From ee4789ef866bebffa30e6ae6ec6a49ebbe14a537 Mon Sep 17 00:00:00 2001
From: maxcooper <maxcooper>
Date: Mon, 14 Jul 2003 11:44:31 +0000
Subject: [PATCH] new version of DTD to support BASIC auth method

---
 conf/share/securityfilter-config_1_1.dtd           | 85 ++++++++++++++++++++++
 .../org/securityfilter/config/SecurityConfig.java  | 37 +++++++---
 web/basic/WEB-INF/securityfilter-config.xml        | 37 ++++++++++
 web/blank/WEB-INF/securityfilter-config.xml        |  4 +-
 .../WEB-INF/securityfilter-config.xml              |  4 +-
 web/example/WEB-INF/securityfilter-config.xml      |  4 +-
 6 files changed, 154 insertions(+), 17 deletions(-)
 create mode 100644 conf/share/securityfilter-config_1_1.dtd
 create mode 100644 web/basic/WEB-INF/securityfilter-config.xml

diff --git a/conf/share/securityfilter-config_1_1.dtd b/conf/share/securityfilter-config_1_1.dtd
new file mode 100644
index 0000000..7e680a8
--- /dev/null
+++ b/conf/share/securityfilter-config_1_1.dtd
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+/* ====================================================================
+ * The SecurityFilter Software License, Version 1.1
+ *
+ * (this license is derived and fully compatible with the Apache Software
+ * License - see http://www.apache.org/LICENSE.txt)
+ *
+ * Copyright (c) 2002 SecurityFilter.org. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. The end-user documentation included with the redistribution,
+ *    if any, must include the following acknowledgment:
+ *       "This product includes software developed by
+ *        SecurityFilter.org (http://www.securityfilter.org/)."
+ *    Alternately, this acknowledgment may appear in the software itself,
+ *    if and wherever such third-party acknowledgments normally appear.
+ *
+ * 4. The name "SecurityFilter" must not be used to endorse or promote
+ *    products derived from this software without prior written permission.
+ *    For written permission, please contact license@securityfilter.org .
+ *
+ * 5. Products derived from this software may not be called "SecurityFilter",
+ *    nor may "SecurityFilter" appear in their name, without prior written
+ *    permission of SecurityFilter.org.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE SECURITY FILTER PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+ * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * ====================================================================
+ */
+-->
+
+<!-- DTD for SecurityFilter 1.1 -->
+
+<!ELEMENT description (#PCDATA)>
+<!ELEMENT role-name (#PCDATA)>
+<!--Root element for securityfilter config-->
+<!ELEMENT securityfilter-config (security-constraint*, login-config, security-role*, realm+)>
+<!ELEMENT security-constraint (display-name?, web-resource-collection+, auth-constraint?, user-data-constraint?)>
+<!ELEMENT login-config (auth-method?, form-login-config?)>
+<!ELEMENT security-role (description, role-name)>
+<!ELEMENT realm (realm-param*)>
+<!ATTLIST realm
+	className CDATA #REQUIRED
+>
+<!ELEMENT display-name (#PCDATA)>
+<!ELEMENT web-resource-collection (web-resource-name, description?, url-pattern*, http-method*)>
+<!ELEMENT auth-constraint (description?, role-name*)>
+<!ELEMENT user-data-constraint (description, transport-guarantee)>
+<!ELEMENT auth-method (#PCDATA)>
+<!ELEMENT form-login-config (form-login-page, form-error-page, form-default-page?)>
+<!ELEMENT realm-param EMPTY>
+<!ATTLIST realm-param
+	name CDATA #REQUIRED
+	value CDATA #REQUIRED
+>
+<!ELEMENT web-resource-name (#PCDATA)>
+<!ELEMENT url-pattern (#PCDATA)>
+<!ELEMENT http-method (#PCDATA)>
+<!ELEMENT transport-guarantee (#PCDATA)>
+<!ELEMENT form-login-page (#PCDATA)>
+<!ELEMENT form-error-page (#PCDATA)>
+<!ELEMENT form-default-page (#PCDATA)>
diff --git a/src/share/org/securityfilter/config/SecurityConfig.java b/src/share/org/securityfilter/config/SecurityConfig.java
index 72aa6de..9720ad3 100644
--- a/src/share/org/securityfilter/config/SecurityConfig.java
+++ b/src/share/org/securityfilter/config/SecurityConfig.java
@@ -1,7 +1,7 @@
 /*
- * $Header: /cvsroot/securityfilter/securityfilter/src/share/org/securityfilter/config/SecurityConfig.java,v 1.8 2003/01/18 07:19:54 dayash Exp $
- * $Revision: 1.8 $
- * $Date: 2003/01/18 07:19:54 $
+ * $Header: /cvsroot/securityfilter/securityfilter/src/share/org/securityfilter/config/SecurityConfig.java,v 1.9 2003/07/14 11:44:31 maxcooper Exp $
+ * $Revision: 1.9 $
+ * $Date: 2003/07/14 11:44:31 $
  *
  * ====================================================================
  * The SecurityFilter Software License, Version 1.1
@@ -73,7 +73,7 @@ import java.util.List;
  * @author Torgeir Veimo (torgeir@pobox.com)
  * @author Max Cooper (max@maxcooper.com)
  * @author Daya Sharma (iamdaya@yahoo.com, billydaya@sbcglobal.net)
- * @version $Revision: 1.8 $ $Date: 2003/01/18 07:19:54 $
+ * @version $Revision: 1.9 $ $Date: 2003/07/14 11:44:31 $
  */
 public class SecurityConfig {
 
