[jboss-cvs] jboss-seam/examples/dvdstore/resources/WEB-INF ...

Norman Richards norman.richards at jboss.com
Thu Mar 22 15:39:31 EDT 2007 

  User: nrichards
  Date: 07/03/22 15:39:30

  Modified:    examples/dvdstore/resources/WEB-INF    components.xml
                        pages.xml web.xml
  Log:
  fix security issues, clean up navigation and security, introduce framework
  
  Revision  Changes    Path
  1.8       +6 -2      jboss-seam/examples/dvdstore/resources/WEB-INF/components.xml
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: components.xml
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/examples/dvdstore/resources/WEB-INF/components.xml,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -b -r1.7 -r1.8
  --- components.xml	17 Mar 2007 00:35:32 -0000	1.7
  +++ components.xml	22 Mar 2007 19:39:30 -0000	1.8
  @@ -40,7 +40,6 @@
            -->
       </framework:entity-query>    
       
  -    
       <factory name="topProducts" value="#{topQuery.resultList}" />
       <framework:entity-query name="topQuery"
                               ejbql="select p from Product p"
  @@ -51,4 +50,9 @@
                                         auto-create="true"
                                         persistence-unit-jndi-name="java:/dvdEntityManagerFactory" />
                                         
  +    <factory name="workingOrder" value="#{orderHome.instance}"/>
  +    <framework:entity-home name="orderHome" entity-class="com.jboss.dvd.seam.Order">
  +        <framework:id>#{orderId}</framework:id>
  +    </framework:entity-home>
  +                                      
   </components>
  
  
  
  1.12      +25 -26    jboss-seam/examples/dvdstore/resources/WEB-INF/pages.xml
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: pages.xml
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/examples/dvdstore/resources/WEB-INF/pages.xml,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -b -r1.11 -r1.12
  --- pages.xml	27 Feb 2007 07:16:45 -0000	1.11
  +++ pages.xml	22 Mar 2007 19:39:30 -0000	1.12
  @@ -1,9 +1,9 @@
  -<!DOCTYPE pages PUBLIC
  -  "-//JBoss/Seam Pages Configuration DTD 1.2//EN"
  +<!DOCTYPE pages PUBLIC "-//JBoss/Seam Pages Configuration DTD 1.2//EN"
     "http://jboss.com/products/seam/pages-1.2.dtd">
   
   <pages>
  -    <page view-id="/dvd.xhtml" action="#{search.selectFromRequest}" /> 
  +    <page view-id="/dvd.xhtml" 
  +          action="#{search.selectFromRequest}" /> 
   
       <page view-id="/admin/ship.xhtml"
               no-conversation-view-id="/admin/admin.xhtml"/>
  @@ -12,7 +12,6 @@
               no-conversation-view-id="/admin/admin.xhtml"/>
   
       <page view-id="/admin/admin.xhtml">
  -    
           <navigation>
               <rule if-outcome="ship">
                   <redirect view-id="/admin/ship.xhtml"/>
  @@ -21,15 +20,6 @@
                   <redirect view-id="/admin/accept.xhtml"/>
               </rule>
           </navigation>
  -        
  -    </page>
  -    
  -    <page view-id="/home.xhtml">
  -        <navigation>
  -            <rule if-outcome="newcustomer">
  -                <redirect view-id="/newuser/account.xhtml"/>
  -            </rule>
  -        </navigation>
       </page>
       
       <!-- this action ensures that only admin users can access anything under /admin" -->
  @@ -38,7 +28,6 @@
       </page>
       
       <page view-id="*">
  -    
           <navigation from-action="#{identity.logout}">
               <redirect view-id="/home.xhtml"/>
           </navigation>
  @@ -50,7 +39,6 @@
           </navigation>
   
           <navigation>
  -        
               <rule if-outcome="home">
                   <redirect view-id="/home.xhtml"/>
               </rule>
  @@ -70,9 +58,20 @@
               <rule if-outcome="admin">
                   <redirect view-id="/admin/admin.xhtml"/>
               </rule>
  -            
           </navigation>
  -
       </page>
       
  +
  +    <exception class="org.jboss.seam.security.NotLoggedInException"> 
  +        <redirect view-id="/home.xhtml"> 
  +            <message>You must be logged in to access administrative pages.</message> 
  +        </redirect> 
  +    </exception> 
  +
  +    <exception class="org.jboss.seam.security.AuthorizationException"> 
  +        <redirect view-id="/home.xhtml"> 
  +            <message>You are not authorized to access administrative pages.</message> 
  +        </redirect> 
  +    </exception> 
  +
   </pages>
  
  
  
  1.21      +16 -12    jboss-seam/examples/dvdstore/resources/WEB-INF/web.xml
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: web.xml
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/examples/dvdstore/resources/WEB-INF/web.xml,v
  retrieving revision 1.20
  retrieving revision 1.21
  diff -u -b -r1.20 -r1.21
  --- web.xml	16 Mar 2007 05:45:01 -0000	1.20
  +++ web.xml	22 Mar 2007 19:39:30 -0000	1.21
  @@ -4,7 +4,6 @@
       xmlns="http://java.sun.com/xml/ns/javaee"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
  -
       <context-param>
           <param-name>javax.faces.CONFIG_FILES</param-name>
           <param-value>/WEB-INF/navigation.xml</param-value>
  @@ -68,4 +67,9 @@
       <session-config>
           <session-timeout>10</session-timeout> 
       </session-config>     
  +
  +    <error-page>
  +        <error-code>404</error-code>
  +        <location>/home.seam</location>
  +    </error-page> 
   </web-app>

More information about the jboss-cvs-commits mailing list