Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-13 15:42:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-514: Refactoring contacts sample into single webapp.

Browse Source
This commit is contained in:
Luke Taylor 2007-07-24 17:46:43 +00:00
parent a499e74102
commit fe4bbe0fbf
39 changed files with 608 additions and 1238 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
samples/contacts/pom.xml
View File

@ -13,24 +13,86 @@
<packaging>war</packaging>
<dependencies>
<dependency>
<groupId>org.acegisecurity</groupId>
<artifactId>acegi-security</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.4</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>1.2.4</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>hessian</groupId>
<artifactId>hessian</artifactId>
<version>3.0.1</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>hsqldb</groupId>
<artifactId>hsqldb</artifactId>
<version>1.8.0.4</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>jstl</groupId>
<artifactId>jstl</artifactId>
<version>1.0</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>taglibs</groupId>
<artifactId>standard</artifactId>
<version>1.0.6</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-ldap</artifactId>
<version>1.1.2</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-mock</artifactId>
<version>${spring.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<webXml>src/main/webapp/filter/WEB-INF/web.xml</webXml>
</configuration>
</plugin>
</plugins>
</build>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>maven-jetty-plugin</artifactId>
<configuration>
<contextPath>/contacts</contextPath>
<!--jettyConfig>${basedir}/src/test/resources/jetty.xml</jettyConfig-->
<scanIntervalSeconds>10</scanIntervalSeconds>
<!--scanTargets>
<scanTarget>src/main/webapp/css</scanTarget>
</scanTargets-->
</configuration>
</plugin>
</plugins>
</build>
</project>

360
samples/contacts/src/main/resources/applicationContext-common-authorization.xml
View File

