directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tbenn...@apache.org
Subject svn commit: r486187 [48/49] - in /directory/trunks/triplesec: ./ admin-api/ admin-api/src/ admin-api/src/main/ admin-api/src/main/java/ admin-api/src/main/java/org/ admin-api/src/main/java/org/safehaus/ admin-api/src/main/java/org/safehaus/triplesec/ a...
Date Tue, 12 Dec 2006 15:24:14 GMT
Added: directory/trunks/triplesec/webapp-servlet-demo/src/test/resources/server.ldif
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-servlet-demo/src/test/resources/server.ldif?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-servlet-demo/src/test/resources/server.ldif (added)
+++ directory/trunks/triplesec/webapp-servlet-demo/src/test/resources/server.ldif Tue Dec 12 07:23:31 2006
@@ -0,0 +1,545 @@
+#
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#  
+#    http://www.apache.org/licenses/LICENSE-2.0
+#  
+#  Unless required by applicable law or agreed to in writing,
+#  software distributed under the License is distributed on an
+#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+#  specific language governing permissions and limitations
+#  under the License. 
+#  
+#
+#
+#   EXAMPLE.COM is freely and reserved for testing according to this RFC:
+#
+#   http://www.rfc-editor.org/rfc/rfc2606.txt
+#
+#
+
+#
+# This ACI allows brouse access to the root suffix and one level below that to anyone.
+# At this level there is nothing critical exposed.  Everything that matters is one or
+# more levels below this.
+#
+
+dn: cn=browseRootAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { maximum 1 }
+prescriptiveACI: { identificationTag "browseRoot", precedence 100, authenticationLevel none, itemOrUserFirst userFirst: { userClasses { allUsers }, userPermissions { { protectedItems {entry}, grantsAndDenials { grantReturnDN, grantBrowse } } } } }
+
+dn: ou=Users, dc=example, dc=com
+objectclass: top
+objectclass: organizationalunit
+ou: Users
+
+#
+# This ACI allows users to modify a limited set of attributes in their own user
+# entry as well as read, compare those attributes.  The user's entry must be 
+# browseable and the DN must be returnable.
+#
+
+dn: cn=allowSelfModificationsAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { base "ou=users", maximum 1 }
+prescriptiveACI: { identificationTag "allowSelfModifications", precedence 14, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { thisEntry }, userPermissions  {  { protectedItems {entry}, grantsAndDenials { grantReturnDN, grantModify, grantBrowse, grantRead, grantDiscloseOnError } }, { protectedItems {allAttributeValues {userPassword, krb5Key, givenName, cn, commonName, surName, sn, objectClass }}, grantsAndDenials { grantModify, grantAdd, grantRemove, grantRead, grantDiscloseOnError, grantCompare } } } } }
+
+#
+# This ACI allows users to access a limited set of attributes in their own user
+# entry as well as compare those attributes.  The user's entry must be browseable 
+# and the DN must be returnable.
+#
+
+dn: cn=allowSelfAccessAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { base "ou=users", maximum 1 }
+prescriptiveACI: { identificationTag "allowSelfAccess", precedence 15, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { thisEntry }, userPermissions  {  { protectedItems {entry}, grantsAndDenials { grantReturnDN, grantBrowse, grantRead, grantDiscloseOnError } }, { protectedItems {allAttributeValues {uid, userPassword, givenName, cn, commonName, surName, sn, objectClass, creatorsName, modifiersName, createTimestamp, modifyTimestamp, krb5AccountDisabled, description, apacheSamType }}, grantsAndDenials { grantRead, grantDiscloseOnError, grantCompare } } } } }
+
+dn: ou=Groups, dc=example, dc=com
+objectclass: top
+objectclass: organizationalunit
+ou: Groups
+
+dn: cn=superUsers, ou=Groups, dc=example, dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: superUsers
+uniqueMember: uid=admin, ou=system
+
+dn: cn=userAdmins, ou=Groups, dc=example, dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: userAdmin
+uniqueMember: uid=admin, ou=system
+
+dn: cn=applicationAdmins, ou=Groups, dc=example, dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: applicationAdmin
+uniqueMember: uid=admin, ou=system
+
+dn: cn=groupAdmins, ou=Groups, dc=example, dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: groupAdmin
+uniqueMember: uid=admin, ou=system
+
+#
+# This ACI allows members of the superUsers group to have full modify and read access
+# to the entire realm as does the system administrator principal: uid=admin, ou=system.
