Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-22 20:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-514: Refactoring contacts sample into single webapp.

Browse Source
This commit is contained in:
Luke Taylor 2007-07-24 17:46:43 +00:00
parent a499e74102
commit fe4bbe0fbf
39 changed files with 608 additions and 1238 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
samples/contacts/pom.xml
View File

@ -13,24 +13,86 @@
<packaging>war</packaging> <packaging>war</packaging>
<dependencies> <dependencies>
<dependency>
<groupId>org.acegisecurity</groupId>
<artifactId>acegi-security</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
<scope>compile</scope>
</dependency>
<dependency> <dependency>
<groupId>javax.servlet</groupId> <groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId> <artifactId>servlet-api</artifactId>
<version>2.4</version> <version>2.4</version>
<scope>provided</scope> <scope>provided</scope>
</dependency> </dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>1.2.4</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>hessian</groupId>
<artifactId>hessian</artifactId>
<version>3.0.1</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>hsqldb</groupId>
<artifactId>hsqldb</artifactId>
<version>1.8.0.4</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>jstl</groupId>
<artifactId>jstl</artifactId>
<version>1.0</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>taglibs</groupId>
<artifactId>standard</artifactId>
<version>1.0.6</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-ldap</artifactId>
<version>1.1.2</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-mock</artifactId>
<version>${spring.version}</version>
<scope>test</scope>
</dependency>
</dependencies> </dependencies>
<build> <build>
<plugins> <plugins>
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId> <artifactId>maven-war-plugin</artifactId>
<configuration> </plugin>
<webXml>src/main/webapp/filter/WEB-INF/web.xml</webXml> <plugin>
</configuration> <groupId>org.mortbay.jetty</groupId>
</plugin> <artifactId>maven-jetty-plugin</artifactId>
</plugins> <configuration>
</build> <contextPath>/contacts</contextPath>
<!--jettyConfig>${basedir}/src/test/resources/jetty.xml</jettyConfig-->
<scanIntervalSeconds>10</scanIntervalSeconds>
<!--scanTargets>
<scanTarget>src/main/webapp/css</scanTarget>
</scanTargets-->
</configuration>
</plugin>
</plugins>
</build>
</project> </project>

360
samples/contacts/src/main/resources/applicationContext-common-authorization.xml
View File

@ -11,204 +11,198 @@
<beans> <beans>
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource"> <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames"> <property name="basenames">
<list> <list>
<value>classpath:/org/acegisecurity/messages</value> <value>classpath:/org/acegisecurity/messages</value>
</list> </list>
</property> </property>
</bean> </bean>
<!-- ~~~~~~~~~~~~~~~~~~ "BEFORE INVOCATION" AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~ --> <!-- ~~~~~~~~~~~~~~~~~~ "BEFORE INVOCATION" AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~ -->
<!-- ACL permission masks used by this application --> <!-- ACL permission masks used by this application -->
<bean id="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean"> <bean id="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"
<property name="staticField"><value>org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION</value></property> class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
</bean> <property name="staticField" value="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<bean id="org.acegisecurity.acls.domain.BasePermission.READ" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean"> </bean>
<property name="staticField"><value>org.acegisecurity.acls.domain.BasePermission.READ</value></property> <bean id="org.acegisecurity.acls.domain.BasePermission.READ"
</bean> class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
<bean id="org.acegisecurity.acls.domain.BasePermission.DELETE" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean"> <property name="staticField" value="org.acegisecurity.acls.domain.BasePermission.READ"/>
<property name="staticField"><value>org.acegisecurity.acls.domain.BasePermission.DELETE</value></property> </bean>
</bean> <bean id="org.acegisecurity.acls.domain.BasePermission.DELETE"
class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
<property name="staticField" value="org.acegisecurity.acls.domain.BasePermission.DELETE"/>
</bean>
<!-- An access decision voter that reads ROLE_* configuration settings --> <!-- An access decision voter that reads ROLE_* configuration settings -->
<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>
<!-- An access decision voter that reads ACL_CONTACT_READ configuration settings --> <!-- An access decision voter that reads ACL_CONTACT_READ configuration settings -->
<bean id="aclContactReadVoter" class="org.acegisecurity.vote.AclEntryVoter"> <bean id="aclContactReadVoter" class="org.acegisecurity.vote.AclEntryVoter">
<constructor-arg> <constructor-arg ref="aclService"/>
<ref bean="aclService"/> <constructor-arg value="ACL_CONTACT_READ"/>
</constructor-arg> <constructor-arg>
<constructor-arg> <list>
<value>ACL_CONTACT_READ</value> <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
</constructor-arg> <ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
<constructor-arg> </list>
<list> </constructor-arg>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/> <property name="processDomainObjectClass" value="sample.contact.Contact"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.READ"/> </bean>
</list>
</constructor-arg>
<property name="processDomainObjectClass"><value>sample.contact.Contact</value></property>
</bean>
<!-- An access decision voter that reads ACL_CONTACT_DELETE configuration settings --> <!-- An access decision voter that reads ACL_CONTACT_DELETE configuration settings -->
<bean id="aclContactDeleteVoter" class="org.acegisecurity.vote.AclEntryVoter"> <bean id="aclContactDeleteVoter" class="org.acegisecurity.vote.AclEntryVoter">
<constructor-arg> <constructor-arg ref="aclService"/>
<ref bean="aclService"/> <constructor-arg value="ACL_CONTACT_DELETE"/>
</constructor-arg> <constructor-arg>
<constructor-arg> <list>
<value>ACL_CONTACT_DELETE</value> <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
</constructor-arg> <ref local="org.acegisecurity.acls.domain.BasePermission.DELETE"/>
<constructor-arg> </list>
<list> </constructor-arg>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/> <property name="processDomainObjectClass" value="sample.contact.Contact"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.DELETE"/> </bean>
</list>
</constructor-arg>
<property name="processDomainObjectClass"><value>sample.contact.Contact</value></property>
</bean>
<!-- An access decision voter that reads ACL_CONTACT_ADMIN configuration settings --> <!-- An access decision voter that reads ACL_CONTACT_ADMIN configuration settings -->
<bean id="aclContactAdminVoter" class="org.acegisecurity.vote.AclEntryVoter"> <bean id="aclContactAdminVoter" class="org.acegisecurity.vote.AclEntryVoter">
<constructor-arg> <constructor-arg ref="aclService"/>
<ref bean="aclService"/> <constructor-arg value="ACL_CONTACT_ADMIN"/>
</constructor-arg> <constructor-arg>
<constructor-arg> <list>
<value>ACL_CONTACT_ADMIN</value> <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
</constructor-arg> </list>
<constructor-arg> </constructor-arg>
<list> <property name="processDomainObjectClass" value="sample.contact.Contact"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/> </bean>
</list>
</constructor-arg>
<property name="processDomainObjectClass"><value>sample.contact.Contact</value></property>
</bean>
<!-- An access decision manager used by the business objects --> <!-- An access decision manager used by the business objects -->
<bean id="businessAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <bean id="businessAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions"><value>false</value></property> <property name="allowIfAllAbstainDecisions" value="false"/>
<property name="decisionVoters"> <property name="decisionVoters">
<list> <list>
<ref local="roleVoter"/> <ref local="roleVoter"/>
<ref local="aclContactReadVoter"/> <ref local="aclContactReadVoter"/>
<ref local="aclContactDeleteVoter"/> <ref local="aclContactDeleteVoter"/>
<ref local="aclContactAdminVoter"/> <ref local="aclContactAdminVoter"/>
</list> </list>
</property> </property>
</bean> </bean>
<!-- ========= ACCESS CONTROL LIST LOOKUP MANAGER DEFINITIONS ========= --> <!-- ========= ACCESS CONTROL LIST LOOKUP MANAGER DEFINITIONS ========= -->
<bean id="aclCache" class="org.acegisecurity.acls.jdbc.EhCacheBasedAclCache"> <bean id="aclCache" class="org.acegisecurity.acls.jdbc.EhCacheBasedAclCache">
<constructor-arg> <constructor-arg>
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager"> <property name="cacheManager">
<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
</property> </property>
<property name="cacheName"> <property name="cacheName" value="aclCache"/>
<value>aclCache</value> </bean>
</property> </constructor-arg>
</bean> </bean>
</constructor-arg>
</bean>
<bean id="lookupStrategy" class="org.acegisecurity.acls.jdbc.BasicLookupStrategy">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="aclCache"/>
<constructor-arg ref="aclAuthorizationStrategy"/>
<constructor-arg>
<bean class="org.acegisecurity.acls.domain.ConsoleAuditLogger"/>
</constructor-arg>
</bean>
<bean id="aclAuthorizationStrategy" class="org.acegisecurity.acls.domain.AclAuthorizationStrategyImpl">
<constructor-arg>
<list>
<bean class="org.acegisecurity.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<bean class="org.acegisecurity.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<bean class="org.acegisecurity.GrantedAuthorityImpl">
<constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
</list>
</constructor-arg>
</bean>
<bean id="aclService" class="org.acegisecurity.acls.jdbc.JdbcMutableAclService">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="lookupStrategy"/>
<constructor-arg ref="aclCache"/>
</bean>
<!-- ============== "AFTER INTERCEPTION" AUTHORIZATION DEFINITIONS =========== --> <bean id="lookupStrategy" class="org.acegisecurity.acls.jdbc.BasicLookupStrategy">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="aclCache"/>
<constructor-arg ref="aclAuthorizationStrategy"/>
<constructor-arg>
<bean class="org.acegisecurity.acls.domain.ConsoleAuditLogger"/>
</constructor-arg>
</bean>
<bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager"> <bean id="aclAuthorizationStrategy" class="org.acegisecurity.acls.domain.AclAuthorizationStrategyImpl">
<property name="providers"> <constructor-arg>
<list> <list>
<ref local="afterAclRead"/> <bean class="org.acegisecurity.GrantedAuthorityImpl">
<ref local="afterAclCollectionRead"/> <constructor-arg value="ROLE_ADMINISTRATOR"/>
</list> </bean>
</property> <bean class="org.acegisecurity.GrantedAuthorityImpl">
</bean> <constructor-arg value="ROLE_ADMINISTRATOR"/>
</bean>
<!-- Processes AFTER_ACL_COLLECTION_READ configuration settings --> <bean class="org.acegisecurity.GrantedAuthorityImpl">
<bean id="afterAclCollectionRead" class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider"> <constructor-arg value="ROLE_ADMINISTRATOR"/>
<constructor-arg> </bean>
<ref bean="aclService"/> </list>
</constructor-arg> </constructor-arg>
<constructor-arg> </bean>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
</list>
</constructor-arg>
</bean>
<!-- Processes AFTER_ACL_READ configuration settings -->
<bean id="afterAclRead" class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationProvider">
<constructor-arg>
<ref bean="aclService"/>
</constructor-arg>
<constructor-arg>
<list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
</list>
</constructor-arg>
</bean>
<!-- ================= METHOD INVOCATION AUTHORIZATION ==================== --> <bean id="aclService" class="org.acegisecurity.acls.jdbc.JdbcMutableAclService">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="lookupStrategy"/>
<constructor-arg ref="aclCache"/>
</bean>
<!-- getRandomContact() is public. <!-- ============== "AFTER INTERCEPTION" AUTHORIZATION DEFINITIONS =========== -->
The create, getAll, getById etc have ROLE_USER to ensure user is <bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager">
authenticated (all users hold ROLE_USER in this application). <property name="providers">
<list>
<ref local="afterAclRead"/>
<ref local="afterAclCollectionRead"/>
</list>
</property>
</bean>
The delete and update methods don't need a ROLE_USER as they will <!-- Processes AFTER_ACL_COLLECTION_READ configuration settings -->
ensure the user is authenticated via their ACL_CONTACT_DELETE or <bean id="afterAclCollectionRead"
ACL_CONTACT_READ attribute, which also ensures the user has permission class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider">
to the Contact presented as a method argument. <constructor-arg>
--> <ref bean="aclService"/>
<bean id="contactManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> </constructor-arg>
<property name="authenticationManager"><ref bean="authenticationManager"/></property> <constructor-arg>
<property name="accessDecisionManager"><ref local="businessAccessDecisionManager"/></property> <list>
<property name="afterInvocationManager"><ref local="afterInvocationManager"/></property> <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<property name="objectDefinitionSource"> <ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
<value> </list>
sample.contact.ContactManager.create=ROLE_USER </constructor-arg>
sample.contact.ContactManager.getAllRecipients=ROLE_USER </bean>
sample.contact.ContactManager.getAll=ROLE_USER,AFTER_ACL_COLLECTION_READ
sample.contact.ContactManager.getById=ROLE_USER,AFTER_ACL_READ <!-- Processes AFTER_ACL_READ configuration settings -->
sample.contact.ContactManager.delete=ACL_CONTACT_DELETE <bean id="afterAclRead" class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationProvider">
sample.contact.ContactManager.deletePermission=ACL_CONTACT_ADMIN <constructor-arg>
sample.contact.ContactManager.addPermission=ACL_CONTACT_ADMIN <ref bean="aclService"/>
</value> </constructor-arg>
</property> <constructor-arg>
</bean> <list>
<ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
<ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
</list>
</constructor-arg>
</bean>
<!-- ================= METHOD INVOCATION AUTHORIZATION ==================== -->
<!-- getRandomContact() is public.
The create, getAll, getById etc have ROLE_USER to ensure user is
authenticated (all users hold ROLE_USER in this application).
The delete and update methods don't need a ROLE_USER as they will
ensure the user is authenticated via their ACL_CONTACT_DELETE or
ACL_CONTACT_READ attribute, which also ensures the user has permission
to the Contact presented as a method argument.
-->
<bean id="contactManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager">
<ref local="businessAccessDecisionManager"/>
</property>
<property name="afterInvocationManager">
<ref local="afterInvocationManager"/>
</property>
<property name="objectDefinitionSource">
<value>
sample.contact.ContactManager.create=ROLE_USER
sample.contact.ContactManager.getAllRecipients=ROLE_USER
sample.contact.ContactManager.getAll=ROLE_USER,AFTER_ACL_COLLECTION_READ
sample.contact.ContactManager.getById=ROLE_USER,AFTER_ACL_READ
sample.contact.ContactManager.delete=ACL_CONTACT_DELETE
sample.contact.ContactManager.deletePermission=ACL_CONTACT_ADMIN
sample.contact.ContactManager.addPermission=ACL_CONTACT_ADMIN
</value>
</property>
</bean>
</beans> </beans>

