From 1e28a6741079973d728243c4494fea48902a80f8 Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Fri, 14 Mar 2008 12:14:27 +0000
Subject: [PATCH] SEC-706: Added sample app with LDAP configuration

---
 samples/ldap/pom.xml                          | 92 +++++++++++++++++++
 .../WEB-INF/applicationContext-security.xml   | 32 +++++++
 .../webapp/WEB-INF/classes/log4j.properties   | 20 ++++
 .../main/webapp/WEB-INF/classes/users.ldif    | 60 ++++++++++++
 samples/ldap/src/main/webapp/WEB-INF/web.xml  | 52 +++++++++++
 samples/ldap/src/main/webapp/index.jsp        | 11 +++
 .../src/main/webapp/secure/extreme/index.jsp  | 10 ++
 samples/ldap/src/main/webapp/secure/index.jsp | 15 +++
 8 files changed, 292 insertions(+)
 create mode 100644 samples/ldap/pom.xml
 create mode 100644 samples/ldap/src/main/webapp/WEB-INF/applicationContext-security.xml
 create mode 100644 samples/ldap/src/main/webapp/WEB-INF/classes/log4j.properties
 create mode 100644 samples/ldap/src/main/webapp/WEB-INF/classes/users.ldif
 create mode 100644 samples/ldap/src/main/webapp/WEB-INF/web.xml
 create mode 100644 samples/ldap/src/main/webapp/index.jsp
 create mode 100644 samples/ldap/src/main/webapp/secure/extreme/index.jsp
 create mode 100644 samples/ldap/src/main/webapp/secure/index.jsp

diff --git a/samples/ldap/pom.xml b/samples/ldap/pom.xml
new file mode 100644
index 0000000000..9a01aa8720
--- /dev/null
+++ b/samples/ldap/pom.xml
@@ -0,0 +1,92 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.springframework.security</groupId>
+        <artifactId>spring-security-samples</artifactId>
+        <version>2.0-SNAPSHOT</version>
+    </parent>
+    <groupId>org.springframework.security</groupId>
+    <artifactId>spring-security-samples-ldap</artifactId>
+    <name>Spring Security - Ldap Sample</name>
+    <packaging>war</packaging>
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core-tiger</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-webmvc</artifactId>
+	        <version>${spring.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-jdbc</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-aop</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-core</artifactId>
+            <version>1.0.2</version>
+            <scope>compile</scope>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-server-jndi</artifactId>
+            <version>1.0.2</version>
+            <scope>compile</scope>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
+            <version>1.4.3</version>
+            <scope>runtime</scope>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.ldap</groupId>
+            <artifactId>spring-ldap</artifactId>
+            <version>1.2.1</version>
+            <optional>true</optional>
+        </dependency>        
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>1.5</source>
+                    <target>1.5</target>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.mortbay.jetty</groupId>
+                <artifactId>maven-jetty-plugin</artifactId>
+                <version>6.1.7</version>
+                <configuration>
+                    <contextPath>/ldap</contextPath>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>
\ No newline at end of file
diff --git a/samples/ldap/src/main/webapp/WEB-INF/applicationContext-security.xml b/samples/ldap/src/main/webapp/WEB-INF/applicationContext-security.xml
new file mode 100644
index 0000000000..66c3569767
--- /dev/null
+++ b/samples/ldap/src/main/webapp/WEB-INF/applicationContext-security.xml
@@ -0,0 +1,32 @@
+<beans:beans xmlns="http://www.springframework.org/schema/security"
+    xmlns:beans="http://www.springframework.org/schema/beans"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
+    
+    <http>
+        <intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
+        <intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_REMEMBERED" />
+        <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
+
+        <form-login />
+        <anonymous />
+        <logout />
+    </http>
+
+    <!--
+        Usernames/Passwords are
+        rod/koala
+        dianne/emu
+        scott/wombat
+    -->
+        <ldap-server ldif="classpath:users.ldif" />
+
+        <ldap-authentication-provider 
+            group-search-filter="member={0}" 
+            group-search-base="ou=groups"
+            user-search-base="ou=people"
+            user-search-filter="uid={0}"
+        />
+
+</beans:beans>
\ No newline at end of file
diff --git a/samples/ldap/src/main/webapp/WEB-INF/classes/log4j.properties b/samples/ldap/src/main/webapp/WEB-INF/classes/log4j.properties
new file mode 100644
index 0000000000..511c3cf98f
--- /dev/null
+++ b/samples/ldap/src/main/webapp/WEB-INF/classes/log4j.properties
@@ -0,0 +1,20 @@
+# Global logging configuration
+log4j.rootLogger=INFO, stdout, fileout
+
+log4j.logger.org.springframework.security=DEBUG, stdout, fileout
+
+# Console output...
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.conversionPattern=[%p,%c{1},%t] %m%n
+
+# Rolling log file output...