@@ -220,22 +220,18 @@ public class SecurityConfig {
 
       Digester digester = new Digester();
 
+      registerLocalDTDs(digester);
+      
       digester.push(this);
       digester.setValidating(validating);
 
-      // register the local version of the DTD
-      digester.register(
-         "-//SecurityFilter.org//DTD Security Filter Configuration 1.0//EN",
-         this.getClass().getResource("/org/securityfilter/resources/securityfilter-config_1_0.dtd").toString()
-      );
-
       // realms
       digester.addObjectCreate("securityfilter-config/realm", null, "className");
       digester.addSetProperty("securityfilter-config/realm/realm-param", "name", "value");
       digester.addSetNext("securityfilter-config/realm", "addRealm", "java.lang.Object");
 
       // login and error pages
-	  digester.addCallMethod("securityfilter-config/login-config/auth-method", "setAuthMethod", 0);
+	   digester.addCallMethod("securityfilter-config/login-config/auth-method", "setAuthMethod", 0);
       digester.addCallMethod("securityfilter-config/login-config/form-login-config/form-login-page", "setLoginPage", 0);
       digester.addCallMethod("securityfilter-config/login-config/form-login-config/form-error-page", "setErrorPage", 0);
       digester.addCallMethod("securityfilter-config/login-config/form-login-config/form-default-page", "setDefaultPage", 0);
@@ -291,6 +287,25 @@ public class SecurityConfig {
       InputSource input = new InputSource(configURL.openStream());
       digester.parse(input);
    }
+
+   /**
+    * Register local copies of the SecurityFilter DTD files.
+    *
+    * @param digester
+    */
+   protected void registerLocalDTDs(Digester digester) {
+      // register the local version of the 1.0 DTD
+      digester.register(
+         "-//SecurityFilter.org//DTD Security Filter Configuration 1.0//EN",
+         this.getClass().getResource("/org/securityfilter/resources/securityfilter-config_1_0.dtd").toString()
+      );
+
+      // register the local version of the 1.1 DTD
+      digester.register(
+         "-//SecurityFilter.org//DTD Security Filter Configuration 1.1//EN",
+         this.getClass().getResource("/org/securityfilter/resources/securityfilter-config_1_1.dtd").toString()
+      );
+   }
 }
 