@ -11,204 +11,198 @@
<beans>
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames">
<list>
<value>classpath:/org/acegisecurity/messages</value>
</list>
</property>
</bean>
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames">
<list>
<value>classpath:/org/acegisecurity/messages</value>
</list>
</property>
</bean>
<!-- ~~~~~~~~~~~~~~~~~~ "BEFORE INVOCATION" AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~ -->
<!-- ~~~~~~~~~~~~~~~~~~ "BEFORE INVOCATION" AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~ -->
<!-- ACL permission masks used by this application -->
<bean id="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
<property name="staticField"><value>org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION</value></property>
</bean>
<bean id="org.acegisecurity.acls.domain.BasePermission.READ" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
<property name="staticField"><value>org.acegisecurity.acls.domain.BasePermission.READ</value></property>
</bean>
<bean id="org.acegisecurity.acls.domain.BasePermission.DELETE" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
<property name="staticField"><value>org.acegisecurity.acls.domain.BasePermission.DELETE</value></property>
</bean>
<!-- ACL permission masks used by this application -->
<bean id="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"
class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
<property name="staticField" value="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
</bean>
<bean id="org.acegisecurity.acls.domain.BasePermission.READ"
class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
<property name="staticField" value="org.acegisecurity.acls.domain.BasePermission.READ"/>
</bean>
<bean id="org.acegisecurity.acls.domain.BasePermission.DELETE"
class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
<property name="staticField" value="org.acegisecurity.acls.domain.BasePermission.DELETE"/>
</bean>
<!-- An access decision voter that reads ROLE_* configuration settings -->
<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>
<!-- An access decision voter that reads ROLE_* configuration settings -->
<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>
<!-- An access decision voter that reads ACL_CONTACT_READ configuration settings -->
<bean id="aclContactReadVoter" class="org.acegisecurity.vote.AclEntryVoter">
<constructor-arg>
<ref bean="aclService"/>
</constructor-arg>
<constructor-arg>
<value>ACL_CONTACT_READ</value>
</constructor-arg>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
</list>
</constructor-arg>
<property name="processDomainObjectClass"><value>sample.contact.Contact</value></property>
</bean>
<!-- An access decision voter that reads ACL_CONTACT_READ configuration settings -->
<bean id="aclContactReadVoter" class="org.acegisecurity.vote.AclEntryVoter">
<constructor-arg ref="aclService"/>
<constructor-arg value="ACL_CONTACT_READ"/>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
</list>
</constructor-arg>
<property name="processDomainObjectClass" value="sample.contact.Contact"/>
</bean>
<!-- An access decision voter that reads ACL_CONTACT_DELETE configuration settings -->
<bean id="aclContactDeleteVoter" class="org.acegisecurity.vote.AclEntryVoter">
<constructor-arg>
<ref bean="aclService"/>
</constructor-arg>
<constructor-arg>
<value>ACL_CONTACT_DELETE</value>
</constructor-arg>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.DELETE"/>
</list>
</constructor-arg>
<property name="processDomainObjectClass"><value>sample.contact.Contact</value></property>
</bean>
<!-- An access decision voter that reads ACL_CONTACT_DELETE configuration settings -->
<bean id="aclContactDeleteVoter" class="org.acegisecurity.vote.AclEntryVoter">
<constructor-arg ref="aclService"/>
<constructor-arg value="ACL_CONTACT_DELETE"/>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.DELETE"/>
</list>
</constructor-arg>
<property name="processDomainObjectClass" value="sample.contact.Contact"/>
</bean>
<!-- An access decision voter that reads ACL_CONTACT_ADMIN configuration settings -->
<bean id="aclContactAdminVoter" class="org.acegisecurity.vote.AclEntryVoter">
<constructor-arg>
<ref bean="aclService"/>
</constructor-arg>
<constructor-arg>
<value>ACL_CONTACT_ADMIN</value>
</constructor-arg>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
</list>
</constructor-arg>
<property name="processDomainObjectClass"><value>sample.contact.Contact</value></property>
</bean>
<!-- An access decision voter that reads ACL_CONTACT_ADMIN configuration settings -->
<bean id="aclContactAdminVoter" class="org.acegisecurity.vote.AclEntryVoter">
<constructor-arg ref="aclService"/>
<constructor-arg value="ACL_CONTACT_ADMIN"/>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
</list>
</constructor-arg>
<property name="processDomainObjectClass" value="sample.contact.Contact"/>
</bean>
<!-- An access decision manager used by the business objects -->
<bean id="businessAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
<property name="decisionVoters">
<list>
<ref local="roleVoter"/>
<ref local="aclContactReadVoter"/>
<ref local="aclContactDeleteVoter"/>
<ref local="aclContactAdminVoter"/>
</list>
</property>
</bean>
<!-- An access decision manager used by the business objects -->
<bean id="businessAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions" value="false"/>
<property name="decisionVoters">
<list>
<ref local="roleVoter"/>
<ref local="aclContactReadVoter"/>
<ref local="aclContactDeleteVoter"/>
<ref local="aclContactAdminVoter"/>
</list>
</property>
</bean>
<!-- ========= ACCESS CONTROL LIST LOOKUP MANAGER DEFINITIONS ========= -->
<!-- ========= ACCESS CONTROL LIST LOOKUP MANAGER DEFINITIONS ========= -->
<bean id="aclCache" class="org.acegisecurity.acls.jdbc.EhCacheBasedAclCache">
<constructor-arg>
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
</property>
<property name="cacheName">
<value>aclCache</value>
</property>
</bean>
</constructor-arg>
</bean>
<bean id="lookupStrategy" class="org.acegisecurity.acls.jdbc.BasicLookupStrategy">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="aclCache"/>
<constructor-arg ref="aclAuthorizationStrategy"/>
<constructor-arg>
<bean class="org.acegisecurity.acls.domain.ConsoleAuditLogger"/>
</constructor-arg>
</bean>
<bean id="aclAuthorizationStrategy" class="org.acegisecurity.acls.domain.AclAuthorizationStrategyImpl">
<constructor-arg>
<list>
<bean class="org.acegisecurity.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<bean class="org.acegisecurity.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<bean class="org.acegisecurity.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
</list>
</constructor-arg>
</bean>
<bean id="aclService" class="org.acegisecurity.acls.jdbc.JdbcMutableAclService">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="lookupStrategy"/>
<constructor-arg ref="aclCache"/>
</bean>
<bean id="aclCache" class="org.acegisecurity.acls.jdbc.EhCacheBasedAclCache">
<constructor-arg>
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
</property>
<property name="cacheName" value="aclCache"/>
</bean>
</constructor-arg>
</bean>
<!-- ============== "AFTER INTERCEPTION" AUTHORIZATION DEFINITIONS =========== -->
<bean id="lookupStrategy" class="org.acegisecurity.acls.jdbc.BasicLookupStrategy">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="aclCache"/>
<constructor-arg ref="aclAuthorizationStrategy"/>
<constructor-arg>
<bean class="org.acegisecurity.acls.domain.ConsoleAuditLogger"/>
</constructor-arg>
</bean>
<bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager">
<property name="providers">
<list>
<ref local="afterAclRead"/>
<ref local="afterAclCollectionRead"/>
</list>
</property>
</bean>
<!-- Processes AFTER_ACL_COLLECTION_READ configuration settings -->
<bean id="afterAclCollectionRead" class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider">
<constructor-arg>
<ref bean="aclService"/>
</constructor-arg>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
</list>
</constructor-arg>
</bean>
<!-- Processes AFTER_ACL_READ configuration settings -->
<bean id="afterAclRead" class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationProvider">
<constructor-arg>
<ref bean="aclService"/>
</constructor-arg>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
</list>
</constructor-arg>
</bean>
<bean id="aclAuthorizationStrategy" class="org.acegisecurity.acls.domain.AclAuthorizationStrategyImpl">
<constructor-arg>
<list>
<bean class="org.acegisecurity.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<bean class="org.acegisecurity.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<bean class="org.acegisecurity.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
</list>
</constructor-arg>
</bean>
<!-- ================= METHOD INVOCATION AUTHORIZATION ==================== -->
<bean id="aclService" class="org.acegisecurity.acls.jdbc.JdbcMutableAclService">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="lookupStrategy"/>
<constructor-arg ref="aclCache"/>
</bean>
<!-- getRandomContact() is public.
<!-- ============== "AFTER INTERCEPTION" AUTHORIZATION DEFINITIONS =========== -->
The create, getAll, getById etc have ROLE_USER to ensure user is
authenticated (all users hold ROLE_USER in this application).
<bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager">
<property name="providers">
<list>
<ref local="afterAclRead"/>
<ref local="afterAclCollectionRead"/>
</list>
</property>
</bean>
The delete and update methods don't need a ROLE_USER as they will
ensure the user is authenticated via their ACL_CONTACT_DELETE or
ACL_CONTACT_READ attribute, which also ensures the user has permission
to the Contact presented as a method argument.
-->
<bean id="contactManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref local="businessAccessDecisionManager"/></property>
<property name="afterInvocationManager"><ref local="afterInvocationManager"/></property>
<property name="objectDefinitionSource">
<value>
sample.contact.ContactManager.create=ROLE_USER
sample.contact.ContactManager.getAllRecipients=ROLE_USER
sample.contact.ContactManager.getAll=ROLE_USER,AFTER_ACL_COLLECTION_READ
sample.contact.ContactManager.getById=ROLE_USER,AFTER_ACL_READ
sample.contact.ContactManager.delete=ACL_CONTACT_DELETE
sample.contact.ContactManager.deletePermission=ACL_CONTACT_ADMIN
sample.contact.ContactManager.addPermission=ACL_CONTACT_ADMIN
</value>
</property>
</bean>
<!-- Processes AFTER_ACL_COLLECTION_READ configuration settings -->
<bean id="afterAclCollectionRead"
class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider">
<constructor-arg>
<ref bean="aclService"/>
</constructor-arg>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
</list>
</constructor-arg>
</bean>
<!-- Processes AFTER_ACL_READ configuration settings -->
<bean id="afterAclRead" class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationProvider">
<constructor-arg>
<ref bean="aclService"/>
</constructor-arg>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
</list>
</constructor-arg>
</bean>
<!-- ================= METHOD INVOCATION AUTHORIZATION ==================== -->
<!-- getRandomContact() is public.
The create, getAll, getById etc have ROLE_USER to ensure user is
authenticated (all users hold ROLE_USER in this application).
The delete and update methods don't need a ROLE_USER as they will
ensure the user is authenticated via their ACL_CONTACT_DELETE or
ACL_CONTACT_READ attribute, which also ensures the user has permission
to the Contact presented as a method argument.
-->
<bean id="contactManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager">
<ref local="businessAccessDecisionManager"/>
</property>
<property name="afterInvocationManager">
<ref local="afterInvocationManager"/>
</property>
<property name="objectDefinitionSource">
<value>
sample.contact.ContactManager.create=ROLE_USER
sample.contact.ContactManager.getAllRecipients=ROLE_USER
sample.contact.ContactManager.getAll=ROLE_USER,AFTER_ACL_COLLECTION_READ
sample.contact.ContactManager.getById=ROLE_USER,AFTER_ACL_READ
sample.contact.ContactManager.delete=ACL_CONTACT_DELETE
sample.contact.ContactManager.deletePermission=ACL_CONTACT_ADMIN
sample.contact.ContactManager.addPermission=ACL_CONTACT_ADMIN
</value>
</property>
</bean>
</beans>

73
samples/contacts/src/main/resources/applicationContext-common-business.xml
View File

