |  | ||||||
|       <property name="templateLoaderPath"><value>/WEB-INF/freemarker/</value></property> |  | ||||||
|       <property name="freemarkerVariables"> |  | ||||||
|         <map> |  | ||||||
|           <entry key="xml_escape"><ref local="fmXmlEscape"/></entry> |  | ||||||
|         </map> |  | ||||||
|       </property> |  | ||||||
|     </bean> |  | ||||||
| 
 |  | ||||||
|     <bean id="fmXmlEscape" class="freemarker.template.utility.XmlEscape"/> |  | ||||||
| 
 |  | ||||||
|     <bean |  | ||||||
|       id="viewResolver" |  | ||||||
|       class="org.springframework.web.servlet.view.freemarker.FreeMarkerViewResolver"> |  | ||||||
|       <property name="exposeSpringMacroHelpers"><value>true</value></property>         |  | ||||||
|       <property name="cache"><value>true</value></property> |  | ||||||
|       <property name="prefix"><value></value></property> |  | ||||||
|       <property name="suffix"><value>.ftl</value></property> |  | ||||||
|     </bean> |  | ||||||
| 
 |  | ||||||
| </beans> |  | ||||||
| @ -1,7 +0,0 @@ | |||||||
| <?xml version="1.0" encoding="UTF-8"?> |  | ||||||
| <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> |  | ||||||
| 
 |  | ||||||
| <beans> |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| </beans> |  | ||||||
| @ -1,20 +0,0 @@ | |||||||
| 
 |  | ||||||
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |  | ||||||
| 
 |  | ||||||
| <#import "spring.ftl" as spring /> |  | ||||||
| 
 |  | ||||||
| <html> |  | ||||||
|   <head> |  | ||||||
|     <title>Acegi Security Web.xml Converter</title> |  | ||||||
|   </head> |  | ||||||
|   <body> |  | ||||||
|      <form method="POST"> |  | ||||||
|          <@spring.bind "command.webXml" /> |  | ||||||
|          <textarea name="webXml" rows="40" cols="80">${spring.status.value?default("Paste your web.xml here.")}</textarea> |  | ||||||
|          <br /> |  | ||||||
|          <@spring.showErrors "<br />"/> |  | ||||||
|          <input type="submit" value="Convert"/> |  | ||||||
|      </form> |  | ||||||
| 
 |  | ||||||
|   </body> |  | ||||||
| </html> |  | ||||||
| @ -1,39 +0,0 @@ | |||||||
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |  | ||||||
| 
 |  | ||||||
| <html> |  | ||||||
| <head> |  | ||||||
| <title>Acegi Security Web.xml Converter</title> |  | ||||||
| </head> |  | ||||||
| <body> |  | ||||||
| 
 |  | ||||||
| <p>Congratulations! Your web.xml file has been "Acegified" successfully.</p> |  | ||||||
| 
 |  | ||||||
| <h2>Web.xml</h2> |  | ||||||
| <p> |  | ||||||
| This is the converted web.xml file which you should use in your Acegi-Secured |  | ||||||
| Spring application. It should contain the mechanism for loading the Spring application |  | ||||||
| context file which defines your security configuration as well as the |  | ||||||
| necessary filters to apply this configuration. |  | ||||||
| </p> |  | ||||||
| 
 |  | ||||||
| <pre> |  | ||||||
| ${webXml?xml} |  | ||||||
| </pre> |  | ||||||
| 
 |  | ||||||
| <h2>Acegi Security Beans</h2> |  | ||||||
| <p> |  | ||||||
| This is the file which defines your security configuration (a standard Spring |  | ||||||
| application context file). It should be named "applicationContext-acegi-security.xml" |  | ||||||
| and placed in your WEB-INF directory. |  | ||||||
| </p> |  | ||||||
| 
 |  | ||||||
| <pre> |  | ||||||
| ${acegiBeansXml?xml} |  | ||||||
| </pre> |  | ||||||
| 
 |  | ||||||
| <p>Note that these files may require some manual changes before they work as expected and are |  | ||||||
| intended as a guide only :).</p> |  | ||||||
| 
 |  | ||||||
| 
 |  | ||||||
| </body> |  | ||||||
| </html> |  | ||||||
| @ -1,51 +0,0 @@ | |||||||
| <?xml version="1.0" encoding="UTF-8"?> |  | ||||||
| 
 |  | ||||||
| <web-app version="2.4" |  | ||||||
|          xmlns="http://java.sun.com/xml/ns/j2ee" |  | ||||||
|          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |  | ||||||
