SEC-724: Create portlet sample

http://jira.springframework.org/browse/SEC-724
This commit is contained in:
Luke Taylor 2008-03-19 17:58:07 +00:00
parent 030550a88e
commit f3a6f768ba
13 changed files with 452 additions and 0 deletions

113
samples/portlet/pom.xml Normal file
View File

@ -0,0 +1,113 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples</artifactId>
<version>2.0-SNAPSHOT</version>
</parent>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-samples-portlet</artifactId>
<name>Spring Security - Portlet Sample</name>
<packaging>war</packaging>
<dependencies>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-portlet</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>portlet-api</groupId>
<artifactId>portlet-api</artifactId>
<version>1.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.4</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-portlet</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-mock</artifactId>
<version>${spring.version}</version>
<scope>test</scope>
</dependency>
<!--
<dependency>
<groupId>org.apache.pluto</groupId>
<artifactId>pluto-util</artifactId>
<version>1.1.4</version>
<scope>provided</scope>
</dependency>
-->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>${jstl.version}</version>
</dependency>
<dependency>
<groupId>taglibs</groupId>
<artifactId>standard</artifactId>
<version>${jstl.version}</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-io</artifactId>
<version>1.3.2</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.5</source>
<target>1.5</target>
</configuration>
</plugin>
<!-- <plugin>
<groupId>org.apache.pluto</groupId>
<artifactId>maven-pluto-plugin</artifactId>
<version>1.1.4</version>
<executions>
<execution>
<phase>generate-resources</phase>
<goals>
<goal>assemble</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<webXml>
${project.build.directory}/pluto-resources/web.xml
</webXml>
</configuration>
</plugin>
-->
</plugins>
</build>
</project>

View File

@ -0,0 +1,41 @@
package org.springframework.web.portlet.sample;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Date;
import javax.portlet.GenericPortlet;
import javax.portlet.PortletException;
import javax.portlet.PortletSession;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.ui.AbstractProcessingFilter;
/**
* A simple portlet which prints out the contents of the current {@link SecurityContext}
*
* @author Luke Taylor
*/
public class SecurityContextPortlet extends GenericPortlet {
public void doView(RenderRequest request, RenderResponse response) throws PortletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<h2>Security Context Display Portlet</h2>");
out.println("<p>");
out.println(new Date());
out.println("<p>Current Session " + request.getPortletSession().getId() + "</p>");
out.println("</p>");
out.println("<p>The security context contains: " +
SecurityContextHolder.getContext().getAuthentication() +
"</p>");
Object lastException = request.getPortletSession().getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, PortletSession.APPLICATION_SCOPE);
if (lastException != null) {
out.println("Last Exception: " + lastException);
}
}
}

View File

@ -0,0 +1,35 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
<!-- Message source for this context, loaded from localized "messages_xx" files -->
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames">
<list>
<value>messages</value>
</list>
</property>
</bean>
<!-- Default View Resolver -->
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="cache" value="false"/>
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/jsp/"/>
<property name="suffix" value=".jsp"/>
</bean>
<!-- Abstract Default Exception Handler Bean -->
<bean id="defaultExceptionHandlerTemplate" class="org.springframework.web.portlet.handler.SimpleMappingExceptionResolver" abstract="true">
<property name="defaultErrorView" value="defError"/>
<property name="exceptionMappings">
<props>
<prop key="javax.portlet.PortletSecurityException">notAuthorized</prop>
<prop key="javax.portlet.UnavailableException">notAvailable</prop>
</props>
</property>
</bean>
</beans>

View File

@ -0,0 +1,19 @@
#log4j.debug=TRUE
#log4j.rootLogger=FATAL, stdout
#log4j.rootLogger=ERROR, stdout
log4j.rootLogger=WARN, stdout
#log4j.rootLogger=INFO, stdout
#log4j.rootLogger=DEBUG, stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - <%m>%n
# spring portlet mvc classes
log4j.logger.org.springframework.web.portlet=INFO
# spring portlet mvc sample classes
log4j.logger.org.springframework.web.portlet.sample=DEBUG
log4j.logger.org.springframework.security=DEBUG