@ -11,38 +11,29 @@
<beans>
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName">
<value>org.hsqldb.jdbcDriver</value>
</property>
<property name="url">
<value>jdbc:hsqldb:mem:test</value>
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
</property>
<property name="username">
<value>sa</value>
</property>
<property name="password">
<value></value>
</property>
</bean>
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="org.hsqldb.jdbcDriver"/>
<property name="url" value="jdbc:hsqldb:mem:test"/> <!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
<property name="username" value="sa"/>
<property name="password" value=""/>
</bean>
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource"><ref local="dataSource"/></property>
</bean>
<bean id="transactionInterceptor" class="org.springframework.transaction.interceptor.TransactionInterceptor">
<property name="transactionManager"><ref bean="transactionManager"/></property>
<property name="transactionManager"><ref local="transactionManager"/></property>
<property name="transactionAttributeSource">
<value>
sample.contact.ContactManager.create=PROPAGATION_REQUIRED
sample.contact.ContactManager.getAllRecipients=PROPAGATION_REQUIRED,readOnly
sample.contact.ContactManager.getAll=PROPAGATION_REQUIRED,readOnly
sample.contact.ContactManager.getById=PROPAGATION_REQUIRED,readOnly
sample.contact.ContactManager.delete=PROPAGATION_REQUIRED
sample.contact.ContactManager.deletePermission=PROPAGATION_REQUIRED
sample.contact.ContactManager.addPermission=PROPAGATION_REQUIRED
</value>
<value>
sample.contact.ContactManager.create=PROPAGATION_REQUIRED
sample.contact.ContactManager.getAllRecipients=PROPAGATION_REQUIRED,readOnly
sample.contact.ContactManager.getAll=PROPAGATION_REQUIRED,readOnly
sample.contact.ContactManager.getById=PROPAGATION_REQUIRED,readOnly
sample.contact.ContactManager.delete=PROPAGATION_REQUIRED
sample.contact.ContactManager.deletePermission=PROPAGATION_REQUIRED
sample.contact.ContactManager.addPermission=PROPAGATION_REQUIRED
</value>
</property>
</bean>
@ -51,25 +42,25 @@
<property name="mutableAclService" ref="aclService"/>
<property name="platformTransactionManager" ref="transactionManager"/>
</bean>
<bean id="contactDao" class="sample.contact.ContactDaoSpring">
<property name="dataSource"><ref local="dataSource"/></property>
</bean>
<bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
<property name="interceptorNames">
<list>
<idref local="transactionInterceptor"/>
<idref bean="contactManagerSecurity"/>
<idref local="contactManagerTarget"/>
</list>
</property>
<property name="proxyInterfaces" value="sample.contact.ContactManager"/>
<property name="interceptorNames">
<list>
<idref local="transactionInterceptor"/>
<idref bean="contactManagerSecurity"/>
<idref local="contactManagerTarget"/>
</list>
</property>
</bean>
<bean id="contactManagerTarget" class="sample.contact.ContactManagerBackend">
<property name="contactDao"><ref local="contactDao"/></property>
<property name="mutableAclService"><ref bean="aclService"/></property>
<property name="contactDao">
<bean class="sample.contact.ContactDaoSpring">
<property name="dataSource"><ref local="dataSource"/></property>
</bean>
</property>
<property name="mutableAclService" ref="aclService"/>
</bean>
</beans>

0
samples/contacts/src/main/webapp/common/WEB-INF/.cvsignore → samples/contacts/src/main/webapp/WEB-INF/.cvsignore
View File

104
samples/contacts/src/main/webapp/cas/WEB-INF/applicationContext-acegi-security.xml → samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-cas.xml
View File

@ -7,48 +7,47 @@
-
- Only used by "cas" artifact.
-
- $Id$
- $Id: applicationContext-acegi-security.xml 1409 2006-04-26 23:36:03Z benalex $
-->
<beans>
<!-- ======================== FILTER CHAIN ======================= -->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,casProcessingFilter,basicProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</value>
</property>
</bean>
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,casProcessingFilter,basicProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</value>
</property>
</bean>
<!-- ======================== AUTHENTICATION ======================= -->
<!-- ======================== AUTHENTICATION ======================= -->
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="casAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="casAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource"><ref bean="dataSource"/></property>
</bean>
<bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource" ref="dataSource"/>
</bean>
<bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
<property name="authenticationManager"><ref local="authenticationManager"/></property>
<property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
</bean>
<bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
<property name="authenticationManager"><ref local="authenticationManager"/></property>
<property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
</bean>
<bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
<property name="realmName"><value>Contacts Realm</value></property>
</bean>
<bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
<property name="realmName"><value>Contacts Realm</value></property>
</bean>
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
</bean>
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
<bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider">
<property name="casAuthoritiesPopulator"><ref local="casAuthoritiesPopulator"/></property>
@ -59,23 +58,19 @@
</bean>
<bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
<property name="casValidate"><value>https://localhost:8443/cas/proxyValidate</value></property>
<property name="proxyCallbackUrl"><value>https://localhost:8443/contacts-cas/casProxy/receptor</value></property>
<property name="casValidate" value="https://localhost:8443/cas/proxyValidate"/>
<property name="proxyCallbackUrl" value="https://localhost:8443/contacts-cas/casProxy/receptor"/>
<property name="serviceProperties"><ref local="serviceProperties"/></property>
<!-- <property name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property> -->
</bean>
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
<bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<ref local="cacheManager"/>
</property>
<property name="cacheName">
<value>ticketCache</value>
</property>
</bean>
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
<bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager"><ref local="cacheManager"/></property>
<property name="cacheName" value="ticketCache"/>
</bean>
<bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
<property name="cache"><ref local="ticketCacheBackend"/></property>
</bean>
@ -84,12 +79,11 @@
<property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
</bean>
<bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets">
</bean>
<bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets"/>
<bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties">
<property name="service"><value>https://localhost:8443/contacts-cas/j_acegi_cas_security_check</value></property>
<property name="sendRenew"><value>false</value></property>
<property name="service" value="https://localhost:8443/contacts-cas/j_acegi_cas_security_check"/>
<property name="sendRenew" value="false"/>
</bean>
<!-- note logout has little impact, due to CAS reauthentication functionality (it will cause a refresh of the authentication though) -->
@ -104,7 +98,7 @@
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
<!-- Enabled by default for CAS, as a CAS deployment uses HTTPS -->
<bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">
<property name="channelDecisionManager"><ref local="channelDecisionManager"/></property>
@ -112,7 +106,7 @@
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
\A/secure/.*\Z=REQUIRES_SECURE_CHANNEL
\A/j_acegi_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL
\A/j_acegi_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL
\A.*\Z=REQUIRES_INSECURE_CHANNEL
</value>
</property>
@ -171,24 +165,24 @@
</value>
</property>
</bean>
<!-- BASIC Regular Expression Syntax (for beginners):
\A means the start of the string (ie the beginning of the URL)
\Z means the end of the string (ie the end of the URL)
. means any single character
* means null or any number of repetitions of the last expression (so .* means zero or more characters)
Some examples:
Expression: \A/my/directory/.*\Z
Would match: /my/directory/
/my/directory/hello.html
Expression: \A/.*\Z
Would match: /hello.html
/
Expression: \A/.*/secret.html\Z
Would match: /some/directory/secret.html
/another/secret.html

22
samples/contacts/src/main/webapp/ldap/WEB-INF/applicationContext-acegi-security.xml → samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-ldap.xml
View File