+log4j.appender.fileout=org.apache.log4j.RollingFileAppender
+log4j.appender.fileout.File=spring-security-ldap.log
+#log4j.appender.fileout.File=${webapp.root}/WEB-INF/log4j.log
+log4j.appender.fileout.MaxFileSize=1024KB
+log4j.appender.fileout.MaxBackupIndex=1
+log4j.appender.fileout.layout=org.apache.log4j.PatternLayout
+log4j.appender.fileout.layout.conversionPattern=%d{ABSOLUTE} %5p %c{1},%t:%L - %m%n
+
+
diff --git a/samples/ldap/src/main/webapp/WEB-INF/classes/users.ldif b/samples/ldap/src/main/webapp/WEB-INF/classes/users.ldif
new file mode 100644
index 0000000000..0cf02e22ec
--- /dev/null
+++ b/samples/ldap/src/main/webapp/WEB-INF/classes/users.ldif
@@ -0,0 +1,60 @@
+dn: ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: groups
+
+dn: ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: people
+
+dn: uid=rod,ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: Rod Johnson
+sn: Johnson
+uid: rod
+userPassword: koala
+
+dn: uid=dianne,ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: Dianne Emu
+sn: Emu
+uid: dianne
+userPassword: emu
+
+dn: uid=scott,ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: Scott
+sn: Wombat
+uid: scott
+userPassword: wombat
+
+dn: cn=user,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: groupOfNames
+cn: user
+member: uid=rod,ou=people,dc=springframework,dc=org
+member: uid=dianne,ou=people,dc=springframework,dc=org
+member: uid=scott,ou=people,dc=springframework,dc=org
+
+dn: cn=teller,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: groupOfNames
+cn: teller
+member: uid=rod,ou=people,dc=springframework,dc=org
+member: dianne=rod,ou=people,dc=springframework,dc=org
+
+dn: cn=supervisor,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: groupOfNames
+cn: supervisor
+member: uid=rod,ou=people,dc=springframework,dc=org
diff --git a/samples/ldap/src/main/webapp/WEB-INF/web.xml b/samples/ldap/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 0000000000..7369c903d3
--- /dev/null
+++ b/samples/ldap/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  - Tutorial web application
+  -
+  - $Id: web.xml 2476 2008-01-18 18:17:09Z luke_t $
+  -->
+
+<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
+
+    <display-name>Spring Security Preauthentication Demo Application</display-name>
+
+    <!--
+	  - Location of the XML file that defines the root application context
+	  - Applied by ContextLoaderListener.
+	  -->
+	<context-param>
+		<param-name>contextConfigLocation</param-name>
+		<param-value>
+			/WEB-INF/applicationContext-security.xml
+		</param-value>
+	</context-param>
+
+    <filter>
+        <filter-name>springSecurityFilterChain</filter-name>
+        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+    </filter>
+
+    <filter-mapping>
+        <filter-name>springSecurityFilterChain</filter-name>
+      <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
+	<!--
+	  - Loads the root application context of this web app at startup.
+	  - The application context is then available via
+	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).
+    -->
+	<listener>
+		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+	</listener>
+
+	<!--
+	  - Publishes events for session creation and destruction through the application
+	  - context. Optional unless concurrent session control is being used.
+      -->
+    <listener>
+      <listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>
+    </listener>
+
+</web-app>
diff --git a/samples/ldap/src/main/webapp/index.jsp b/samples/ldap/src/main/webapp/index.jsp
new file mode 100644
index 0000000000..9f056599b6
--- /dev/null
+++ b/samples/ldap/src/main/webapp/index.jsp
@@ -0,0 +1,11 @@
+<html>
+<body>
+<h1>Home Page</h1>
+<p>Anyone can view this page.</p>
+
+<p>Your principal object is....: <%= request.getUserPrincipal() %></p>
+
+<p><a href="secure/index.jsp">Secure page</a></p>
+<p><a href="secure/extreme/index.jsp">Extremely secure page</a></p>
+</body>
+</html>
\ No newline at end of file
diff --git a/samples/ldap/src/main/webapp/secure/extreme/index.jsp b/samples/ldap/src/main/webapp/secure/extreme/index.jsp
new file mode 100644
index 0000000000..5cc73bb8b6
--- /dev/null
+++ b/samples/ldap/src/main/webapp/secure/extreme/index.jsp
@@ -0,0 +1,10 @@
+
+<html>
+<body>
+<h1>VERY Secure Page</h1>
+This is a protected page. You can only see me if you are a supervisor.
+
+<p><a href="../../">Home</a>
+<p><a href="../../j_spring_security_logout">Logout</a>
+</body>
+</html>
\ No newline at end of file
diff --git a/samples/ldap/src/main/webapp/secure/index.jsp b/samples/ldap/src/main/webapp/secure/index.jsp
new file mode 100644
index 0000000000..b774c40ed8
--- /dev/null
+++ b/samples/ldap/src/main/webapp/secure/index.jsp
@@ -0,0 +1,15 @@
+<html>
+<body>
+<h1>Secure Page</h1>
+This is a protected page. You can get to me if you've been remembered,
+or if you've authenticated this session.<br><br>
+
+<%if (request.isUserInRole("ROLE_SUPERVISOR")) { %>
+	You are a supervisor! You can therefore see the <a href="extreme/index.jsp">extremely secure page</a>.<br><br>
+<% } %>
+
+
+<p><a href="../">Home</a>
+<p><a href="../j_spring_security_logout">Logout</a>
+</body>
+</html>
\ No newline at end of file