|          xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" > |  | ||||||
|   <display-name>Acegifier Application</display-name> |  | ||||||
| 
 |  | ||||||
| 	<context-param> |  | ||||||
| 		<param-name>contextConfigLocation</param-name> |  | ||||||
| 		<param-value> |  | ||||||
| 			/WEB-INF/applicationContext.xml |  | ||||||
| 		</param-value> |  | ||||||
| 	</context-param> |  | ||||||
| 
 |  | ||||||
| <!-- |  | ||||||
| 	<context-param> |  | ||||||
| 		<param-name>log4jConfigLocation</param-name> |  | ||||||
| 		<param-value>/WEB-INF/classes/log4j.properties</param-value> |  | ||||||
| 	</context-param> |  | ||||||
| --> |  | ||||||
| 
 |  | ||||||
|     <welcome-file-list> |  | ||||||
|         <welcome-file>/convert.htm</welcome-file> |  | ||||||
|     </welcome-file-list>     |  | ||||||
| 
 |  | ||||||
| 	<listener> |  | ||||||
| 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> |  | ||||||
| 	</listener> |  | ||||||
| 
 |  | ||||||
| 	<listener> |  | ||||||
| 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> |  | ||||||
| 	</listener> |  | ||||||
| <!-- |  | ||||||
|     <listener> |  | ||||||
| 		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class> |  | ||||||
| 	</listener> |  | ||||||
| 	--> |  | ||||||
| 
 |  | ||||||
| 	<servlet> |  | ||||||
| 		<servlet-name>acegifier</servlet-name> |  | ||||||
| 		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> |  | ||||||
| 		<load-on-startup>1</load-on-startup> |  | ||||||
| 	</servlet> |  | ||||||
| 
 |  | ||||||
| 	<servlet-mapping> |  | ||||||
|     	<servlet-name>acegifier</servlet-name> |  | ||||||
|     	<url-pattern>*.htm</url-pattern> |  | ||||||
|  	</servlet-mapping> |  | ||||||
| 
 |  | ||||||
| </web-app> |  | ||||||
| @ -1,102 +0,0 @@ | |||||||
| /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited |  | ||||||
|  * |  | ||||||
|  * Licensed under the Apache License, Version 2.0 (the "License"); |  | ||||||
|  * you may not use this file except in compliance with the License. |  | ||||||
|  * You may obtain a copy of the License at |  | ||||||
|  * |  | ||||||
|  *     http://www.apache.org/licenses/LICENSE-2.0 |  | ||||||
|  * |  | ||||||
|  * Unless required by applicable law or agreed to in writing, software |  | ||||||
|  * distributed under the License is distributed on an "AS IS" BASIS, |  | ||||||
|  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |  | ||||||
|  * See the License for the specific language governing permissions and |  | ||||||
|  * limitations under the License. |  | ||||||
|  */ |  | ||||||
| 
 |  | ||||||
| package acegifier; |  | ||||||
| 
 |  | ||||||
| import java.io.ByteArrayOutputStream; |  | ||||||
| import java.io.IOException; |  | ||||||
| 
 |  | ||||||
| import junit.framework.TestCase; |  | ||||||
| 
 |  | ||||||
| import org.dom4j.Document; |  | ||||||
| import org.dom4j.io.OutputFormat; |  | ||||||
| import org.dom4j.io.XMLWriter; |  | ||||||
| 
 |  | ||||||
| /** |  | ||||||
|  * Tests the WebXmlConverter by applying it to a sample web.xml file. |  | ||||||
|  * |  | ||||||
|  * @author Luke Taylor |  | ||||||
|  * @version $Id$ |  | ||||||
|  */ |  | ||||||
| public class WebXmlConverterTests extends TestCase { |  | ||||||
| 
 |  | ||||||
|     private static final String XML_TRANSFORMER = "javax.xml.transform.TransformerFactory"; |  | ||||||
| 
 |  | ||||||
|     public void testFileConversion() throws Exception { |  | ||||||
|         /* |  | ||||||
| 
 |  | ||||||
|         THIS TEST HAS BEEN DISABLED AS IT BREAKS THE BUILD (see SEC-181 for details) |  | ||||||
| 
 |  | ||||||
|         WebXmlConverter converter; |  | ||||||
|         try { |  | ||||||
|             converter = new WebXmlConverter(); |  | ||||||
|         } catch (Exception e) { |  | ||||||
|             // TODO: Something went wrong, set transforer manually and retry... |  | ||||||
