[jboss-cvs] jboss-seam/examples/security/resources/WEB-INF ...

Shane Bryzak Shane_Bryzak at symantec.com
Tue Jul 25 02:56:15 EDT 2006 

  User: sbryzak2
  Date: 06/07/25 02:56:15

  Added:       examples/security/resources/WEB-INF     components.xml
                        faces-config.xml seam-security.xml web.xml
  Log:
  Added simple test app to debug security framework.. this will probably be expanded into numerous examples, one for each of the popular authentication methods
  
  Revision  Changes    Path
  1.1      date: 2006/07/25 06:56:15;  author: sbryzak2;  state: Exp;jboss-seam/examples/security/resources/WEB-INF/components.xml
  
  Index: components.xml
  ===================================================================
  <components>
  
      <component name="org.jboss.seam.core.init">
          <property name="myFacesLifecycleBug">@myFacesLifecycleBug@</property>
          <property name="jndiPattern">@jndiPattern@</property>
      </component>
   
      <component name="org.jboss.seam.core.manager">
          <property name="conversationTimeout">120000</property>
      </component>
  
  </components>
  
  
  1.1      date: 2006/07/25 06:56:15;  author: sbryzak2;  state: Exp;jboss-seam/examples/security/resources/WEB-INF/faces-config.xml
  
  Index: faces-config.xml
  ===================================================================
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE faces-config 
  PUBLIC "-//Sun Microsystems, Inc.//DTD JavaServer Faces Config 1.0//EN"
                              "http://java.sun.com/dtd/web-facesconfig_1_0.dtd">
  <faces-config>
  
      <application>
          <view-handler>com.sun.facelets.FaceletViewHandler</view-handler>
      </application>
  
      <!-- Phase listener needed for all Seam applications -->
  
      <lifecycle>
          <phase-listener>org.jboss.seam.jsf.SeamPhaseListener</phase-listener>
      </lifecycle>
  
  </faces-config>
  
  
  
  1.1      date: 2006/07/25 06:56:15;  author: sbryzak2;  state: Exp;jboss-seam/examples/security/resources/WEB-INF/seam-security.xml
  
  Index: seam-security.xml
  ===================================================================
  <seamsecurity-config>
  
    <security-constraint>
      <!-- one or more web-resource-collection elements -->
      <web-resource-collection>
        <web-resource-name>Secure Area</web-resource-name>
        
        <!-- one or more url-pattern elements -->
        <url-pattern>/*</url-pattern>
        
        <!-- zero or more http-method elements -->
        <http-method>GET</http-method>
        <http-method>POST</http-method>
        <http-method>PUT</http-method>
        <http-method>DELETE</http-method>
      </web-resource-collection>
      
      <!-- one auth-constraint, containing one or more roles -->
      <auth-constraint>
        <role-name>admin</role-name>
        <role-name>user</role-name>
      </auth-constraint>
    </security-constraint>
    
    <!-- one login-config element specifying the authentication method for
         this application -->
    <login-config>
      <!--auth-method>FORM</auth-method>
      <form-login-config>
        <form-login-page>/login.html</form-login-page>
        <form-error-page>/autherr.html</form-error-page>
        <form-default-page>/index.html</form-default-page>
      </form-login-config-->
      
      <auth-method>SEAM</auth-method>
      <seam-login-config>
        <seam-login-page>/home.seam</seam-login-page>
      </seam-login-config>
    </login-config>
    
    <security-role>
      <description>Only grant access to the 'user' and 'admin' roles</description>
      <role-name>user</role-name>
      <role-name>admin</role-name>
    </security-role>
    
    <!-- do i need to really specify the realm here?  perhaps only
         provide SeamRealm and make it extensible/pluggable into
         various target authentication mechanisms, e.g. TOMCAT, JAAS, custom, etc -->
    
    <realm className="org.jboss.seam.security.realm.JaasRealm">
      <!--param name="target">TOMCAT</param-->
      <!--param name="target">JAAS</param-->
    </realm>
  
  </seamsecurity-config>
  
  
  1.1      date: 2006/07/25 06:56:15;  author: sbryzak2;  state: Exp;jboss-seam/examples/security/resources/WEB-INF/web.xml
  
  Index: web.xml
  ===================================================================
  <?xml version="1.0" encoding="UTF-8"?>
  
  <web-app version="2.4" 
      xmlns="http://java.sun.com/xml/ns/j2ee"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
  
      <!-- Seam -->
     
      <listener>
          <listener-class>org.jboss.seam.servlet.SeamListener</listener-class>
      </listener>
  
      
      <!-- Propagate conversations across redirects -->
  
      <!--filter>
          <filter-name>Seam Redirect Filter</filter-name>
          <filter-class>org.jboss.seam.servlet.SeamRedirectFilter</filter-class>
      </filter>
  
      <filter-mapping>
          <filter-name>Seam Redirect Filter</filter-name>
          <url-pattern>*.seam</url-pattern>
      </filter-mapping-->
  
      <!-- MyFaces -->
  
      <listener>
          <listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
      </listener>
  
      <context-param>
          <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
          <param-value>client</param-value>
      </context-param>
  
      <context-param>
          <param-name>facelets.DEVELOPMENT</param-name>
          <param-value>true</param-value>
      </context-param>
  
      <context-param>
          <param-name>javax.faces.DEFAULT_SUFFIX</param-name>
          <param-value>.xhtml</param-value>
      </context-param>
  
      <servlet>
          <servlet-name>Faces Servlet</servlet-name>
          <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
          <load-on-startup>1</load-on-startup>
      </servlet>
  
  
      <!-- Faces Servlet Mapping -->
  
      <servlet-mapping>
          <servlet-name>Faces Servlet</servlet-name>
          <url-pattern>*.seam</url-pattern>
      </servlet-mapping>
      
    <servlet>
      <servlet-name>Seam Remoting</servlet-name>
      <servlet-class>org.jboss.seam.remoting.SeamRemotingServlet</servlet-class>
    </servlet>
  
    <servlet-mapping>
      <servlet-name>Seam Remoting</servlet-name>
      <url-pattern>/seam/remoting/*</url-pattern>
    </servlet-mapping>    
    
    <!--security-constraint>
      <web-resource-collection>
        <web-resource-name>Entire application</web-resource-name>
        <url-pattern>/protected/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
        <role-name>manager</role-name>
      </auth-constraint>
    </security-constraint>
    
    <login-config>
      <auth-method>SEAM</auth-method>
      <realm-name>Seam Realm</realm-name>
    </login-config>
    
    <security-role>
      <description>Manager role</description>
      <role-name>manager</role-name>
    </security-role-->
  
    <!-- Security filter -->
    
      <filter>
          <filter-name>Seam Security Filter</filter-name>
          <filter-class>org.jboss.seam.security.SeamSecurityFilter</filter-class>
      </filter>
  
      <filter-mapping>
        <filter-name>Seam Security Filter</filter-name>
        <url-pattern>/*</url-pattern>
      </filter-mapping>  
  
  </web-app>

More information about the jboss-cvs-commits mailing list