73
samples/contacts/src/main/resources/applicationContext-common-business.xml
View File

@ -11,38 +11,29 @@
<beans> <beans>
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName"> <property name="driverClassName" value="org.hsqldb.jdbcDriver"/>
<value>org.hsqldb.jdbcDriver</value> <property name="url" value="jdbc:hsqldb:mem:test"/> <!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
</property> <property name="username" value="sa"/>
<property name="url"> <property name="password" value=""/>
<value>jdbc:hsqldb:mem:test</value> </bean>
<!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
</property>
<property name="username">
<value>sa</value>
</property>
<property name="password">
<value></value>
</property>
</bean>
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager"> <bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource"><ref local="dataSource"/></property> <property name="dataSource"><ref local="dataSource"/></property>
</bean> </bean>
<bean id="transactionInterceptor" class="org.springframework.transaction.interceptor.TransactionInterceptor"> <bean id="transactionInterceptor" class="org.springframework.transaction.interceptor.TransactionInterceptor">
<property name="transactionManager"><ref bean="transactionManager"/></property> <property name="transactionManager"><ref local="transactionManager"/></property>
<property name="transactionAttributeSource"> <property name="transactionAttributeSource">
<value> <value>
sample.contact.ContactManager.create=PROPAGATION_REQUIRED sample.contact.ContactManager.create=PROPAGATION_REQUIRED
sample.contact.ContactManager.getAllRecipients=PROPAGATION_REQUIRED,readOnly sample.contact.ContactManager.getAllRecipients=PROPAGATION_REQUIRED,readOnly
sample.contact.ContactManager.getAll=PROPAGATION_REQUIRED,readOnly sample.contact.ContactManager.getAll=PROPAGATION_REQUIRED,readOnly
sample.contact.ContactManager.getById=PROPAGATION_REQUIRED,readOnly sample.contact.ContactManager.getById=PROPAGATION_REQUIRED,readOnly
sample.contact.ContactManager.delete=PROPAGATION_REQUIRED sample.contact.ContactManager.delete=PROPAGATION_REQUIRED
sample.contact.ContactManager.deletePermission=PROPAGATION_REQUIRED sample.contact.ContactManager.deletePermission=PROPAGATION_REQUIRED
sample.contact.ContactManager.addPermission=PROPAGATION_REQUIRED sample.contact.ContactManager.addPermission=PROPAGATION_REQUIRED
</value> </value>
</property> </property>
</bean> </bean>
@ -51,25 +42,25 @@
<property name="mutableAclService" ref="aclService"/> <property name="mutableAclService" ref="aclService"/>
<property name="platformTransactionManager" ref="transactionManager"/> <property name="platformTransactionManager" ref="transactionManager"/>
</bean> </bean>
<bean id="contactDao" class="sample.contact.ContactDaoSpring">
<property name="dataSource"><ref local="dataSource"/></property>
</bean>
<bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean"> <bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property> <property name="proxyInterfaces" value="sample.contact.ContactManager"/>
<property name="interceptorNames"> <property name="interceptorNames">
<list> <list>
<idref local="transactionInterceptor"/> <idref local="transactionInterceptor"/>
<idref bean="contactManagerSecurity"/> <idref bean="contactManagerSecurity"/>
<idref local="contactManagerTarget"/> <idref local="contactManagerTarget"/>
</list> </list>
</property> </property>
</bean> </bean>
<bean id="contactManagerTarget" class="sample.contact.ContactManagerBackend"> <bean id="contactManagerTarget" class="sample.contact.ContactManagerBackend">
<property name="contactDao"><ref local="contactDao"/></property> <property name="contactDao">
<property name="mutableAclService"><ref bean="aclService"/></property> <bean class="sample.contact.ContactDaoSpring">
<property name="dataSource"><ref local="dataSource"/></property>
</bean>
</property>
<property name="mutableAclService" ref="aclService"/>
</bean> </bean>
</beans> </beans>