@ -7,7 +7,7 @@
-
- Only used by "ldap" artifact.
-
- $Id$
- $Id: applicationContext-acegi-security.xml 1468 2006-05-20 17:50:51Z luke_t $
-->
<beans>
@ -37,9 +37,9 @@
</bean>
<bean id="initialDirContextFactory" class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">
<constructor-arg value="ldap://monkeymachine:389/dc=acegisecurity,dc=org"/>
<property name="managerDn"><value>cn=manager,dc=acegisecurity,dc=org</value></property>
<property name="managerPassword"><value>acegisecurity</value></property>
<constructor-arg value="ldap://monkeymachine.co.uk:389/dc=acegisecurity,dc=org"/>
<property name="managerDn" value="cn=manager,dc=acegisecurity,dc=org" />
<property name="managerPassword" value="acegisecurity"/>
</bean>
<bean id="ldapAuthenticationProvider" class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
@ -115,28 +115,28 @@
</value>
</property>
</bean>
<!-- BASIC Regular Expression Syntax (for beginners):
\A means the start of the string (ie the beginning of the URL)
\Z means the end of the string (ie the end of the URL)
. means any single character
* means null or any number of repetitions of the last expression (so .* means zero or more characters)
Some examples:
Expression: \A/my/directory/.*\Z
Would match: /my/directory/
/my/directory/hello.html
Expression: \A/.*\Z
Would match: /hello.html
/
Expression: \A/.*/secret.html\Z
Would match: /some/directory/secret.html
/another/secret.html
Not match: /anothersecret.html (missing required /)
-->
-->
</beans>

16
samples/contacts/src/main/webapp/x509/WEB-INF/applicationContext-acegi-security.xml → samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-x509.xml
View File

@ -7,7 +7,7 @@
-
- Only used by "x509" artifact.
-
- $Id$
- $Id: applicationContext-acegi-security.xml 1409 2006-04-26 23:36:03Z benalex $
-->
<beans>
@ -87,7 +87,7 @@
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
<!-- Enabled by default for X.509 (obviously) -->
<bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">
<property name="channelDecisionManager"><ref local="channelDecisionManager"/></property>
@ -148,24 +148,24 @@
</value>
</property>
</bean>
<!-- BASIC Regular Expression Syntax (for beginners):
\A means the start of the string (ie the beginning of the URL)
\Z means the end of the string (ie the end of the URL)
. means any single character
* means null or any number of repetitions of the last expression (so .* means zero or more characters)
Some examples:
Expression: \A/my/directory/.*\Z
Would match: /my/directory/
/my/directory/hello.html
Expression: \A/.*\Z
Would match: /hello.html
/
Expression: \A/.*/secret.html\Z
Would match: /some/directory/secret.html
/another/secret.html

24
samples/contacts/src/main/webapp/filter/WEB-INF/applicationContext-acegi-security.xml → samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
View File

@ -7,7 +7,7 @@
-
- Only used by "filter" artifact.
-
- $Id$
- $Id: applicationContext-acegi-security.xml 1425 2006-04-28 06:43:50Z benalex $
-->
<beans>
@ -21,7 +21,7 @@
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor,switchUserProcessingFilter
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,switchUserProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</value>
</property>
</bean>
@ -46,12 +46,12 @@
<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
<property name="userCache"><ref local="userCache"/></property>
<!-- <property name="userCache"><ref local="userCache"/></property> -->
<property name="passwordEncoder"><ref local="passwordEncoder"/></property>
</bean>
<!--
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
<bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<ref local="cacheManager"/>
@ -60,11 +60,11 @@
<value>userCache</value>
</property>
</bean>
<bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
<property name="cache"><ref local="userCacheBackend"/></property>
</bean>
-->
<!-- Automatically receives AuthenticationEvent messages -->
<bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/>
@ -98,11 +98,11 @@
<property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
<property name="key"><value>springRocks</value></property>
</bean>
<bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
<property name="key"><value>springRocks</value></property>
</bean>
<bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
<constructor-arg>
@ -112,7 +112,7 @@
</list>
</constructor-arg>
</bean>
<bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
@ -199,7 +199,7 @@
</property>
</bean>
<!-- Filter used to switch the user context. Note: the switch and exit url must be secured
<!-- Filter used to switch the user context. Note: the switch and exit url must be secured
based on the role granted the ability to 'switch' to another user -->
<!-- In this example 'marissa' has ROLE_SUPERVISOR that can switch to regular ROLE_USER(s) -->
<bean id="switchUserProcessingFilter" class="org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter">
@ -207,6 +207,6 @@
<property name="switchUserUrl"><value>/j_acegi_switch_user</value></property>
<property name="exitUserUrl"><value>/j_acegi_exit_user</value></property>
<property name="targetUrl"><value>/acegi-security-sample-contacts-filter/secure/index.htm</value></property>
</bean>
</bean>
</beans>

83
samples/contacts/src/main/webapp/WEB-INF/contacts-servlet.xml Normal file
View File

@ -0,0 +1,83 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Application context definition for "contacts" DispatcherServlet.
-
- $Id: contacts-servlet.xml 1754 2006-11-17 02:01:21Z benalex $
-->
<beans>
<!-- ========================== WEB DEFINITIONS ======================= -->
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basename" value="messages"/>
</bean>
<bean id="publicIndexController" class="sample.contact.PublicIndexController">
<property name="contactManager" ref="contactManager"/>
</bean>
<bean id="secureIndexController" class="sample.contact.SecureIndexController">
<property name="contactManager" ref="contactManager"/>
</bean>
<bean id="secureDeleteController" class="sample.contact.DeleteController">
<property name="contactManager" ref="contactManager"/>
</bean>
<bean id="adminPermissionController" class="sample.contact.AdminPermissionController">
<property name="contactManager" ref="contactManager"/>
<property name="aclService" ref="aclService"/>
</bean>
<bean id="deletePermissionController" class="sample.contact.DeletePermissionController">
<property name="contactManager" ref="contactManager"/>
<property name="aclService" ref="aclService"/>
</bean>
<bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="mappings">
<props>
<prop key="/hello.htm">publicIndexController</prop>
<prop key="/secure/add.htm">secureAddForm</prop>
<prop key="/secure/index.htm">secureIndexController</prop>
<prop key="/secure/del.htm">secureDeleteController</prop>
<prop key="/secure/adminPermission.htm">adminPermissionController</prop>
<prop key="/secure/deletePermission.htm">deletePermissionController</prop>
<prop key="/secure/addPermission.htm">addPermissionForm</prop>
</props>
</property>
</bean>
<bean id="secureAddForm" class="sample.contact.WebContactAddController">
<property name="sessionForm" value="true"/>
<property name="commandName" value="webContact"/>
<property name="commandClass" value="sample.contact.WebContact"/>
<property name="validator">
<bean id="addValidator" class="sample.contact.WebContactValidator"/>
</property>
<property name="formView" value="add"/>
<property name="successView" value="index.htm"/>
<property name="contactManager" ref="contactManager"/>
</bean>
<bean id="addPermissionForm" class="sample.contact.AddPermissionController">
<property name="sessionForm" value="true"/>
<property name="commandName" value="addPermission"/>
<property name="commandClass" value="sample.contact.AddPermission"/>
<property name="validator">
<bean id="addPermissionValidator" class="sample.contact.AddPermissionValidator"/>
</property>
<property name="formView" value="addPermission"/>
<property name="successView" value="index.htm"/>
<property name="contactManager" ref="contactManager"/>
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/jsp/"/>
<property name="suffix" value=".jsp"/>
</bean>
</beans>

0
samples/contacts/src/main/webapp/common/WEB-INF/jsp/add.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/add.jsp
View File