View File

@ -0,0 +1,23 @@
required=Required
required.java.util.Date=A date of the form 'MM/dd/yyyy' is required
typeMismatch=Invalid Data Entry
typeMismatch.java.lang.Integer=Must be a number
typeMismatch.java.util.Date=Must be of the form 'MM/dd/yyyy'
button.home=Home
button.edit=Edit
exception.generalError.title=General Error
exception.notAuthorized.title=Access Not Permitted
exception.notAuthorized.message=You do not have permission to access this area.
exception.notAvailable.title=Resource Not Available
exception.notAvailable.message=That resource is not available.
exception.contactAdmin=Please contact your System Administrator for assistance.
portlet.exceptions.title=Sample Exceptions
portlet.exceptions.message=This portlet lets you see what uncaught exceptions will look like in your portlet. Select one of the exceptions below in order to throw it.

View File

@ -0,0 +1,15 @@
# Apologies to those fluent in German -- these translations are straight from BabelFish and are only for demonstration purposes.
exception.generalError.title=Allgemeine Störung
exception.notAuthorized.title=Zugang Nicht Die Erlaubnis Gehabt
exception.notAuthorized.message=Sie haben nicht Erlaubnis, diesen Bereich zugänglich zu machen.
exception.notAvailable.title=Hilfsmittel Nicht Vorhanden
exception.notAvailable.message=Dieses Hilfsmittel ist nicht vorhanden.
exception.contactAdmin=Treten Sie bitte mit Ihrem Systemverwalter für Unterstützung in Verbindung.
portlet.exceptions.title=Beispielausnahmen
portlet.exceptions.message=Dieses portlet läßt Sie sehen, welche uncaught Ausnahmen wie in Ihrem portlet aussehen. Wählen Sie eine der Ausnahmen unten vor, um sie zu werfen.

View File

@ -0,0 +1,86 @@
<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<bean id="simplePortletHandlerAdapter" class="org.springframework.web.portlet.handler.SimplePortletHandlerAdapter"/>
<bean id="simplePortletPostProcessor" class="org.springframework.web.portlet.handler.SimplePortletPostProcessor"/>
<bean id="springSecurityPortlet" class="org.springframework.web.portlet.sample.SecurityContextPortlet"/>
<!-- Handler Mapping -->
<bean id="portletModeHandlerMapping" class="org.springframework.web.portlet.handler.PortletModeHandlerMapping">
<property name="interceptors">
<list>
<ref bean="portletContextIntegrationInterceptor"/>
<ref bean="portletAuthenticationInterceptor"/>
</list>
</property>
<property name="portletModeMap">
<map>
<entry key="view" value-ref="springSecurityPortlet"/>
</map>
</property>
</bean>
<!-- Exceptions Handler -->
<bean id="defaultExceptionHandler" parent="defaultExceptionHandlerTemplate"/>
<bean id="portletContextIntegrationInterceptor" class="org.springframework.security.context.PortletSessionContextIntegrationInterceptor"/>
<bean id="portletAuthenticationInterceptor" class="org.springframework.security.ui.portlet.PortletProcessingInterceptor">
<property name="authenticationDetailsSource">
<bean class="org.springframework.security.ui.portlet.PortletPreAuthenticatedAuthenticationDetailsSource">
<property name="mappableRolesRetriever">
<bean class="org.springframework.security.authoritymapping.SimpleMappableAttributesRetriever">
<property name="mappableAttributes">
<list>
<value>tomcat</value>
<value>admin</value>
<value>manager</value>
<!-- Some standard liferay roles -->
<value>Administrator</value>
<value>Guest</value>
<value>User</value>
<value>Power User</value>
</list>
</property>
</bean>
</property>
</bean>
</property>
<property name="authenticationManager" ref="authenticationManager"/>
<!-- Liferay doesn't seem to set the authType -->
<property name="useAuthTypeAsCredentials" value="false"/>
</bean>
<sec:authentication-manager alias="authenticationManager"/>
<bean id="portletAuthProvider" class="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider">
<sec:custom-authentication-provider/>
<property name="preAuthenticatedUserDetailsService">
<bean class="org.springframework.security.providers.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService"/>
</property>
<property name="throwExceptionWhenTokenRejected" value="true"/>
</bean>
<!--
<bean id="portletAuthProvider" class="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider">
<sec:custom-authentication-provider/>
<property name="preAuthenticatedUserDetailsService">
<bean class="org.springframework.security.providers.preauth.UserDetailsByNameServiceWrapper">
<property name="userDetailsService" ref="userDetailsService"/>
</bean>
</property>
</bean>
<sec:user-service id="userDetailsService">
<sec:user name="pluto" password="notused" authorities="ROLE_USER,ROLE_A,ROLE_B"/>
<sec:user name="tomcat" password="notused" authorities="ROLE_USER,ROLE_A,ROLE_B"/>
</sec:user-service>
-->
</beans>