0
samples/contacts/src/main/webapp/common/WEB-INF/.cvsignore → samples/contacts/src/main/webapp/WEB-INF/.cvsignore
View File

104
samples/contacts/src/main/webapp/cas/WEB-INF/applicationContext-acegi-security.xml → samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-cas.xml
View File

@ -7,48 +7,47 @@
- -
- Only used by "cas" artifact. - Only used by "cas" artifact.
- -
- $Id$ - $Id: applicationContext-acegi-security.xml 1409 2006-04-26 23:36:03Z benalex $
--> -->
<beans> <beans>
<!-- ======================== FILTER CHAIN ======================= --> <!-- ======================== FILTER CHAIN ======================= -->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource"> <property name="filterInvocationDefinitionSource">
<value> <value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT PATTERN_TYPE_APACHE_ANT
/**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,casProcessingFilter,basicProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor /**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,casProcessingFilter,basicProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</value> </value>
</property> </property>
</bean> </bean>
<!-- ======================== AUTHENTICATION ======================= --> <!-- ======================== AUTHENTICATION ======================= -->
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers"> <property name="providers">
<list> <list>
<ref local="casAuthenticationProvider"/> <ref local="casAuthenticationProvider"/>
</list> </list>
</property> </property>
</bean> </bean>
<bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> <bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource"><ref bean="dataSource"/></property> <property name="dataSource" ref="dataSource"/>
</bean> </bean>
<bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter"> <bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
<property name="authenticationManager"><ref local="authenticationManager"/></property> <property name="authenticationManager"><ref local="authenticationManager"/></property>
<property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property> <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
</bean> </bean>
<bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint"> <bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
<property name="realmName"><value>Contacts Realm</value></property> <property name="realmName"><value>Contacts Realm</value></property>
</bean> </bean>
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"> <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
</bean>
<bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider"> <bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider">
<property name="casAuthoritiesPopulator"><ref local="casAuthoritiesPopulator"/></property> <property name="casAuthoritiesPopulator"><ref local="casAuthoritiesPopulator"/></property>
@ -59,23 +58,19 @@
</bean> </bean>
<bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator"> <bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
<property name="casValidate"><value>https://localhost:8443/cas/proxyValidate</value></property> <property name="casValidate" value="https://localhost:8443/cas/proxyValidate"/>
<property name="proxyCallbackUrl"><value>https://localhost:8443/contacts-cas/casProxy/receptor</value></property> <property name="proxyCallbackUrl" value="https://localhost:8443/contacts-cas/casProxy/receptor"/>
<property name="serviceProperties"><ref local="serviceProperties"/></property> <property name="serviceProperties"><ref local="serviceProperties"/></property>
<!-- <property name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property> --> <!-- <property name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property> -->
</bean> </bean>
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
<bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager"> <property name="cacheManager"><ref local="cacheManager"/></property>
<ref local="cacheManager"/> <property name="cacheName" value="ticketCache"/>
</property> </bean>
<property name="cacheName">
<value>ticketCache</value>
</property>
</bean>
<bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache"> <bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
<property name="cache"><ref local="ticketCacheBackend"/></property> <property name="cache"><ref local="ticketCacheBackend"/></property>
</bean> </bean>
@ -84,12 +79,11 @@
<property name="userDetailsService"><ref local="jdbcDaoImpl"/></property> <property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
</bean> </bean>
<bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets"> <bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets"/>
</bean>
<bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties"> <bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties">
<property name="service"><value>https://localhost:8443/contacts-cas/j_acegi_cas_security_check</value></property> <property name="service" value="https://localhost:8443/contacts-cas/j_acegi_cas_security_check"/>
<property name="sendRenew"><value>false</value></property> <property name="sendRenew" value="false"/>
</bean> </bean>
<!-- note logout has little impact, due to CAS reauthentication functionality (it will cause a refresh of the authentication though) --> <!-- note logout has little impact, due to CAS reauthentication functionality (it will cause a refresh of the authentication though) -->
@ -104,7 +98,7 @@
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== --> <!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
<!-- Enabled by default for CAS, as a CAS deployment uses HTTPS --> <!-- Enabled by default for CAS, as a CAS deployment uses HTTPS -->
<bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter"> <bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">
<property name="channelDecisionManager"><ref local="channelDecisionManager"/></property> <property name="channelDecisionManager"><ref local="channelDecisionManager"/></property>
@ -112,7 +106,7 @@
<value> <value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
\A/secure/.*\Z=REQUIRES_SECURE_CHANNEL \A/secure/.*\Z=REQUIRES_SECURE_CHANNEL
\A/j_acegi_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL \A/j_acegi_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL
\A.*\Z=REQUIRES_INSECURE_CHANNEL \A.*\Z=REQUIRES_INSECURE_CHANNEL
</value> </value>
</property> </property>
@ -171,24 +165,24 @@
</value> </value>
</property> </property>
</bean> </bean>
<!-- BASIC Regular Expression Syntax (for beginners): <!-- BASIC Regular Expression Syntax (for beginners):
\A means the start of the string (ie the beginning of the URL) \A means the start of the string (ie the beginning of the URL)
\Z means the end of the string (ie the end of the URL) \Z means the end of the string (ie the end of the URL)
. means any single character . means any single character
* means null or any number of repetitions of the last expression (so .* means zero or more characters) * means null or any number of repetitions of the last expression (so .* means zero or more characters)
Some examples: Some examples:
Expression: \A/my/directory/.*\Z Expression: \A/my/directory/.*\Z
Would match: /my/directory/ Would match: /my/directory/
/my/directory/hello.html /my/directory/hello.html
Expression: \A/.*\Z Expression: \A/.*\Z
Would match: /hello.html Would match: /hello.html
/ /
Expression: \A/.*/secret.html\Z Expression: \A/.*/secret.html\Z
Would match: /some/directory/secret.html Would match: /some/directory/secret.html
/another/secret.html /another/secret.html

22
samples/contacts/src/main/webapp/ldap/WEB-INF/applicationContext-acegi-security.xml → samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-ldap.xml
View File

@ -7,7 +7,7 @@
- -
- Only used by "ldap" artifact. - Only used by "ldap" artifact.
- -
- $Id$ - $Id: applicationContext-acegi-security.xml 1468 2006-05-20 17:50:51Z luke_t $
--> -->
<beans> <beans>
@ -37,9 +37,9 @@
</bean> </bean>
<bean id="initialDirContextFactory" class="org.acegisecurity.ldap.DefaultInitialDirContextFactory"> <bean id="initialDirContextFactory" class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">
<constructor-arg value="ldap://monkeymachine:389/dc=acegisecurity,dc=org"/> <constructor-arg value="ldap://monkeymachine.co.uk:389/dc=acegisecurity,dc=org"/>
<property name="managerDn"><value>cn=manager,dc=acegisecurity,dc=org</value></property> <property name="managerDn" value="cn=manager,dc=acegisecurity,dc=org" />
<property name="managerPassword"><value>acegisecurity</value></property> <property name="managerPassword" value="acegisecurity"/>
</bean> </bean>
<bean id="ldapAuthenticationProvider" class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider"> <bean id="ldapAuthenticationProvider" class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
@ -115,28 +115,28 @@
</value> </value>
</property> </property>
</bean> </bean>
<!-- BASIC Regular Expression Syntax (for beginners): <!-- BASIC Regular Expression Syntax (for beginners):
\A means the start of the string (ie the beginning of the URL) \A means the start of the string (ie the beginning of the URL)
\Z means the end of the string (ie the end of the URL) \Z means the end of the string (ie the end of the URL)
. means any single character . means any single character
* means null or any number of repetitions of the last expression (so .* means zero or more characters) * means null or any number of repetitions of the last expression (so .* means zero or more characters)
Some examples: Some examples:
Expression: \A/my/directory/.*\Z Expression: \A/my/directory/.*\Z
Would match: /my/directory/ Would match: /my/directory/
/my/directory/hello.html /my/directory/hello.html
Expression: \A/.*\Z Expression: \A/.*\Z
Would match: /hello.html Would match: /hello.html
/ /
Expression: \A/.*/secret.html\Z Expression: \A/.*/secret.html\Z
Would match: /some/directory/secret.html Would match: /some/directory/secret.html
/another/secret.html /another/secret.html
Not match: /anothersecret.html (missing required /) Not match: /anothersecret.html (missing required /)
--> -->
</beans> </beans>

