[jboss-cvs] jboss-seam/examples/security/resources/WEB-INF ...
Shane Bryzak
Shane_Bryzak at symantec.com
Tue Jul 25 02:56:15 EDT 2006
User: sbryzak2
Date: 06/07/25 02:56:15
Added: examples/security/resources/WEB-INF components.xml
faces-config.xml seam-security.xml web.xml
Log:
Added simple test app to debug security framework.. this will probably be expanded into numerous examples, one for each of the popular authentication methods
Revision Changes Path
1.1 date: 2006/07/25 06:56:15; author: sbryzak2; state: Exp;jboss-seam/examples/security/resources/WEB-INF/components.xml
Index: components.xml
===================================================================
<components>
<component name="org.jboss.seam.core.init">
<property name="myFacesLifecycleBug">@myFacesLifecycleBug@</property>
<property name="jndiPattern">@jndiPattern@</property>
</component>
<component name="org.jboss.seam.core.manager">
<property name="conversationTimeout">120000</property>
</component>
</components>
1.1 date: 2006/07/25 06:56:15; author: sbryzak2; state: Exp;jboss-seam/examples/security/resources/WEB-INF/faces-config.xml
Index: faces-config.xml
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE faces-config
PUBLIC "-//Sun Microsystems, Inc.//DTD JavaServer Faces Config 1.0//EN"
"http://java.sun.com/dtd/web-facesconfig_1_0.dtd">
<faces-config>
<application>
<view-handler>com.sun.facelets.FaceletViewHandler</view-handler>
</application>
<!-- Phase listener needed for all Seam applications -->
<lifecycle>
<phase-listener>org.jboss.seam.jsf.SeamPhaseListener</phase-listener>
</lifecycle>
</faces-config>
1.1 date: 2006/07/25 06:56:15; author: sbryzak2; state: Exp;jboss-seam/examples/security/resources/WEB-INF/seam-security.xml
Index: seam-security.xml
===================================================================
<seamsecurity-config>
<security-constraint>
<!-- one or more web-resource-collection elements -->
<web-resource-collection>
<web-resource-name>Secure Area</web-resource-name>
<!-- one or more url-pattern elements -->
<url-pattern>/*</url-pattern>
<!-- zero or more http-method elements -->
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<!-- one auth-constraint, containing one or more roles -->
<auth-constraint>
<role-name>admin</role-name>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<!-- one login-config element specifying the authentication method for
this application -->
<login-config>
<!--auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/autherr.html</form-error-page>
<form-default-page>/index.html</form-default-page>
</form-login-config-->
<auth-method>SEAM</auth-method>
<seam-login-config>
<seam-login-page>/home.seam</seam-login-page>
</seam-login-config>
</login-config>
<security-role>
<description>Only grant access to the 'user' and 'admin' roles</description>
<role-name>user</role-name>
<role-name>admin</role-name>
</security-role>
<!-- do i need to really specify the realm here? perhaps only
provide SeamRealm and make it extensible/pluggable into
various target authentication mechanisms, e.g. TOMCAT, JAAS, custom, etc -->
<realm className="org.jboss.seam.security.realm.JaasRealm">
<!--param name="target">TOMCAT</param-->
<!--param name="target">JAAS</param-->
</realm>
</seamsecurity-config>
1.1 date: 2006/07/25 06:56:15; author: sbryzak2; state: Exp;jboss-seam/examples/security/resources/WEB-INF/web.xml
Index: web.xml
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<!-- Seam -->
<listener>
<listener-class>org.jboss.seam.servlet.SeamListener</listener-class>
</listener>
<!-- Propagate conversations across redirects -->
<!--filter>
<filter-name>Seam Redirect Filter</filter-name>
<filter-class>org.jboss.seam.servlet.SeamRedirectFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>Seam Redirect Filter</filter-name>
<url-pattern>*.seam</url-pattern>
</filter-mapping-->
<!-- MyFaces -->
<listener>
<listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
</listener>
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>facelets.DEVELOPMENT</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>javax.faces.DEFAULT_SUFFIX</param-name>
<param-value>.xhtml</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Faces Servlet Mapping -->
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.seam</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>Seam Remoting</servlet-name>
<servlet-class>org.jboss.seam.remoting.SeamRemotingServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Seam Remoting</servlet-name>
<url-pattern>/seam/remoting/*</url-pattern>
</servlet-mapping>
<!--security-constraint>
<web-resource-collection>
<web-resource-name>Entire application</web-resource-name>
<url-pattern>/protected/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>SEAM</auth-method>
<realm-name>Seam Realm</realm-name>
</login-config>
<security-role>
<description>Manager role</description>
<role-name>manager</role-name>
</security-role-->
<!-- Security filter -->
<filter>
<filter-name>Seam Security Filter</filter-name>
<filter-class>org.jboss.seam.security.SeamSecurityFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>Seam Security Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
More information about the jboss-cvs-commits
mailing list