View File

@ -0,0 +1,10 @@
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<h1><spring:message code="exception.generalError.title"/></h1>
<p>${exception.localizedMessage == null ? exception : exception.localizedMessage }<br/>
<spring:message code="exception.contactAdmin"/></p>
<p>${exception.class}</p>
<p style="text-align:center;"><a href="<portlet:renderURL portletMode="view"/>">- <spring:message code="button.home"/> -</a></p>

View File

@ -0,0 +1,10 @@
<%@ page contentType="text/html" isELIgnored="false" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="portlet" uri="http://java.sun.com/portlet" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="html" tagdir="/WEB-INF/tags/html" %>

View File

@ -0,0 +1,9 @@
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<h1><spring:message code="exception.notAuthorized.title"/></h1>
<p><spring:message code="exception.notAuthorized.message"/><br>
<spring:message code="exception.contactAdmin"/></p>
<p style="text-align:center;"><a href="<portlet:renderURL portletMode="view"/>">- <spring:message code="button.home"/> -</a></p>

View File

@ -0,0 +1,9 @@
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<h1><spring:message code="exception.notAvailable.title"/></h1>
<p><spring:message code="exception.notAvailable.message"/><br>
<spring:message code="exception.contactAdmin"/></p>
<p style="text-align:center;"><a href="<portlet:renderURL portletMode="view"/>">- <spring:message code="button.home"/> -</a></p>

View File

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="UTF-8"?>
<portlet-app
xmlns="http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd
http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd"
version="1.0">
<portlet>
<portlet-name>Security Context Portlet</portlet-name>
<portlet-class>
org.springframework.web.portlet.DispatcherPortlet
</portlet-class>
<init-param>
<name>contextConfigLocation</name>
<value>/WEB-INF/classes/portlet/securityContextPortlet.xml</value>
</init-param>
<supports>
<mime-type>text/html</mime-type>
<portlet-mode>view</portlet-mode>
</supports>
<portlet-info>
<title>Spring Security Context Display Portlet</title>
</portlet-info>
</portlet>
<user-attribute>
<name>user.login.id</name>
</user-attribute>
<user-attribute>
<name>user.name</name>
</user-attribute>
<user-attribute>
<name>user.name.full</name>
</user-attribute>
</portlet-app>

View File

@ -0,0 +1,44 @@
<?xml version="1.0"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
<display-name>Spring Portlet MVC Sample Application</display-name>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.util.Log4jConfigListener
</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<servlet>
<servlet-name>ViewRendererServlet</servlet-name>
<servlet-class>
org.springframework.web.servlet.ViewRendererServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>ViewRendererServlet</servlet-name>
<url-pattern>/WEB-INF/servlet/view</url-pattern>
</servlet-mapping>
</web-app>