110
samples/contacts/src/main/webapp/common/WEB-INF/jsp/addPermission.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/addPermission.jsp
View File

@ -1,55 +1,55 @@
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<html>
<head><title>Add Permission</title></head>
<body>
<h1>Add Permission</h1>
<form method="post">
<table width="95%" bgcolor="f8f8ff" border="0" cellspacing="0" cellpadding="5">
<tr>
<td alignment="right" width="20%">Contact:</td>
<td width="60%"><c:out value="${addPermission.contact}"/></td>
</tr>
<tr>
<td alignment="right" width="20%">Recipient:</td>
<spring:bind path="addPermission.recipient">
<td width="20%">
<select name="<c:out value="${status.expression}"/>">
<c:forEach var="thisRecipient" items="${recipients}">
<option <c:if test="${thisRecipient.key == status.value}">selected</c:if> value="<c:out value="${thisRecipient.key}"/>">
<c:out value="${thisRecipient.value}"/></option>
</c:forEach>
</select>
</td>
<td width="60%">
<font color="red"><c:out value="${status.errorMessage}"/></font>
</td>
</spring:bind>
</tr>
<tr>
<td alignment="right" width="20%">Permission:</td>
<spring:bind path="addPermission.permission">
<td width="20%">
<select name="<c:out value="${status.expression}"/>">
<c:forEach var="thisPermission" items="${permissions}">
<option <c:if test="${thisPermission.key == status.value}">selected</c:if> value="<c:out value="${thisPermission.key}"/>">
<c:out value="${thisPermission.value}"/></option>
</c:forEach>
</select>
</td>
<td width="60%">
<font color="red"><c:out value="${status.errorMessage}"/></font>
</td>
</spring:bind>
</tr>
</table>
<br>
<spring:hasBindErrors name="webContact">
<b>Please fix all errors!</b>
</spring:hasBindErrors>
<br><br>
<input name="execute" type="submit" alignment="center" value="Execute">
</form>
<p>
<A HREF="<c:url value="adminPermission.htm"><c:param name="contactId" value="${addPermission.contact.id}"/></c:url>">Admin Permission</A> <a href="<c:url value="index.htm"/>">Manage</a>
</body>
</html>
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<html>
<head><title>Add Permission</title></head>
<body>
<h1>Add Permission</h1>
<form method="post">
<table width="95%" bgcolor="f8f8ff" border="0" cellspacing="0" cellpadding="5">
<tr>
<td alignment="right" width="20%">Contact:</td>
<td width="60%"><c:out value="${addPermission.contact}"/></td>
</tr>
<tr>
<td alignment="right" width="20%">Recipient:</td>
<spring:bind path="addPermission.recipient">
<td width="20%">
<select name="<c:out value="${status.expression}"/>">
<c:forEach var="thisRecipient" items="${recipients}">
<option <c:if test="${thisRecipient.key == status.value}">selected</c:if> value="<c:out value="${thisRecipient.key}"/>">
<c:out value="${thisRecipient.value}"/></option>
</c:forEach>
</select>
</td>
<td width="60%">
<font color="red"><c:out value="${status.errorMessage}"/></font>
</td>
</spring:bind>
</tr>
<tr>
<td alignment="right" width="20%">Permission:</td>
<spring:bind path="addPermission.permission">
<td width="20%">
<select name="<c:out value="${status.expression}"/>">
<c:forEach var="thisPermission" items="${permissions}">
<option <c:if test="${thisPermission.key == status.value}">selected</c:if> value="<c:out value="${thisPermission.key}"/>">
<c:out value="${thisPermission.value}"/></option>
</c:forEach>
</select>
</td>
<td width="60%">
<font color="red"><c:out value="${status.errorMessage}"/></font>
</td>
</spring:bind>
</tr>
</table>
<br>
<spring:hasBindErrors name="webContact">
<b>Please fix all errors!</b>
</spring:hasBindErrors>
<br><br>
<input name="execute" type="submit" alignment="center" value="Execute">
</form>
<p>
<A HREF="<c:url value="adminPermission.htm"><c:param name="contactId" value="${addPermission.contact.id}"/></c:url>">Admin Permission</A> <a href="<c:url value="index.htm"/>">Manage</a>
</body>
</html>

56
samples/contacts/src/main/webapp/common/WEB-INF/jsp/adminPermission.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/adminPermission.jsp
View File

@ -1,28 +1,28 @@
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<html>
<head><title>Administer Permissions</title></head>
<body>
<h1>Administer Permissions</h1>
<P>
<code>
<c:out value="${model.contact}"/>
</code>
<P>
<table cellpadding=3 border=0>
<c:forEach var="acl" items="${model.acl.entries}">
<tr>
<td>
<code>
<c:out value="${acl}"/>
</code>
</td>
<td>
<A HREF="<c:url value="deletePermission.htm"><c:param name="contactId" value="${model.contact.id}"/><c:param name="sid" value="${acl.sid.principal}"/><c:param name="permission" value="${acl.permission.mask}"/></c:url>">Del</A>
</td>
</tr>
</c:forEach>
</table>
<p><a href="<c:url value="addPermission.htm"><c:param name="contactId" value="${model.contact.id}"/></c:url>">Add Permission</a> <a href="<c:url value="index.htm"/>">Manage</a>
</body>
</html>
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<html>
<head><title>Administer Permissions</title></head>
<body>
<h1>Administer Permissions</h1>
<P>
<code>
<c:out value="${model.contact}"/>
</code>
<P>
<table cellpadding=3 border=0>
<c:forEach var="acl" items="${model.acl.entries}">
<tr>
<td>
<code>
<c:out value="${acl}"/>
</code>
</td>
<td>
<A HREF="<c:url value="deletePermission.htm"><c:param name="contactId" value="${model.contact.id}"/><c:param name="sid" value="${acl.sid.principal}"/><c:param name="permission" value="${acl.permission.mask}"/></c:url>">Del</A>
</td>
</tr>
</c:forEach>
</table>
<p><a href="<c:url value="addPermission.htm"><c:param name="contactId" value="${model.contact.id}"/></c:url>">Add Permission</a> <a href="<c:url value="index.htm"/>">Manage</a>
</body>
</html>

34
samples/contacts/src/main/webapp/common/WEB-INF/jsp/deletePermission.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/deletePermission.jsp
View File

@ -1,20 +1,20 @@
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<html>
<head><title>Permission Deleted</title></head>
<body>
<h1>Permission Deleted</h1>
<P>
<code>
<c:out value="${model.contact}"/>
</code>
<P>
<code>
<c:out value="${model.sid}"/>
</code>
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<html>
<head><title>Permission Deleted</title></head>
<body>
<h1>Permission Deleted</h1>
<P>
<code>
<c:out value="${model.contact}"/>
</code>
<P>
<code>
<c:out value="${model.sid}"/>
</code>
<code>
<c:out value="${model.permission}"/>
</code>
<p><a href="<c:url value="index.htm"/>">Manage</a>
</body>
</html>
<p><a href="<c:url value="index.htm"/>">Manage</a>
</body>
</html>

0
samples/contacts/src/main/webapp/common/WEB-INF/jsp/deleted.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/deleted.jsp
View File