16
samples/contacts/src/main/webapp/x509/WEB-INF/applicationContext-acegi-security.xml → samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-x509.xml
View File

@ -7,7 +7,7 @@
- -
- Only used by "x509" artifact. - Only used by "x509" artifact.
- -
- $Id$ - $Id: applicationContext-acegi-security.xml 1409 2006-04-26 23:36:03Z benalex $
--> -->
<beans> <beans>
@ -87,7 +87,7 @@
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== --> <!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
<!-- Enabled by default for X.509 (obviously) --> <!-- Enabled by default for X.509 (obviously) -->
<bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter"> <bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">
<property name="channelDecisionManager"><ref local="channelDecisionManager"/></property> <property name="channelDecisionManager"><ref local="channelDecisionManager"/></property>
@ -148,24 +148,24 @@
</value> </value>
</property> </property>
</bean> </bean>
<!-- BASIC Regular Expression Syntax (for beginners): <!-- BASIC Regular Expression Syntax (for beginners):
\A means the start of the string (ie the beginning of the URL) \A means the start of the string (ie the beginning of the URL)
\Z means the end of the string (ie the end of the URL) \Z means the end of the string (ie the end of the URL)
. means any single character . means any single character
* means null or any number of repetitions of the last expression (so .* means zero or more characters) * means null or any number of repetitions of the last expression (so .* means zero or more characters)
Some examples: Some examples:
Expression: \A/my/directory/.*\Z Expression: \A/my/directory/.*\Z
Would match: /my/directory/ Would match: /my/directory/
/my/directory/hello.html /my/directory/hello.html
Expression: \A/.*\Z Expression: \A/.*\Z
Would match: /hello.html Would match: /hello.html
/ /
Expression: \A/.*/secret.html\Z Expression: \A/.*/secret.html\Z
Would match: /some/directory/secret.html Would match: /some/directory/secret.html
/another/secret.html /another/secret.html

24
samples/contacts/src/main/webapp/filter/WEB-INF/applicationContext-acegi-security.xml → samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
View File

@ -7,7 +7,7 @@
- -
- Only used by "filter" artifact. - Only used by "filter" artifact.
- -
- $Id$ - $Id: applicationContext-acegi-security.xml 1425 2006-04-28 06:43:50Z benalex $
--> -->
<beans> <beans>
@ -21,7 +21,7 @@
<value> <value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor,switchUserProcessingFilter /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,switchUserProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</value> </value>
</property> </property>
</bean> </bean>
@ -46,12 +46,12 @@
<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService"><ref local="jdbcDaoImpl"/></property> <property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
<property name="userCache"><ref local="userCache"/></property> <!-- <property name="userCache"><ref local="userCache"/></property> -->
<property name="passwordEncoder"><ref local="passwordEncoder"/></property> <property name="passwordEncoder"><ref local="passwordEncoder"/></property>
</bean> </bean>
<!--
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
<bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager"> <property name="cacheManager">
<ref local="cacheManager"/> <ref local="cacheManager"/>
@ -60,11 +60,11 @@
<value>userCache</value> <value>userCache</value>
</property> </property>
</bean> </bean>
<bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"> <bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
<property name="cache"><ref local="userCacheBackend"/></property> <property name="cache"><ref local="userCacheBackend"/></property>
</bean> </bean>
-->
<!-- Automatically receives AuthenticationEvent messages --> <!-- Automatically receives AuthenticationEvent messages -->
<bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/> <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/>
@ -98,11 +98,11 @@
<property name="userDetailsService"><ref local="jdbcDaoImpl"/></property> <property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
<property name="key"><value>springRocks</value></property> <property name="key"><value>springRocks</value></property>
</bean> </bean>
<bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> <bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
<property name="key"><value>springRocks</value></property> <property name="key"><value>springRocks</value></property>
</bean> </bean>
<bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter"> <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout --> <constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
<constructor-arg> <constructor-arg>
@ -112,7 +112,7 @@
</list> </list>
</constructor-arg> </constructor-arg>
</bean> </bean>
<bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/> <bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== --> <!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
@ -199,7 +199,7 @@
</property> </property>
</bean> </bean>
<!-- Filter used to switch the user context. Note: the switch and exit url must be secured <!-- Filter used to switch the user context. Note: the switch and exit url must be secured
based on the role granted the ability to 'switch' to another user --> based on the role granted the ability to 'switch' to another user -->
<!-- In this example 'marissa' has ROLE_SUPERVISOR that can switch to regular ROLE_USER(s) --> <!-- In this example 'marissa' has ROLE_SUPERVISOR that can switch to regular ROLE_USER(s) -->
<bean id="switchUserProcessingFilter" class="org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter"> <bean id="switchUserProcessingFilter" class="org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter">
@ -207,6 +207,6 @@
<property name="switchUserUrl"><value>/j_acegi_switch_user</value></property> <property name="switchUserUrl"><value>/j_acegi_switch_user</value></property>
<property name="exitUserUrl"><value>/j_acegi_exit_user</value></property> <property name="exitUserUrl"><value>/j_acegi_exit_user</value></property>
<property name="targetUrl"><value>/acegi-security-sample-contacts-filter/secure/index.htm</value></property> <property name="targetUrl"><value>/acegi-security-sample-contacts-filter/secure/index.htm</value></property>
</bean> </bean>
</beans> </beans>

83
samples/contacts/src/main/webapp/WEB-INF/contacts-servlet.xml Normal file
View File

@ -0,0 +1,83 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Application context definition for "contacts" DispatcherServlet.
-
- $Id: contacts-servlet.xml 1754 2006-11-17 02:01:21Z benalex $
-->
<beans>
<!-- ========================== WEB DEFINITIONS ======================= -->
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basename" value="messages"/>
</bean>
<bean id="publicIndexController" class="sample.contact.PublicIndexController">
<property name="contactManager" ref="contactManager"/>
</bean>
<bean id="secureIndexController" class="sample.contact.SecureIndexController">
<property name="contactManager" ref="contactManager"/>
</bean>
<bean id="secureDeleteController" class="sample.contact.DeleteController">
<property name="contactManager" ref="contactManager"/>
</bean>
<bean id="adminPermissionController" class="sample.contact.AdminPermissionController">
<property name="contactManager" ref="contactManager"/>
<property name="aclService" ref="aclService"/>
</bean>
<bean id="deletePermissionController" class="sample.contact.DeletePermissionController">
<property name="contactManager" ref="contactManager"/>
<property name="aclService" ref="aclService"/>
</bean>
<bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="mappings">
<props>
<prop key="/hello.htm">publicIndexController</prop>
<prop key="/secure/add.htm">secureAddForm</prop>
<prop key="/secure/index.htm">secureIndexController</prop>
<prop key="/secure/del.htm">secureDeleteController</prop>
<prop key="/secure/adminPermission.htm">adminPermissionController</prop>
<prop key="/secure/deletePermission.htm">deletePermissionController</prop>
<prop key="/secure/addPermission.htm">addPermissionForm</prop>
</props>
</property>
</bean>
<bean id="secureAddForm" class="sample.contact.WebContactAddController">
<property name="sessionForm" value="true"/>
<property name="commandName" value="webContact"/>
<property name="commandClass" value="sample.contact.WebContact"/>
<property name="validator">
<bean id="addValidator" class="sample.contact.WebContactValidator"/>
</property>
<property name="formView" value="add"/>
<property name="successView" value="index.htm"/>
<property name="contactManager" ref="contactManager"/>
</bean>
<bean id="addPermissionForm" class="sample.contact.AddPermissionController">
<property name="sessionForm" value="true"/>
<property name="commandName" value="addPermission"/>
<property name="commandClass" value="sample.contact.AddPermission"/>
<property name="validator">
<bean id="addPermissionValidator" class="sample.contact.AddPermissionValidator"/>
</property>
<property name="formView" value="addPermission"/>
<property name="successView" value="index.htm"/>
<property name="contactManager" ref="contactManager"/>
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/jsp/"/>
<property name="suffix" value=".jsp"/>
</bean>
</beans>