 // ------------------------------------------------------------------------
diff --git a/web/basic/WEB-INF/securityfilter-config.xml b/web/basic/WEB-INF/securityfilter-config.xml
new file mode 100644
index 0000000..7451583
--- /dev/null
+++ b/web/basic/WEB-INF/securityfilter-config.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+
+<!DOCTYPE securityfilter-config PUBLIC
+    "-//SecurityFilter.org//DTD Security Filter Configuration 1.1//EN"
+    "http://www.securityfilter.org/dtd/securityfilter-config_1_1.dtd">
+
+<securityfilter-config>
+
+   <security-constraint>
+      <web-resource-collection>
+         <web-resource-name>Secure Page</web-resource-name>
+         <url-pattern>/securePage.jsp</url-pattern>
+      </web-resource-collection>
+      <auth-constraint>
+         <role-name>inthisrole</role-name>
+      </auth-constraint>
+   </security-constraint>
+
+   <security-constraint>
+      <web-resource-collection>
+         <web-resource-name>Secure page that the example user is not authorized to view</web-resource-name>
+         <url-pattern>/forbiddenPage.jsp</url-pattern>
+      </web-resource-collection>
+      <auth-constraint>
+         <role-name>notinthisrole</role-name>
+      </auth-constraint>
+   </security-constraint>
+
+   <login-config>
+      <auth-method>BASIC</auth-method>
+   </login-config>
+
+   <realm className="org.securityfilter.example.realm.TrivialSecurityRealm">
+      <realm-param name="exampleProperty" value="it works!" />
+   </realm>
+
+</securityfilter-config>
\ No newline at end of file
diff --git a/web/blank/WEB-INF/securityfilter-config.xml b/web/blank/WEB-INF/securityfilter-config.xml
index 62705cd..a29ccaa 100644
--- a/web/blank/WEB-INF/securityfilter-config.xml
+++ b/web/blank/WEB-INF/securityfilter-config.xml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
 
 <!DOCTYPE securityfilter-config PUBLIC
-    "-//SecurityFilter.org//DTD Security Filter Configuration 1.0//EN"
-    "http://www.securityfilter.org/dtd/securityfilter-config_1_0.dtd">
+    "-//SecurityFilter.org//DTD Security Filter Configuration 1.1//EN"
+    "http://www.securityfilter.org/dtd/securityfilter-config_1_1.dtd">
 
 <securityfilter-config>
 
diff --git a/web/catalina-example/WEB-INF/securityfilter-config.xml b/web/catalina-example/WEB-INF/securityfilter-config.xml
index 3548b41..4e1f046 100644
--- a/web/catalina-example/WEB-INF/securityfilter-config.xml
+++ b/web/catalina-example/WEB-INF/securityfilter-config.xml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
 
 <!DOCTYPE securityfilter-config PUBLIC
-    "-//SecurityFilter.org//DTD Security Filter Configuration 1.0//EN"
-    "http://www.securityfilter.org/dtd/securityfilter-config_1_0.dtd">
+    "-//SecurityFilter.org//DTD Security Filter Configuration 1.1//EN"
+    "http://www.securityfilter.org/dtd/securityfilter-config_1_1.dtd">
 
 <securityfilter-config>
 
diff --git a/web/example/WEB-INF/securityfilter-config.xml b/web/example/WEB-INF/securityfilter-config.xml
index 26a5219..cab9543 100644
--- a/web/example/WEB-INF/securityfilter-config.xml
+++ b/web/example/WEB-INF/securityfilter-config.xml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
 
 <!DOCTYPE securityfilter-config PUBLIC
-    "-//SecurityFilter.org//DTD Security Filter Configuration 1.0//EN"
-    "http://www.securityfilter.org/dtd/securityfilter-config_1_0.dtd">
+    "-//SecurityFilter.org//DTD Security Filter Configuration 1.1//EN"
+    "http://www.securityfilter.org/dtd/securityfilter-config_1_1.dtd">
 
 <securityfilter-config>
 
-- 
2.11.0