projects / securityfilter.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ae83aca)
added FlexibleRealmInterface
authormaxcooper <maxcooper>
Tue, 22 Feb 2005 12:26:11 +0000 (12:26 +0000)
committermaxcooper <maxcooper>
Tue, 22 Feb 2005 12:26:11 +0000 (12:26 +0000)
web/flexible-example/WEB-INF/securityfilter-config.xml [new file with mode: 0644] patch | blob
web/flexible-example/loginForm.jsp [new file with mode: 0644] patch | blob
web/flexible-example/menu.jsp [new file with mode: 0644] patch | blob

diff --git a/web/flexible-example/WEB-INF/securityfilter-config.xml b/web/flexible-example/WEB-INF/securityfilter-config.xml
new file mode 100644 (file)
index 0000000..2211883
--- /dev/null
+++ b/web/flexible-example/WEB-INF/securityfilter-config.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>\r
+\r
+<!DOCTYPE securityfilter-config PUBLIC\r
+    "-//SecurityFilter.org//DTD Security Filter Configuration 2.0//EN"\r
+    "http://www.securityfilter.org/dtd/securityfilter-config_2_0.dtd">\r
+\r
+<securityfilter-config>\r
+\r
+   <security-constraint>\r
+      <web-resource-collection>\r
+         <web-resource-name>Secure Page</web-resource-name>\r
+         <url-pattern>/securePage.jsp</url-pattern>\r
+      </web-resource-collection>\r
+      <auth-constraint>\r
+         <role-name>inthisrole</role-name>\r
+      </auth-constraint>\r
+   </security-constraint>\r
+\r
+   <security-constraint>\r
+      <web-resource-collection>\r
+         <web-resource-name>Secure page that the example user is not authorized to view</web-resource-name>\r
+         <url-pattern>/forbiddenPage.jsp</url-pattern>\r
+      </web-resource-collection>\r
+      <auth-constraint>\r
+         <role-name>notinthisrole</role-name>\r
+      </auth-constraint>\r
+   </security-constraint>\r
+\r
+   <login-config>\r
+      <auth-method>FORM</auth-method>\r
+      <form-login-config>\r
+         <form-login-page>/loginForm.jsp</form-login-page>\r
+         <form-error-page>/loginError.jsp</form-error-page>\r
+         <form-default-page>/index.jsp</form-default-page>\r
+      </form-login-config>\r
+   </login-config>\r
+\r
+   <realm className="org.securityfilter.example.realm.TrivialFlexibleRealm">\r
+      <realm-param name="exampleProperty" value="it works!" />\r
+   </realm>\r
+\r
+</securityfilter-config>
\ No newline at end of file
diff --git a/web/flexible-example/loginForm.jsp b/web/flexible-example/loginForm.jsp
new file mode 100644 (file)
index 0000000..c04f078
--- /dev/null
+++ b/web/flexible-example/loginForm.jsp
@@ -0,0 +1,48 @@
+<%@ page import="org.securityfilter.example.Constants"%>\r
+\r
+<html>\r
+<head>\r
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">\r
+<title><%=Constants.LOGIN_TITLE%></title>\r
+</head>\r
+<body>\r
+\r
+<h1><%=Constants.LOGIN_TITLE%></h1>\r
+\r
+<%@include file="/menu.jsp" %>\r
+\r
+Login with authentication data <i><%=Constants.VALID_USERNAME%>:<%=Constants.VALID_PASSWORD%></i>. Note this is a very simple example - you could be passing anything in the POST (id number from dongle, SAML assertion, et cetera) and validation can occur on anything available in the HTTP request (originating IP address, asserted browser type, et cetera).\r
+\r
+<form id="<%=Constants.LOGIN_FORM_ID%>" action="<%=response.encodeURL(Constants.LOGIN_FORM_ACTION)%>" method="POST">\r
+\r
+Authentication data:\r
+<input type="text"\r
+   name="<%=Constants.LOGIN_AUTHDATA_FIELD%>"\r
+   value="<%=Constants.VALID_USERNAME%>:<%=Constants.VALID_PASSWORD%>"\r
+><p>\r
+\r
+<input type="Submit">\r
+\r
+</form>\r
+\r
+You can also login with normal j_username and j_password parameters - here j_username=<i><%=Constants.VALID_USERNAME%></i> and j_password=<i><%=Constants.VALID_PASSWORD%></i>.\r
+\r
+<form id="<%=Constants.LOGIN_FORM_ID%>" action="<%=response.encodeURL(Constants.LOGIN_FORM_ACTION)%>" method="POST">\r
+\r
+Username:\r
+<input type="text"\r
+   name="<%=Constants.LOGIN_USERNAME_FIELD%>"\r
+   value="<%=Constants.VALID_USERNAME%>"\r
+><p>\r
+\r
+Password:\r
+<input type="password"\r
+   name="<%=Constants.LOGIN_PASSWORD_FIELD%>"\r
+   value="<%=Constants.VALID_PASSWORD%>"\r
+><p>\r
+\r
+<input type="Submit">\r
+\r
+</form>\r
+</body>\r
+</html>
\ No newline at end of file
diff --git a/web/flexible-example/menu.jsp b/web/flexible-example/menu.jsp
new file mode 100644 (file)
index 0000000..546493d
--- /dev/null
+++ b/web/flexible-example/menu.jsp
@@ -0,0 +1,8 @@
+<p>\r
+Navigation Menu: [\r
+<a href="<%=response.encodeURL("index.jsp")%>">Home</a>\r
+| <a href="<%=response.encodeURL("securePage.jsp")%>">Secure Page</a>\r
+| <a href="<%=response.encodeURL("forbiddenPage.jsp")%>">Forbidden Secure Page</a>\r
+| <a href="<%=response.encodeURL("loginForm.jsp")%>">Direct Login</a>\r
+| <a href="<%=response.encodeURL("logout.jsp")%>">Logout</a>\r
+]<p>\r
Unnamed repository; edit this file to name it for gitweb.