0
samples/contacts/src/main/webapp/common/WEB-INF/jsp/add.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/add.jsp
View File

110
samples/contacts/src/main/webapp/common/WEB-INF/jsp/addPermission.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/addPermission.jsp
View File

@ -1,55 +1,55 @@
<%@ include file="/WEB-INF/jsp/include.jsp" %> <%@ include file="/WEB-INF/jsp/include.jsp" %>
<html> <html>
<head><title>Add Permission</title></head> <head><title>Add Permission</title></head>
<body> <body>
<h1>Add Permission</h1> <h1>Add Permission</h1>
<form method="post"> <form method="post">
<table width="95%" bgcolor="f8f8ff" border="0" cellspacing="0" cellpadding="5"> <table width="95%" bgcolor="f8f8ff" border="0" cellspacing="0" cellpadding="5">
<tr> <tr>
<td alignment="right" width="20%">Contact:</td> <td alignment="right" width="20%">Contact:</td>
<td width="60%"><c:out value="${addPermission.contact}"/></td> <td width="60%"><c:out value="${addPermission.contact}"/></td>
</tr> </tr>
<tr> <tr>
<td alignment="right" width="20%">Recipient:</td> <td alignment="right" width="20%">Recipient:</td>
<spring:bind path="addPermission.recipient"> <spring:bind path="addPermission.recipient">
<td width="20%"> <td width="20%">
<select name="<c:out value="${status.expression}"/>"> <select name="<c:out value="${status.expression}"/>">
<c:forEach var="thisRecipient" items="${recipients}"> <c:forEach var="thisRecipient" items="${recipients}">
<option <c:if test="${thisRecipient.key == status.value}">selected</c:if> value="<c:out value="${thisRecipient.key}"/>"> <option <c:if test="${thisRecipient.key == status.value}">selected</c:if> value="<c:out value="${thisRecipient.key}"/>">
<c:out value="${thisRecipient.value}"/></option> <c:out value="${thisRecipient.value}"/></option>
</c:forEach> </c:forEach>
</select> </select>
</td> </td>
<td width="60%"> <td width="60%">
<font color="red"><c:out value="${status.errorMessage}"/></font> <font color="red"><c:out value="${status.errorMessage}"/></font>
</td> </td>
</spring:bind> </spring:bind>
</tr> </tr>
<tr> <tr>
<td alignment="right" width="20%">Permission:</td> <td alignment="right" width="20%">Permission:</td>
<spring:bind path="addPermission.permission"> <spring:bind path="addPermission.permission">
<td width="20%"> <td width="20%">
<select name="<c:out value="${status.expression}"/>"> <select name="<c:out value="${status.expression}"/>">
<c:forEach var="thisPermission" items="${permissions}"> <c:forEach var="thisPermission" items="${permissions}">
<option <c:if test="${thisPermission.key == status.value}">selected</c:if> value="<c:out value="${thisPermission.key}"/>"> <option <c:if test="${thisPermission.key == status.value}">selected</c:if> value="<c:out value="${thisPermission.key}"/>">
<c:out value="${thisPermission.value}"/></option> <c:out value="${thisPermission.value}"/></option>
</c:forEach> </c:forEach>
</select> </select>
</td> </td>
<td width="60%"> <td width="60%">
<font color="red"><c:out value="${status.errorMessage}"/></font> <font color="red"><c:out value="${status.errorMessage}"/></font>
</td> </td>
</spring:bind> </spring:bind>
</tr> </tr>
</table> </table>
<br> <br>
<spring:hasBindErrors name="webContact"> <spring:hasBindErrors name="webContact">
<b>Please fix all errors!</b> <b>Please fix all errors!</b>
</spring:hasBindErrors> </spring:hasBindErrors>
<br><br> <br><br>
<input name="execute" type="submit" alignment="center" value="Execute"> <input name="execute" type="submit" alignment="center" value="Execute">
</form> </form>
<p> <p>
<A HREF="<c:url value="adminPermission.htm"><c:param name="contactId" value="${addPermission.contact.id}"/></c:url>">Admin Permission</A> <a href="<c:url value="index.htm"/>">Manage</a> <A HREF="<c:url value="adminPermission.htm"><c:param name="contactId" value="${addPermission.contact.id}"/></c:url>">Admin Permission</A> <a href="<c:url value="index.htm"/>">Manage</a>
</body> </body>
</html> </html>

56
samples/contacts/src/main/webapp/common/WEB-INF/jsp/adminPermission.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/adminPermission.jsp
View File

@ -1,28 +1,28 @@
<%@ include file="/WEB-INF/jsp/include.jsp" %> <%@ include file="/WEB-INF/jsp/include.jsp" %>
<html> <html>
<head><title>Administer Permissions</title></head> <head><title>Administer Permissions</title></head>
<body> <body>
<h1>Administer Permissions</h1> <h1>Administer Permissions</h1>
<P> <P>
<code> <code>
<c:out value="${model.contact}"/> <c:out value="${model.contact}"/>
</code> </code>
<P> <P>
<table cellpadding=3 border=0> <table cellpadding=3 border=0>
<c:forEach var="acl" items="${model.acl.entries}"> <c:forEach var="acl" items="${model.acl.entries}">
<tr> <tr>
<td> <td>
<code> <code>
<c:out value="${acl}"/> <c:out value="${acl}"/>
</code> </code>
</td> </td>
<td> <td>
<A HREF="<c:url value="deletePermission.htm"><c:param name="contactId" value="${model.contact.id}"/><c:param name="sid" value="${acl.sid.principal}"/><c:param name="permission" value="${acl.permission.mask}"/></c:url>">Del</A> <A HREF="<c:url value="deletePermission.htm"><c:param name="contactId" value="${model.contact.id}"/><c:param name="sid" value="${acl.sid.principal}"/><c:param name="permission" value="${acl.permission.mask}"/></c:url>">Del</A>
</td> </td>
</tr> </tr>
</c:forEach> </c:forEach>
</table> </table>
<p><a href="<c:url value="addPermission.htm"><c:param name="contactId" value="${model.contact.id}"/></c:url>">Add Permission</a> <a href="<c:url value="index.htm"/>">Manage</a> <p><a href="<c:url value="addPermission.htm"><c:param name="contactId" value="${model.contact.id}"/></c:url>">Add Permission</a> <a href="<c:url value="index.htm"/>">Manage</a>
</body> </body>
</html> </html>

34
samples/contacts/src/main/webapp/common/WEB-INF/jsp/deletePermission.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/deletePermission.jsp
View File

@ -1,20 +1,20 @@
<%@ include file="/WEB-INF/jsp/include.jsp" %> <%@ include file="/WEB-INF/jsp/include.jsp" %>
<html> <html>
<head><title>Permission Deleted</title></head> <head><title>Permission Deleted</title></head>
<body> <body>
<h1>Permission Deleted</h1> <h1>Permission Deleted</h1>
<P> <P>
<code> <code>
<c:out value="${model.contact}"/> <c:out value="${model.contact}"/>
</code> </code>
<P> <P>
<code> <code>
<c:out value="${model.sid}"/> <c:out value="${model.sid}"/>
</code> </code>
<code> <code>
<c:out value="${model.permission}"/> <c:out value="${model.permission}"/>
</code> </code>
<p><a href="<c:url value="index.htm"/>">Manage</a> <p><a href="<c:url value="index.htm"/>">Manage</a>
</body> </body>
</html> </html>

0
samples/contacts/src/main/webapp/common/WEB-INF/jsp/deleted.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/deleted.jsp
View File

4
samples/contacts/src/main/webapp/common/WEB-INF/jsp/hello.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/hello.jsp
View File