|             System.out.println("**** WARNING: NEEDING TO FALLBACK TO A MANUAL SYSTEM PROPERTY ****"); |  | ||||||
|             System.setProperty(XML_TRANSFORMER, "com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl"); |  | ||||||
|             System.out.println(XML_TRANSFORMER + ": " + System.getProperty(XML_TRANSFORMER)); |  | ||||||
|             converter = new WebXmlConverter(); |  | ||||||
|         } |  | ||||||
| 
 |  | ||||||
|         Resource r = new ClassPathResource("test-web.xml"); |  | ||||||
|         converter.setInput(r.getInputStream()); |  | ||||||
|         converter.doConversion(); |  | ||||||
| 
 |  | ||||||
|         DefaultListableBeanFactory bf = new DefaultListableBeanFactory(); |  | ||||||
|         XmlBeanDefinitionReader beanReader = new XmlBeanDefinitionReader(bf); |  | ||||||
| 
 |  | ||||||
|         beanReader.loadBeanDefinitions( |  | ||||||
|                 new InMemoryResource(converter.getAcegiBeans().asXML().getBytes())); |  | ||||||
|         assertNotNull(bf.getBean("filterChainProxy")); |  | ||||||
| 
 |  | ||||||
|         ProviderManager pm = (ProviderManager) bf.getBean("authenticationManager"); |  | ||||||
|         assertNotNull(pm); |  | ||||||
|         assertEquals(3, pm.getProviders().size()); |  | ||||||
| 
 |  | ||||||
|         DaoAuthenticationProvider dap = |  | ||||||
|                 (DaoAuthenticationProvider) bf.getBean("daoAuthenticationProvider"); |  | ||||||
|         assertNotNull(dap); |  | ||||||
| 
 |  | ||||||
|         InMemoryDaoImpl dao = (InMemoryDaoImpl) dap.getUserDetailsService(); |  | ||||||
|         UserDetails user = dao.loadUserByUsername("superuser"); |  | ||||||
|         assertEquals("password",user.getPassword()); |  | ||||||
|         assertEquals(2, user.getAuthorities().length); |  | ||||||
|         assertNotNull(bf.getBean("anonymousProcessingFilter")); |  | ||||||
|         assertNotNull(bf.getBean("anonymousAuthenticationProvider")); |  | ||||||
|         assertNotNull(bf.getBean("httpSessionContextIntegrationFilter")); |  | ||||||
|         assertNotNull(bf.getBean("rememberMeProcessingFilter")); |  | ||||||
|         assertNotNull(bf.getBean("rememberMeAuthenticationProvider")); |  | ||||||
| 
 |  | ||||||
|         ExceptionTranslationFilter etf = |  | ||||||
|                 (ExceptionTranslationFilter) bf.getBean("exceptionTranslationFilter"); |  | ||||||
|         assertNotNull(etf); |  | ||||||
|         assertNotNull(etf.getAuthenticationEntryPoint()); |  | ||||||
|         System.out.println(prettyPrint(converter.getNewWebXml())); |  | ||||||
|         System.out.println(prettyPrint(converter.getAcegiBeans())); |  | ||||||
|         */ |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     private String prettyPrint(Document document) throws IOException { |  | ||||||
|         ByteArrayOutputStream output = new ByteArrayOutputStream(); |  | ||||||
|         OutputFormat format = OutputFormat.createPrettyPrint(); |  | ||||||
|         format.setNewlines(true); |  | ||||||
|         format.setTrimText(false); |  | ||||||
|         XMLWriter writer = new XMLWriter(output, format); |  | ||||||
|         writer.write(document); |  | ||||||
|         writer.flush(); |  | ||||||
|         writer.close(); |  | ||||||
|         return output.toString(); |  | ||||||
|     } |  | ||||||
| } |  | ||||||
| @ -1,108 +0,0 @@ | |||||||
| <?xml version="1.0" encoding="UTF-8"?> |  | ||||||
| <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> |  | ||||||
| 
 |  | ||||||
| <web-app> |  | ||||||
|   <display-name>Contacts Sample Application</display-name> |  | ||||||
| 
 |  | ||||||
|   <context-param> |  | ||||||
|     <param-name>contextConfigLocation</param-name> |  | ||||||
|     <param-value> |  | ||||||
|         /WEB-INF/applicationContext-common-business.xml |  | ||||||
|         /WEB-INF/applicationContext-common-authorization.xml |  | ||||||