4
samples/contacts/src/main/webapp/common/WEB-INF/jsp/hello.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/hello.jsp
View File

@ -15,13 +15,13 @@
layer bean has a number of secured (protected) and public (unprotected)
methods.</li>
<li><b>Web request security</b>. The <code>/secure</code> URI path is protected
by Acegi Security from principals not holding the
by Acegi Security from principals not holding the
<code>ROLE_USER</code> granted authority.</li>
<li><b>Security unaware application objects</b>. None of the objects
are aware of the security being implemented by Acegi Security. *</li>
<li><b>Security taglib usage</b>. All of the JSPs use Acegi Security's
taglib to evaluate security information. *</li>
<li><b>Fully declarative security</b>. Every capability is configured in
<li><b>Fully declarative security</b>. Every capability is configured in
the application context using standard Acegi Security classes. *</li>
<li><b>Database-sourced security data</b>. All of the user, role and ACL
information is obtained from an in-memory JDBC-compliant database.</li>

0
samples/contacts/src/main/webapp/common/WEB-INF/jsp/include.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/include.jsp
View File

0
samples/contacts/src/main/webapp/common/WEB-INF/jsp/index.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/index.jsp
View File

4
samples/contacts/src/main/webapp/common/WEB-INF/remoting-servlet.xml → samples/contacts/src/main/webapp/WEB-INF/remoting-servlet.xml
View File

@ -3,12 +3,12 @@
<!--
- Contacts web application
- $Id$
- $Id: remoting-servlet.xml 469 2004-11-20 05:28:20Z benalex $
-->
<beans>
<!-- RMI exporter for the ContactManager -->
<!-- This could just as easily have been in
<!-- This could just as easily have been in
applicationContext-common-business.xml, because it doesn't rely on
DispatcherServlet or indeed any other HTTP services. It's in this
application context simply for logical placement with other

0
samples/contacts/src/main/webapp/common/WEB-INF/spring.tld → samples/contacts/src/main/webapp/WEB-INF/spring.tld
View File

38
samples/contacts/src/main/webapp/ldap/WEB-INF/web.xml → samples/contacts/src/main/webapp/WEB-INF/web.xml
View File

@ -4,15 +4,13 @@
<!--
- Contacts web application
-
- web.xml for "ldap" artifact only.
-
- $Id$
- $Id: web.xml 1741 2006-11-14 03:18:42Z benalex $
-->
<web-app>
<display-name>Contacts Sample Application</display-name>
<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
@ -25,12 +23,28 @@
classpath:applicationContext-common-authorization.xml
</param-value>
</context-param>
<!--
Required for CAS ProxyTicketReceptor servlet. This is the
URL to CAS' "proxy" actuator, where a PGT and TargetService can
be presented to obtain a new proxy ticket. THIS CAN BE
REMOVED IF THE APPLICATION DOESN'T NEED TO ACT AS A PROXY
-->
<context-param>
<param-name>edu.yale.its.tp.cas.proxyUrl</param-name>
<param-value>http://localhost:8433/cas/proxy</param-value>
</context-param>
<!-- Nothing below here needs to be modified -->
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
@ -44,10 +58,10 @@
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the root application context of this web app at startup.
- The application context is then available via
- The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
-->
<listener>
@ -62,11 +76,11 @@
The HttpSessionEventPublisher will publish
HttpSessionCreatedEvent and HttpSessionDestroyedEvent
to the WebApplicationContext
-->
-->
<listener>
<listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
</listener>
<!--
- Provides core MVC application controller. See contacts-servlet.xml.
-->
@ -89,7 +103,7 @@
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern>
@ -98,13 +112,13 @@
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<error-page>
<error-code>403</error-code>
<location>/error.html</location>
</error-page>
<taglib>
<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>

32
samples/contacts/src/main/webapp/filter/accessDenied.jsp → samples/contacts/src/main/webapp/accessDenied.jsp
View File

@ -1,16 +1,16 @@
<%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
<%@ page import="org.acegisecurity.Authentication" %>
<%@ page import="org.acegisecurity.ui.AccessDeniedHandlerImpl" %>
<h1>Sorry, access is denied</h1>
<p>
<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
<p>
<% Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null) { %>
Authentication object as a String: <%= auth.toString() %><BR><BR>
<% } %>
<%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
<%@ page import="org.acegisecurity.Authentication" %>
<%@ page import="org.acegisecurity.ui.AccessDeniedHandlerImpl" %>
<h1>Sorry, access is denied</h1>
<p>
<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
<p>
<% Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null) { %>
Authentication object as a String: <%= auth.toString() %><BR><BR>
<% } %>

6
samples/contacts/src/main/webapp/filter/acegilogin.jsp → samples/contacts/src/main/webapp/acegilogin.jsp
View File

@ -21,8 +21,8 @@
<p>username <b>bob</b>, password <b>wombat</b>
<p>username <b>jane</b>, password <b>wombat</b>
<p>
<%-- this form-login-page form is also used as the
<%-- this form-login-page form is also used as the
form-error-page to ask for a login again.
--%>
<c:if test="${not empty param.login_error}">
@ -34,7 +34,7 @@
<form action="<c:url value='j_acegi_security_check'/>" method="POST">
<table>
<tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<c:out value="${ACEGI_SECURITY_LAST_USERNAME}"/></c:if>></td></tr>
<tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<%= session.getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY) %>'</c:if>></td></tr>
<tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
<tr><td><input type="checkbox" name="_acegi_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>

70
samples/contacts/src/main/webapp/ca/WEB-INF/applicationContext-acegi-security.xml
View File

@ -1,70 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Application context containing authentication, channel
- security and web URI beans.
-
- Only used by "ca" artifact.
-
- $Id$
-->
<beans>
<!-- ======================== FILTER CHAIN ======================= -->
<!-- if you wish to use channel security, add "channelProcessingFilter," in front
of "authenticationProcessingFilter" in the list below -->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,httpRequestIntegrationFilter,logoutFilter
</value>
</property>
</bean>
<!-- ======================== AUTHENTICATION ======================= -->
<!-- We could also have a daoAuthenticationProvider in order to
process BASIC authentication requests, but this has been
left out given container adapters aren't recommended and
it would increase the number of bean declarations required -->
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="authByAdapterProvider"/>
</list>
</property>
</bean>
<bean id="authByAdapterProvider" class="org.acegisecurity.adapters.AuthByAdapterProvider">
<property name="key"><value>my_password</value></property>
</bean>
<bean id="httpRequestIntegrationFilter" class="org.acegisecurity.adapters.HttpRequestIntegrationFilter"/>
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
</bean>
<!-- note logout has little impact, due to container authentication functionality (used only so /j_acegi_logout doesn't give URL error) -->
<bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
<constructor-arg>
<list>
<bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
</list>
</constructor-arg>
</bean>
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
<!-- Implement by servlet specification -->
<!-- ===================== HTTP REQUEST SECURITY ==================== -->
<!-- Implement by servlet specification -->
</beans>

48
samples/contacts/src/main/webapp/ca/WEB-INF/classes/resin-acegisecurity.xml
View File