@ -15,13 +15,13 @@
layer bean has a number of secured (protected) and public (unprotected) layer bean has a number of secured (protected) and public (unprotected)
methods.</li> methods.</li>
<li><b>Web request security</b>. The <code>/secure</code> URI path is protected <li><b>Web request security</b>. The <code>/secure</code> URI path is protected
by Acegi Security from principals not holding the by Acegi Security from principals not holding the
<code>ROLE_USER</code> granted authority.</li> <code>ROLE_USER</code> granted authority.</li>
<li><b>Security unaware application objects</b>. None of the objects <li><b>Security unaware application objects</b>. None of the objects
are aware of the security being implemented by Acegi Security. *</li> are aware of the security being implemented by Acegi Security. *</li>
<li><b>Security taglib usage</b>. All of the JSPs use Acegi Security's <li><b>Security taglib usage</b>. All of the JSPs use Acegi Security's
taglib to evaluate security information. *</li> taglib to evaluate security information. *</li>
<li><b>Fully declarative security</b>. Every capability is configured in <li><b>Fully declarative security</b>. Every capability is configured in
the application context using standard Acegi Security classes. *</li> the application context using standard Acegi Security classes. *</li>
<li><b>Database-sourced security data</b>. All of the user, role and ACL <li><b>Database-sourced security data</b>. All of the user, role and ACL
information is obtained from an in-memory JDBC-compliant database.</li> information is obtained from an in-memory JDBC-compliant database.</li>

0
samples/contacts/src/main/webapp/common/WEB-INF/jsp/include.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/include.jsp
View File

0
samples/contacts/src/main/webapp/common/WEB-INF/jsp/index.jsp → samples/contacts/src/main/webapp/WEB-INF/jsp/index.jsp
View File

4
samples/contacts/src/main/webapp/common/WEB-INF/remoting-servlet.xml → samples/contacts/src/main/webapp/WEB-INF/remoting-servlet.xml
View File

@ -3,12 +3,12 @@
<!-- <!--
- Contacts web application - Contacts web application
- $Id$ - $Id: remoting-servlet.xml 469 2004-11-20 05:28:20Z benalex $
--> -->
<beans> <beans>
<!-- RMI exporter for the ContactManager --> <!-- RMI exporter for the ContactManager -->
<!-- This could just as easily have been in <!-- This could just as easily have been in
applicationContext-common-business.xml, because it doesn't rely on applicationContext-common-business.xml, because it doesn't rely on
DispatcherServlet or indeed any other HTTP services. It's in this DispatcherServlet or indeed any other HTTP services. It's in this
application context simply for logical placement with other application context simply for logical placement with other

0
samples/contacts/src/main/webapp/common/WEB-INF/spring.tld → samples/contacts/src/main/webapp/WEB-INF/spring.tld
View File

38
samples/contacts/src/main/webapp/ldap/WEB-INF/web.xml → samples/contacts/src/main/webapp/WEB-INF/web.xml
View File

@ -4,15 +4,13 @@
<!-- <!--
- Contacts web application - Contacts web application
- -
- web.xml for "ldap" artifact only. - $Id: web.xml 1741 2006-11-14 03:18:42Z benalex $
-
- $Id$
--> -->
<web-app> <web-app>
<display-name>Contacts Sample Application</display-name> <display-name>Contacts Sample Application</display-name>
<!-- <!--
- Location of the XML file that defines the root application context - Location of the XML file that defines the root application context
- Applied by ContextLoaderListener. - Applied by ContextLoaderListener.
@ -25,12 +23,28 @@
classpath:applicationContext-common-authorization.xml classpath:applicationContext-common-authorization.xml
</param-value> </param-value>
</context-param> </context-param>
<!--
Required for CAS ProxyTicketReceptor servlet. This is the
URL to CAS' "proxy" actuator, where a PGT and TargetService can
be presented to obtain a new proxy ticket. THIS CAN BE
REMOVED IF THE APPLICATION DOESN'T NEED TO ACT AS A PROXY
-->
<context-param>
<param-name>edu.yale.its.tp.cas.proxyUrl</param-name>
<param-value>http://localhost:8433/cas/proxy</param-value>
</context-param>
<!-- Nothing below here needs to be modified -->
<context-param> <context-param>
<param-name>log4jConfigLocation</param-name> <param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value> <param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param> </context-param>
<filter> <filter>
<filter-name>Acegi Filter Chain Proxy</filter-name> <filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class> <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
@ -44,10 +58,10 @@
<filter-name>Acegi Filter Chain Proxy</filter-name> <filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern> <url-pattern>/*</url-pattern>
</filter-mapping> </filter-mapping>
<!-- <!--
- Loads the root application context of this web app at startup. - Loads the root application context of this web app at startup.
- The application context is then available via - The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext). - WebApplicationContextUtils.getWebApplicationContext(servletContext).
--> -->
<listener> <listener>
@ -62,11 +76,11 @@
The HttpSessionEventPublisher will publish The HttpSessionEventPublisher will publish
HttpSessionCreatedEvent and HttpSessionDestroyedEvent HttpSessionCreatedEvent and HttpSessionDestroyedEvent
to the WebApplicationContext to the WebApplicationContext
--> -->
<listener> <listener>
<listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class> <listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
</listener> </listener>
<!-- <!--
- Provides core MVC application controller. See contacts-servlet.xml. - Provides core MVC application controller. See contacts-servlet.xml.
--> -->
@ -89,7 +103,7 @@
<servlet-name>contacts</servlet-name> <servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern> <url-pattern>*.htm</url-pattern>
</servlet-mapping> </servlet-mapping>
<servlet-mapping> <servlet-mapping>
<servlet-name>remoting</servlet-name> <servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern> <url-pattern>/remoting/*</url-pattern>
@ -98,13 +112,13 @@
<welcome-file-list> <welcome-file-list>
<welcome-file>index.jsp</welcome-file> <welcome-file>index.jsp</welcome-file>
</welcome-file-list> </welcome-file-list>
<error-page> <error-page>
<error-code>403</error-code> <error-code>403</error-code>
<location>/error.html</location> <location>/error.html</location>
</error-page> </error-page>
<taglib> <taglib>
<taglib-uri>/spring</taglib-uri> <taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location> <taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib> </taglib>

32
samples/contacts/src/main/webapp/filter/accessDenied.jsp → samples/contacts/src/main/webapp/accessDenied.jsp
View File

@ -1,16 +1,16 @@
<%@ page import="org.acegisecurity.context.SecurityContextHolder" %> <%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
<%@ page import="org.acegisecurity.Authentication" %> <%@ page import="org.acegisecurity.Authentication" %>
<%@ page import="org.acegisecurity.ui.AccessDeniedHandlerImpl" %> <%@ page import="org.acegisecurity.ui.AccessDeniedHandlerImpl" %>
<h1>Sorry, access is denied</h1> <h1>Sorry, access is denied</h1>
<p> <p>
<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%> <%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
<p> <p>
<% Authentication auth = SecurityContextHolder.getContext().getAuthentication(); <% Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null) { %> if (auth != null) { %>
Authentication object as a String: <%= auth.toString() %><BR><BR> Authentication object as a String: <%= auth.toString() %><BR><BR>
<% } %> <% } %>

6
samples/contacts/src/main/webapp/filter/acegilogin.jsp → samples/contacts/src/main/webapp/acegilogin.jsp
View File

@ -21,8 +21,8 @@
<p>username <b>bob</b>, password <b>wombat</b> <p>username <b>bob</b>, password <b>wombat</b>
<p>username <b>jane</b>, password <b>wombat</b> <p>username <b>jane</b>, password <b>wombat</b>
<p> <p>
<%-- this form-login-page form is also used as the <%-- this form-login-page form is also used as the
form-error-page to ask for a login again. form-error-page to ask for a login again.
--%> --%>
<c:if test="${not empty param.login_error}"> <c:if test="${not empty param.login_error}">
@ -34,7 +34,7 @@
<form action="<c:url value='j_acegi_security_check'/>" method="POST"> <form action="<c:url value='j_acegi_security_check'/>" method="POST">
<table> <table>
<tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<c:out value="${ACEGI_SECURITY_LAST_USERNAME}"/></c:if>></td></tr> <tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<%= session.getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY) %>'</c:if>></td></tr>
<tr><td>Password:</td><td><input type='password' name='j_password'></td></tr> <tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
<tr><td><input type="checkbox" name="_acegi_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr> <tr><td><input type="checkbox" name="_acegi_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>

70
samples/contacts/src/main/webapp/ca/WEB-INF/applicationContext-acegi-security.xml
View File