|     </param-value> |  | ||||||
|   </context-param> |  | ||||||
| 
 |  | ||||||
|   <context-param> |  | ||||||
|     <param-name>log4jConfigLocation</param-name> |  | ||||||
|     <param-value>/WEB-INF/classes/log4j.properties</param-value> |  | ||||||
|   </context-param> |  | ||||||
| 
 |  | ||||||
|   <servlet> |  | ||||||
|     <servlet-name>contacts</servlet-name> |  | ||||||
|     <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> |  | ||||||
|     <load-on-startup>1</load-on-startup> |  | ||||||
|   </servlet> |  | ||||||
| 
 |  | ||||||
|   <listener> |  | ||||||
|     <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> |  | ||||||
|   </listener> |  | ||||||
| 
 |  | ||||||
|   <listener> |  | ||||||
|     <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class> |  | ||||||
|   </listener> |  | ||||||
|   <!-- |  | ||||||
|       The HttpSessionEventPublisher will publish |  | ||||||
|       HttpSessionCreatedEvent and HttpSessionDestroyedEvent |  | ||||||
|       to the WebApplicationContext |  | ||||||
|   --> |  | ||||||
|   <listener> |  | ||||||
|     <listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class> |  | ||||||
|   </listener> |  | ||||||
|   <!-- |  | ||||||
|   - Provides web services endpoint. See remoting-servlet.xml. |  | ||||||
|   --> |  | ||||||
|   <servlet> |  | ||||||
|     <servlet-name>remoting</servlet-name> |  | ||||||
|     <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> |  | ||||||
|     <load-on-startup>2</load-on-startup> |  | ||||||
|   </servlet> |  | ||||||
| 
 |  | ||||||
|   <servlet-mapping> |  | ||||||
|     <servlet-name>contacts</servlet-name> |  | ||||||
|     <url-pattern>*.htm</url-pattern> |  | ||||||
|   </servlet-mapping> |  | ||||||
| 
 |  | ||||||
|   <servlet-mapping> |  | ||||||
|     <servlet-name>remoting</servlet-name> |  | ||||||
|     <url-pattern>/remoting/*</url-pattern> |  | ||||||
|   </servlet-mapping> |  | ||||||
| 
 |  | ||||||
|   <welcome-file-list> |  | ||||||
|     <welcome-file>index.jsp</welcome-file> |  | ||||||
|   </welcome-file-list> |  | ||||||
| 
 |  | ||||||
|   <security-constraint> |  | ||||||
|     <web-resource-collection> |  | ||||||
|       <url-pattern>/index.jsp</url-pattern> |  | ||||||
|     </web-resource-collection> |  | ||||||
|     <auth-constraint> |  | ||||||
|       <role-name>*</role-name> |  | ||||||
|     </auth-constraint> |  | ||||||
|   </security-constraint> |  | ||||||
| 
 |  | ||||||
|   <security-constraint> |  | ||||||
|     <web-resource-collection> |  | ||||||
|       <url-pattern>/hello.htm</url-pattern> |  | ||||||
|     </web-resource-collection> |  | ||||||
|     <auth-constraint> |  | ||||||
|       <role-name>*</role-name> |  | ||||||
|     </auth-constraint> |  | ||||||
|   </security-constraint> |  | ||||||
| 
 |  | ||||||
|   <security-constraint> |  | ||||||
|     <web-resource-collection> |  | ||||||
|       <url-pattern>/logoff.jsp</url-pattern> |  | ||||||
|     </web-resource-collection> |  | ||||||
|     <auth-constraint> |  | ||||||
|       <role-name>*</role-name> |  | ||||||
|     </auth-constraint> |  | ||||||
|   </security-constraint> |  | ||||||
| 
 |  | ||||||
|   <login-config> |  | ||||||
|     <auth-method>form</auth-method> |  | ||||||
|     <form-login-config> |  | ||||||
|       <form-login-page>/acegilogin.jsp</form-login-page> |  | ||||||
|       <form-error-page>/acegilogin.jsp?login_error=1</form-error-page> |  | ||||||
|     </form-login-config> |  | ||||||
| 
 |  | ||||||
|   </login-config> |  | ||||||
| 
 |  | ||||||
|   <security-role> |  | ||||||
|     <role-name>user</role-name> |  | ||||||
|   </security-role> |  | ||||||
| 
 |  | ||||||
|   <security-role> |  | ||||||
|     <role-name>dummy</role-name> |  | ||||||
|   </security-role> |  | ||||||
| 
 |  | ||||||
| </web-app> |  | ||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user