@ -1,48 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
*
* This springsecurity.xml file will only be used by Resin. Normally the
* springsecurity.xml is container-wide, but in the case of Resin it is
* web application specific.
*
* $Id$
*
* This file will be copied into WAR's classes directory if using container adapter
*
-->
<beans>
<!-- ================= CONTAINER ADAPTER CONFIGURATION ================ -->
<!-- Data access object which stores authentication information -->
<bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
<property name="userMap">
<value>
marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
dianne=emu,ROLE_TELLER
scott=wombat,ROLE_TELLER
peter=opal,disabled,ROLE_TELLER
</value>
</property>
</bean>
<!-- Authentication provider that queries our data access object -->
<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService"><ref bean="inMemoryDaoImpl"/></property>
<property name="forcePrincipalAsString"><value>true</value></property>
</bean>
<!-- The authentication manager that iterates through our only authentication provider -->
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="daoAuthenticationProvider"/>
</list>
</property>
</bean>
</beans>

7
samples/contacts/src/main/webapp/ca/WEB-INF/jboss-web.xml
View File

@ -1,7 +0,0 @@
<!--
- $Id$
- File will be copied into WAR's WEB-INF directory if using container adapter
-->
<jboss-web>
<security-domain>java:/jaas/SpringPoweredRealm</security-domain>
</jboss-web>

13
samples/contacts/src/main/webapp/ca/WEB-INF/resin-web.xml
View File

@ -1,13 +0,0 @@
<!--
- $Id$
- File will be copied into WAR's WEB-INF directory if using container adapter
-->
<web-app>
<authenticator>
<type>org.acegisecurity.adapters.resin.ResinAcegiAuthenticator</type>
<init>
<app-context-location>resin-acegisecurity.xml</app-context-location>
<key>my_password</key>
</init>
</authenticator>
</web-app>

137
samples/contacts/src/main/webapp/ca/WEB-INF/web.xml
View File

@ -1,137 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
<!--
- Contacts web application
-
- web.xml for "ca" artifact only.
-
- $Id$
-->
<web-app>
<display-name>Contacts Sample Application</display-name>
<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-acegi-security.xml
classpath:applicationContext-common-business.xml
classpath:applicationContext-common-authorization.xml
</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the root application context of this web app at startup.
- The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!--
- Provides core MVC application controller. See contacts-servlet.xml.
-->
<servlet>
<servlet-name>contacts</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!--
- Provides web services endpoint. See remoting-servlet.xml.
-->
<servlet>
<servlet-name>remoting</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>
<security-constraint>
<display-name>Secured Area Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Secured Area</web-resource-name>
<url-pattern>/secure/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ROLE_USER</role-name>
<role-name>ROLE_SUPERVISOR</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration using BASIC authentication -->
<!--
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Spring Powered Realm</realm-name>
</login-config>
-->
<!-- Default login configuration using form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Spring Powered Realm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/login.jsp?login_error=1</form-error-page>
</form-login-config>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<role-name>ROLE_SUPERVISOR</role-name>
</security-role>
<security-role>
<role-name>ROLE_USER</role-name>
</security-role>
</web-app>

46
samples/contacts/src/main/webapp/ca/login.jsp
View File

@ -1,46 +0,0 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<html>
<head>
<title>Login</title>
</head>
<body>
<h1>Login</h1>
<P>Valid users:
<P>
<P>username <b>marissa</b>, password <b>koala</b>
<P>username <b>dianne</b>, password <b>emu</b>
<p>username <b>scott</b>, password <b>wombat</b>
<p>username <b>peter</b>, password <b>opal</b> (user disabled)
<p>username <b>bill</b>, password <b>wombat</b>
<p>username <b>bob</b>, password <b>wombat</b>
<p>username <b>jane</b>, password <b>wombat</b>
<p>
<%-- this form-login-page form is also used as the
form-error-page to ask for a login again.
--%>
<c:if test="${not empty param.login_error}">
<font color="red">
Your login attempt was not successful, try again.
</font>
</c:if>
<form action="<c:url value='j_security_check'/>" method="POST">
<table>
<tr><td>User:</td><td><input type='text' name='j_username'></td></tr>
<tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
<tr><td colspan='2'><input name="submit" type="submit"></td></tr>
<tr><td colspan='2'><input name="reset" type="reset"></td></tr>
</table>
<!--
- The j_uri is a Resin requirement (ignored by other containers)
-->
<input type='hidden' name='j_uri' value='/secure/index.htm'/>
</form>
</body>
</html>

107
samples/contacts/src/main/webapp/cas/WEB-INF/web.xml
View File

@ -1,107 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
<!--
- Contacts web application
-
- web.xml for "cas" artifact only.
-
- $Id$
-->
<web-app>
<display-name>Contacts Sample Application</display-name>
<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-acegi-security.xml
classpath:applicationContext-common-business.xml
classpath:applicationContext-common-authorization.xml
</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<!-- Required for CAS ProxyTicketReceptor servlet. This is the
URL to CAS' "proxy" actuator, where a PGT and TargetService can
be presented to obtain a new proxy ticket. THIS CAN BE
REMOVED IF THE APPLICATION DOESN'T NEED TO ACT AS A PROXY -->
<context-param>
<param-name>edu.yale.its.tp.cas.proxyUrl</param-name>
<param-value>http://localhost:8433/cas/proxy</param-value>
</context-param>
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the root application context of this web app at startup.
- The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!--
- Provides core MVC application controller. See contacts-servlet.xml.
-->
<servlet>
<servlet-name>contacts</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!--
- Provides web services endpoint. See remoting-servlet.xml.
-->
<servlet>
<servlet-name>remoting</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>
</web-app>

6
samples/contacts/src/main/webapp/cas/casfailed.jsp → samples/contacts/src/main/webapp/casfailed.jsp
View File

@ -1,6 +1,6 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="net.sf.acegisecurity.AuthenticationException" %>
<%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="org.acegisecurity.AuthenticationException" %>
<html>
<head>
@ -12,7 +12,7 @@
<font color="red">
Your CAS credentials were rejected.<BR><BR>
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
Reason: <%= ((AuthenticationException) session.getAttribute(org.acegisecurity.ui.AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
</font>
</body>

87
samples/contacts/src/main/webapp/common/WEB-INF/contacts-servlet.xml
View File