@ -1,70 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Application context containing authentication, channel
- security and web URI beans.
-
- Only used by "ca" artifact.
-
- $Id$
-->
<beans>
<!-- ======================== FILTER CHAIN ======================= -->
<!-- if you wish to use channel security, add "channelProcessingFilter," in front
of "authenticationProcessingFilter" in the list below -->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,httpRequestIntegrationFilter,logoutFilter
</value>
</property>
</bean>
<!-- ======================== AUTHENTICATION ======================= -->
<!-- We could also have a daoAuthenticationProvider in order to
process BASIC authentication requests, but this has been
left out given container adapters aren't recommended and
it would increase the number of bean declarations required -->
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="authByAdapterProvider"/>
</list>
</property>
</bean>
<bean id="authByAdapterProvider" class="org.acegisecurity.adapters.AuthByAdapterProvider">
<property name="key"><value>my_password</value></property>
</bean>
<bean id="httpRequestIntegrationFilter" class="org.acegisecurity.adapters.HttpRequestIntegrationFilter"/>
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
</bean>
<!-- note logout has little impact, due to container authentication functionality (used only so /j_acegi_logout doesn't give URL error) -->
<bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
<constructor-arg>
<list>
<bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
</list>
</constructor-arg>
</bean>
<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
<!-- Implement by servlet specification -->
<!-- ===================== HTTP REQUEST SECURITY ==================== -->
<!-- Implement by servlet specification -->
</beans>

48
samples/contacts/src/main/webapp/ca/WEB-INF/classes/resin-acegisecurity.xml
View File

@ -1,48 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
* The Acegi Security System for Spring is published under the terms
* of the Apache Software License.
*
* This springsecurity.xml file will only be used by Resin. Normally the
* springsecurity.xml is container-wide, but in the case of Resin it is
* web application specific.
*
* $Id$
*
* This file will be copied into WAR's classes directory if using container adapter
*
-->
<beans>
<!-- ================= CONTAINER ADAPTER CONFIGURATION ================ -->
<!-- Data access object which stores authentication information -->
<bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
<property name="userMap">
<value>
marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
dianne=emu,ROLE_TELLER
scott=wombat,ROLE_TELLER
peter=opal,disabled,ROLE_TELLER
</value>
</property>
</bean>
<!-- Authentication provider that queries our data access object -->
<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService"><ref bean="inMemoryDaoImpl"/></property>
<property name="forcePrincipalAsString"><value>true</value></property>
</bean>
<!-- The authentication manager that iterates through our only authentication provider -->
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="daoAuthenticationProvider"/>
</list>
</property>
</bean>
</beans>

7
samples/contacts/src/main/webapp/ca/WEB-INF/jboss-web.xml
View File

@ -1,7 +0,0 @@
<!--
- $Id$
- File will be copied into WAR's WEB-INF directory if using container adapter
-->
<jboss-web>
<security-domain>java:/jaas/SpringPoweredRealm</security-domain>
</jboss-web>

13
samples/contacts/src/main/webapp/ca/WEB-INF/resin-web.xml
View File

@ -1,13 +0,0 @@
<!--
- $Id$
- File will be copied into WAR's WEB-INF directory if using container adapter
-->
<web-app>
<authenticator>
<type>org.acegisecurity.adapters.resin.ResinAcegiAuthenticator</type>
<init>
<app-context-location>resin-acegisecurity.xml</app-context-location>
<key>my_password</key>
</init>
</authenticator>
</web-app>

137
samples/contacts/src/main/webapp/ca/WEB-INF/web.xml
View File

@ -1,137 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
<!--
- Contacts web application
-
- web.xml for "ca" artifact only.
-
- $Id$
-->
<web-app>
<display-name>Contacts Sample Application</display-name>
<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-acegi-security.xml
classpath:applicationContext-common-business.xml
classpath:applicationContext-common-authorization.xml
</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the root application context of this web app at startup.
- The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!--
- Provides core MVC application controller. See contacts-servlet.xml.
-->
<servlet>
<servlet-name>contacts</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!--
- Provides web services endpoint. See remoting-servlet.xml.
-->
<servlet>
<servlet-name>remoting</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>
<security-constraint>
<display-name>Secured Area Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Secured Area</web-resource-name>
<url-pattern>/secure/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ROLE_USER</role-name>
<role-name>ROLE_SUPERVISOR</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration using BASIC authentication -->
<!--
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Spring Powered Realm</realm-name>
</login-config>
-->
<!-- Default login configuration using form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Spring Powered Realm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/login.jsp?login_error=1</form-error-page>
</form-login-config>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<role-name>ROLE_SUPERVISOR</role-name>
</security-role>
<security-role>
<role-name>ROLE_USER</role-name>
</security-role>
</web-app>

46
samples/contacts/src/main/webapp/ca/login.jsp
View File

@ -1,46 +0,0 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<html>
<head>
<title>Login</title>
</head>
<body>
<h1>Login</h1>
<P>Valid users:
<P>
<P>username <b>marissa</b>, password <b>koala</b>
<P>username <b>dianne</b>, password <b>emu</b>
<p>username <b>scott</b>, password <b>wombat</b>
<p>username <b>peter</b>, password <b>opal</b> (user disabled)
<p>username <b>bill</b>, password <b>wombat</b>
<p>username <b>bob</b>, password <b>wombat</b>
<p>username <b>jane</b>, password <b>wombat</b>
<p>
<%-- this form-login-page form is also used as the
form-error-page to ask for a login again.
--%>
<c:if test="${not empty param.login_error}">
<font color="red">
Your login attempt was not successful, try again.
</font>
</c:if>
<form action="<c:url value='j_security_check'/>" method="POST">
<table>
<tr><td>User:</td><td><input type='text' name='j_username'></td></tr>
<tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
<tr><td colspan='2'><input name="submit" type="submit"></td></tr>
<tr><td colspan='2'><input name="reset" type="reset"></td></tr>
</table>
<!--
- The j_uri is a Resin requirement (ignored by other containers)
-->
<input type='hidden' name='j_uri' value='/secure/index.htm'/>
</form>
</body>
</html>

107
samples/contacts/src/main/webapp/cas/WEB-INF/web.xml
View File

@ -1,107 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
<!--
- Contacts web application
-
- web.xml for "cas" artifact only.
-
- $Id$
-->
<web-app>
<display-name>Contacts Sample Application</display-name>
<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-acegi-security.xml
classpath:applicationContext-common-business.xml
classpath:applicationContext-common-authorization.xml
</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<!-- Required for CAS ProxyTicketReceptor servlet. This is the
URL to CAS' "proxy" actuator, where a PGT and TargetService can
be presented to obtain a new proxy ticket. THIS CAN BE
REMOVED IF THE APPLICATION DOESN'T NEED TO ACT AS A PROXY -->
<context-param>
<param-name>edu.yale.its.tp.cas.proxyUrl</param-name>
<param-value>http://localhost:8433/cas/proxy</param-value>
</context-param>
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the root application context of this web app at startup.
- The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!--
- Provides core MVC application controller. See contacts-servlet.xml.
-->
<servlet>
<servlet-name>contacts</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!--
- Provides web services endpoint. See remoting-servlet.xml.
-->
<servlet>
<servlet-name>remoting</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>
</web-app>

6
samples/contacts/src/main/webapp/cas/casfailed.jsp → samples/contacts/src/main/webapp/casfailed.jsp
View File

@ -1,6 +1,6 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %> <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %> <%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="net.sf.acegisecurity.AuthenticationException" %> <%@ page import="org.acegisecurity.AuthenticationException" %>
<html> <html>
<head> <head>
@ -12,7 +12,7 @@
<font color="red"> <font color="red">
Your CAS credentials were rejected.<BR><BR> Your CAS credentials were rejected.<BR><BR>
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %> Reason: <%= ((AuthenticationException) session.getAttribute(org.acegisecurity.ui.AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
</font> </font>
</body> </body>

87
samples/contacts/src/main/webapp/common/WEB-INF/contacts-servlet.xml
View File