@ -1,87 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Application context definition for "contacts" DispatcherServlet.
-
- $Id$
-->
<beans>
<!-- ========================== WEB DEFINITIONS ======================= -->
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basename"><value>messages</value></property>
</bean>
<bean id="publicIndexController" class="sample.contact.PublicIndexController">
<property name="contactManager"><ref bean="contactManager"/></property>
</bean>
<bean id="secureIndexController" class="sample.contact.SecureIndexController">
<property name="contactManager"><ref bean="contactManager"/></property>
</bean>
<bean id="secureDeleteController" class="sample.contact.DeleteController">
<property name="contactManager"><ref bean="contactManager"/></property>
</bean>
<bean id="adminPermissionController" class="sample.contact.AdminPermissionController">
<property name="contactManager"><ref bean="contactManager"/></property>
<property name="aclService"><ref bean="aclService"/></property>
</bean>
<bean id="deletePermissionController" class="sample.contact.DeletePermissionController">
<property name="contactManager"><ref bean="contactManager"/></property>
<property name="aclService"><ref bean="aclService"/></property>
</bean>
<bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="mappings">
<props>
<prop key="/hello.htm">publicIndexController</prop>
<prop key="/secure/add.htm">secureAddForm</prop>
<prop key="/secure/index.htm">secureIndexController</prop>
<prop key="/secure/del.htm">secureDeleteController</prop>
<prop key="/secure/adminPermission.htm">adminPermissionController</prop>
<prop key="/secure/deletePermission.htm">deletePermissionController</prop>
<prop key="/secure/addPermission.htm">addPermissionForm</prop>
</props>
</property>
</bean>
<bean id="addValidator" class="sample.contact.WebContactValidator"/>
<bean id="addPermissionValidator" class="sample.contact.AddPermissionValidator"/>
<bean id="secureAddForm" class="sample.contact.WebContactAddController">
<property name="sessionForm"><value>true</value></property>
<property name="commandName"><value>webContact</value></property>
<property name="commandClass"><value>sample.contact.WebContact</value></property>
<property name="validator"><ref bean="addValidator"/></property>
<property name="formView"><value>add</value></property>
<property name="successView"><value>index.htm</value></property>
<property name="contactManager">
<ref bean="contactManager"/>
</property>
</bean>
<bean id="addPermissionForm" class="sample.contact.AddPermissionController">
<property name="sessionForm"><value>true</value></property>
<property name="commandName"><value>addPermission</value></property>
<property name="commandClass"><value>sample.contact.AddPermission</value></property>
<property name="validator"><ref bean="addPermissionValidator"/></property>
<property name="formView"><value>addPermission</value></property>
<property name="successView"><value>index.htm</value></property>
<property name="contactManager">
<ref bean="contactManager"/>
</property>
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix"><value>/WEB-INF/jsp/</value></property>
<property name="suffix"><value>.jsp</value></property>
</bean>
</beans>

0
samples/contacts/src/main/webapp/ldap/error.html → samples/contacts/src/main/webapp/error.html
View File

12
samples/contacts/src/main/webapp/filter/exitUser.jsp → samples/contacts/src/main/webapp/exitUser.jsp
View File

@ -25,16 +25,16 @@
<table>
<tr><td>Current User:</td><td>
<%
<%
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null) { %>
<%= auth.getPrincipal().toString() %>
<% } %>
</td></tr>
<tr><td colspan='2'><input name="exit" type="submit" value="Exit"></td></tr>
</table>

107
samples/contacts/src/main/webapp/filter/WEB-INF/web.xml
View File

@ -1,107 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
<!--
- Contacts web application
-
- web.xml for "filter" artifact only.
-
- $Id$
-->
<web-app>
<display-name>Contacts Sample Application</display-name>
<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-acegi-security.xml
classpath:applicationContext-common-business.xml
classpath:applicationContext-common-authorization.xml
</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the root application context of this web app at startup.
- The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!--
The HttpSessionEventPublisher will publish
HttpSessionCreatedEvent and HttpSessionDestroyedEvent
to the WebApplicationContext
-->
<listener>
<listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
</listener>
<!--
- Provides core MVC application controller. See contacts-servlet.xml.
-->
<servlet>
<servlet-name>contacts</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!--
- Provides web services endpoint. See remoting-servlet.xml.
-->
<servlet>
<servlet-name>remoting</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>
</web-app>

0
samples/contacts/src/main/webapp/common/index.jsp → samples/contacts/src/main/webapp/index.jsp
View File

46
samples/contacts/src/main/webapp/ldap/acegilogin.jsp
View File

@ -1,46 +0,0 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="org.acegisecurity.AuthenticationException" %>
<html>
<head>
<title>Login</title>
</head>
<body>
<h1>Login</h1>
<P>Valid users:
<P>
<P>username <b>marissa</b>, password <b>koala</b>
<P>username <b>dianne</b>, password <b>emu</b>
<p>username <b>scott</b>, password <b>wombat</b>
<p>username <b>peter</b>, password <b>opal</b> (user disabled)
<p>username <b>bill</b>, password <b>wombat</b>
<p>username <b>bob</b>, password <b>wombat</b>
<p>username <b>jane</b>, password <b>wombat</b>
<p>
<%-- this form-login-page form is also used as the
form-error-page to ask for a login again.
--%>
<c:if test="${not empty param.login_error}">
<font color="red">
Your login attempt was not successful, try again.<BR><BR>
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
</font>
</c:if>
<form action="<c:url value='j_acegi_security_check'/>" method="POST">
<table>
<tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<c:out value="${ACEGI_SECURITY_LAST_USERNAME}"/></c:if>></td></tr>
<tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
<tr><td colspan='2'><input name="submit" type="submit"></td></tr>
<tr><td colspan='2'><input name="reset" type="reset"></td></tr>
</table>
</form>
</body>
</html>

6
samples/contacts/src/main/webapp/common/secure/debug.jsp → samples/contacts/src/main/webapp/secure/debug.jsp
View File

@ -3,12 +3,12 @@
<%@ page import="org.acegisecurity.GrantedAuthority" %>
<%@ page import="org.acegisecurity.adapters.AuthByAdapter" %>
<%
<%
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null) { %>
Authentication object is of type: <%= auth.getClass().getName() %><BR><BR>
Authentication object as a String: <%= auth.toString() %><BR><BR>
Authentication object holds the following granted authorities:<BR><BR>
<% GrantedAuthority[] granted = auth.getAuthorities();
for (int i = 0; i < granted.length; i++) { %>
@ -20,7 +20,7 @@
<% } else { %>
<BR><B>SUCCESS! Your web filters appear to be properly configured!</B><BR>
<% }
} else { %>
Authentication object is null.<BR>
This is an error and your Acegi Security application will not operate properly until corrected.<BR><BR>

5
samples/contacts/src/main/webapp/filter/switchUser.jsp → samples/contacts/src/main/webapp/switchUser.jsp
View File

@ -1,6 +1,5 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="org.acegisecurity.AuthenticationException" %>
<html>
@ -20,8 +19,8 @@
<p>username <b>bob</b>, password <b>wombat</b>
<p>username <b>jane</b>, password <b>wombat</b>
<p>
<%-- this form-login-page form is also used as the
<%-- this form-login-page form is also used as the
form-error-page to ask for a login again.
--%>
<c:if test="${not empty param.login_error}">

99
samples/contacts/src/main/webapp/x509/WEB-INF/web.xml
View File

@ -1,99 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
<!--
- Contacts web application
-
- web.xml for "x509" artifact only.
-
- $Id$
-->
<web-app>
<display-name>Contacts Sample Application</display-name>
<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-acegi-security.xml
classpath:applicationContext-common-business.xml
classpath:applicationContext-common-authorization.xml
</param-value>
</context-param>
<!--
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
-->
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the root application context of this web app at startup.
- The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!--
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
-->
<!--
- Provides core MVC application controller. See contacts-servlet.xml.
-->
<servlet>
<servlet-name>contacts</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!--
- Provides web services endpoint. See remoting-servlet.xml.
-->
<servlet>
<servlet-name>remoting</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>
</web-app>