@ -1,87 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Application context definition for "contacts" DispatcherServlet.
-
- $Id$
-->
<beans>
<!-- ========================== WEB DEFINITIONS ======================= -->
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basename"><value>messages</value></property>
</bean>
<bean id="publicIndexController" class="sample.contact.PublicIndexController">
<property name="contactManager"><ref bean="contactManager"/></property>
</bean>
<bean id="secureIndexController" class="sample.contact.SecureIndexController">
<property name="contactManager"><ref bean="contactManager"/></property>
</bean>
<bean id="secureDeleteController" class="sample.contact.DeleteController">
<property name="contactManager"><ref bean="contactManager"/></property>
</bean>
<bean id="adminPermissionController" class="sample.contact.AdminPermissionController">
<property name="contactManager"><ref bean="contactManager"/></property>
<property name="aclService"><ref bean="aclService"/></property>
</bean>
<bean id="deletePermissionController" class="sample.contact.DeletePermissionController">
<property name="contactManager"><ref bean="contactManager"/></property>
<property name="aclService"><ref bean="aclService"/></property>
</bean>
<bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="mappings">
<props>
<prop key="/hello.htm">publicIndexController</prop>
<prop key="/secure/add.htm">secureAddForm</prop>
<prop key="/secure/index.htm">secureIndexController</prop>
<prop key="/secure/del.htm">secureDeleteController</prop>
<prop key="/secure/adminPermission.htm">adminPermissionController</prop>
<prop key="/secure/deletePermission.htm">deletePermissionController</prop>
<prop key="/secure/addPermission.htm">addPermissionForm</prop>
</props>
</property>
</bean>
<bean id="addValidator" class="sample.contact.WebContactValidator"/>
<bean id="addPermissionValidator" class="sample.contact.AddPermissionValidator"/>
<bean id="secureAddForm" class="sample.contact.WebContactAddController">
<property name="sessionForm"><value>true</value></property>
<property name="commandName"><value>webContact</value></property>
<property name="commandClass"><value>sample.contact.WebContact</value></property>
<property name="validator"><ref bean="addValidator"/></property>
<property name="formView"><value>add</value></property>
<property name="successView"><value>index.htm</value></property>
<property name="contactManager">
<ref bean="contactManager"/>
</property>
</bean>
<bean id="addPermissionForm" class="sample.contact.AddPermissionController">
<property name="sessionForm"><value>true</value></property>
<property name="commandName"><value>addPermission</value></property>
<property name="commandClass"><value>sample.contact.AddPermission</value></property>
<property name="validator"><ref bean="addPermissionValidator"/></property>
<property name="formView"><value>addPermission</value></property>
<property name="successView"><value>index.htm</value></property>
<property name="contactManager">
<ref bean="contactManager"/>
</property>
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix"><value>/WEB-INF/jsp/</value></property>
<property name="suffix"><value>.jsp</value></property>
</bean>
</beans>

0
samples/contacts/src/main/webapp/ldap/error.html → samples/contacts/src/main/webapp/error.html
View File

12
samples/contacts/src/main/webapp/filter/exitUser.jsp → samples/contacts/src/main/webapp/exitUser.jsp
View File

@ -25,16 +25,16 @@
<table> <table>
<tr><td>Current User:</td><td> <tr><td>Current User:</td><td>
<% <%
Authentication auth = SecurityContextHolder.getContext().getAuthentication(); Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null) { %> if (auth != null) { %>
<%= auth.getPrincipal().toString() %> <%= auth.getPrincipal().toString() %>
<% } %> <% } %>
</td></tr> </td></tr>
<tr><td colspan='2'><input name="exit" type="submit" value="Exit"></td></tr> <tr><td colspan='2'><input name="exit" type="submit" value="Exit"></td></tr>
</table> </table>

107
samples/contacts/src/main/webapp/filter/WEB-INF/web.xml
View File

@ -1,107 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
<!--
- Contacts web application
-
- web.xml for "filter" artifact only.
-
- $Id$
-->
<web-app>
<display-name>Contacts Sample Application</display-name>
<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-acegi-security.xml
classpath:applicationContext-common-business.xml
classpath:applicationContext-common-authorization.xml
</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the root application context of this web app at startup.
- The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!--
The HttpSessionEventPublisher will publish
HttpSessionCreatedEvent and HttpSessionDestroyedEvent
to the WebApplicationContext
-->
<listener>
<listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
</listener>
<!--
- Provides core MVC application controller. See contacts-servlet.xml.
-->
<servlet>
<servlet-name>contacts</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!--
- Provides web services endpoint. See remoting-servlet.xml.
-->
<servlet>
<servlet-name>remoting</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>
</web-app>

0
samples/contacts/src/main/webapp/common/index.jsp → samples/contacts/src/main/webapp/index.jsp
View File

46
samples/contacts/src/main/webapp/ldap/acegilogin.jsp
View File

@ -1,46 +0,0 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="org.acegisecurity.AuthenticationException" %>
<html>
<head>
<title>Login</title>
</head>
<body>
<h1>Login</h1>
<P>Valid users:
<P>
<P>username <b>marissa</b>, password <b>koala</b>
<P>username <b>dianne</b>, password <b>emu</b>
<p>username <b>scott</b>, password <b>wombat</b>
<p>username <b>peter</b>, password <b>opal</b> (user disabled)
<p>username <b>bill</b>, password <b>wombat</b>
<p>username <b>bob</b>, password <b>wombat</b>
<p>username <b>jane</b>, password <b>wombat</b>
<p>
<%-- this form-login-page form is also used as the
form-error-page to ask for a login again.
--%>
<c:if test="${not empty param.login_error}">
<font color="red">
Your login attempt was not successful, try again.<BR><BR>
Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
</font>
</c:if>
<form action="<c:url value='j_acegi_security_check'/>" method="POST">
<table>
<tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<c:out value="${ACEGI_SECURITY_LAST_USERNAME}"/></c:if>></td></tr>
<tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
<tr><td colspan='2'><input name="submit" type="submit"></td></tr>
<tr><td colspan='2'><input name="reset" type="reset"></td></tr>
</table>
</form>
</body>
</html>

6
samples/contacts/src/main/webapp/common/secure/debug.jsp → samples/contacts/src/main/webapp/secure/debug.jsp
View File

@ -3,12 +3,12 @@
<%@ page import="org.acegisecurity.GrantedAuthority" %> <%@ page import="org.acegisecurity.GrantedAuthority" %>
<%@ page import="org.acegisecurity.adapters.AuthByAdapter" %> <%@ page import="org.acegisecurity.adapters.AuthByAdapter" %>
<% <%
Authentication auth = SecurityContextHolder.getContext().getAuthentication(); Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null) { %> if (auth != null) { %>
Authentication object is of type: <%= auth.getClass().getName() %><BR><BR> Authentication object is of type: <%= auth.getClass().getName() %><BR><BR>
Authentication object as a String: <%= auth.toString() %><BR><BR> Authentication object as a String: <%= auth.toString() %><BR><BR>
Authentication object holds the following granted authorities:<BR><BR> Authentication object holds the following granted authorities:<BR><BR>
<% GrantedAuthority[] granted = auth.getAuthorities(); <% GrantedAuthority[] granted = auth.getAuthorities();
for (int i = 0; i < granted.length; i++) { %> for (int i = 0; i < granted.length; i++) { %>
@ -20,7 +20,7 @@
<% } else { %> <% } else { %>
<BR><B>SUCCESS! Your web filters appear to be properly configured!</B><BR> <BR><B>SUCCESS! Your web filters appear to be properly configured!</B><BR>
<% } <% }
} else { %> } else { %>
Authentication object is null.<BR> Authentication object is null.<BR>
This is an error and your Acegi Security application will not operate properly until corrected.<BR><BR> This is an error and your Acegi Security application will not operate properly until corrected.<BR><BR>

5
samples/contacts/src/main/webapp/filter/switchUser.jsp → samples/contacts/src/main/webapp/switchUser.jsp
View File

@ -1,6 +1,5 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %> <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %> <%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="org.acegisecurity.AuthenticationException" %> <%@ page import="org.acegisecurity.AuthenticationException" %>
<html> <html>
@ -20,8 +19,8 @@
<p>username <b>bob</b>, password <b>wombat</b> <p>username <b>bob</b>, password <b>wombat</b>
<p>username <b>jane</b>, password <b>wombat</b> <p>username <b>jane</b>, password <b>wombat</b>
<p> <p>
<%-- this form-login-page form is also used as the <%-- this form-login-page form is also used as the
form-error-page to ask for a login again. form-error-page to ask for a login again.
--%> --%>
<c:if test="${not empty param.login_error}"> <c:if test="${not empty param.login_error}">

99
samples/contacts/src/main/webapp/x509/WEB-INF/web.xml
View File

@ -1,99 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
<!--
- Contacts web application
-
- web.xml for "x509" artifact only.
-
- $Id$
-->
<web-app>
<display-name>Contacts Sample Application</display-name>
<!--
- Location of the XML file that defines the root application context
- Applied by ContextLoaderListener.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-acegi-security.xml
classpath:applicationContext-common-business.xml
classpath:applicationContext-common-authorization.xml
</param-value>
</context-param>
<!--
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
-->
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Loads the root application context of this web app at startup.
- The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!--
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
-->
<!--
- Provides core MVC application controller. See contacts-servlet.xml.
-->
<servlet>
<servlet-name>contacts</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!--
- Provides web services endpoint. See remoting-servlet.xml.
-->
<servlet>
<servlet-name>remoting</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>contacts</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>/remoting/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>
</web-app>