+#
+# The only thing these users cannot do is modify the system partition.  They are only
+# restricted to superUser rights within this realm partition
+#
+ 
+dn: cn=superUsersAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { }
+prescriptiveACI: { identificationTag "superUsersAci", precedence 20, authenticationLevel simple,  itemOrUserFirst userFirst: { userClasses { userGroup { "cn=superUsers,ou=groups,dc=example,dc=com" } }, userPermissions { { protectedItems {entry, allUserAttributeTypesAndValues},  grantsAndDenials { grantRead, grantReturnDN, grantBrowse, grantDiscloseOnError, grantCompare, grantAdd, grantRename, grantRemove, grantModify, grantImport, grantExport } } } } }
+
+#
+# This ACI allows members of the userAdmin group to have full modify and read access
+# to user accounts besides their own.  Hence they can administer users in the system.
+#
+ 
+dn: cn=userAdminsAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { base "ou=users", maximum 1 }
+prescriptiveACI: { identificationTag "userAdminsAci", precedence 16, authenticationLevel simple,  itemOrUserFirst userFirst: { userClasses { userGroup { "cn=userAdmins,ou=groups,dc=example,dc=com" } }, userPermissions { { protectedItems {entry, allUserAttributeTypesAndValues},  grantsAndDenials { grantRead, grantReturnDN, grantBrowse, grantDiscloseOnError, grantCompare, grantAdd, grantRename, grantRemove, grantModify, grantImport, grantExport } } } } }
+
+
+#
+# This ACI allows members of the applicationAdmin group to have full modify and read access
+# to all applications in the realm.  Adding users to this group is like a wild card for 
+# application access.
+#
+ 
+dn: cn=applicationAdminsAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { base "ou=applications" }
+prescriptiveACI: { identificationTag "applicationAdminsAci", precedence 17, authenticationLevel simple,  itemOrUserFirst userFirst: { userClasses { userGroup { "cn=applicationAdmins,ou=groups,dc=example,dc=com" } }, userPermissions { { protectedItems {entry, allUserAttributeTypesAndValues},  grantsAndDenials { grantRead, grantReturnDN, grantBrowse, grantDiscloseOnError, grantCompare, grantAdd, grantRename, grantRemove, grantModify, grantImport, grantExport } } } } }
+
+
+#
+# This ACI allows members of the groupAdmins group to have full modify and read access
+# to all groups in the realm other than the superUsers, userAdmins, groupAdmins, and the 
+# applicationAdmins groups.
+#
+# The rational behind this is to prevent these users from changing their or other
+# users' access rights for the entire system by modifying their membership in these 
+# groups. Making someone a groupAdmin should not open the door to their ability to
+# grant themselves or others system wide administrative abilities.
+#
+# Really the groupAdmins group is intended for users that have the ability to manage 
+# group membership in specific application administration groups and that's all.  
+# These types of admins should not have the right to promote others to system level
+# administrators or complete super users.
+#
+ 
+dn: cn=groupAdminsAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { base "ou=groups", specificExclusions { chopBefore: "cn=userAdmins", chopBefore: "cn=groupAdmins", chopBefore: "cn=applicationAdmins", chopBefore: "cn=superUsers" } }
+prescriptiveACI: { identificationTag "groupAdminsAci", precedence 18, authenticationLevel simple,  itemOrUserFirst userFirst: { userClasses { userGroup { "cn=groupAdmins,ou=groups,dc=example,dc=com" } }, userPermissions { { protectedItems {entry, allUserAttributeTypesAndValues},  grantsAndDenials { grantRead, grantReturnDN, grantBrowse, grantDiscloseOnError, grantCompare, grantAdd, grantRename, grantRemove, grantModify, grantImport, grantExport } } } } }
+
+# ----------------------------------------------------------------------------
+# Required Kerberos Server User
+# ----------------------------------------------------------------------------
+
+dn: uid=krbtgt, ou=Users, dc=example,dc=com
+cn: Kerberos Server
+sn: Server
+givenName: Kerberos
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+ou: Users
+uid: krbtgt
+krb5PrincipalName: krbtgt/EXAMPLE.COM@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: admin@example.com
+userPassword: secret
+
+# ----------------------------------------------------------------------------
+# Sample Hauskeys Users
+# ----------------------------------------------------------------------------
+
+dn: uid=mplanck, ou=Users, dc=example,dc=com
+cn: Max Planck
+sn: Planck
+givenName: Max
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: extensibleObject
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: mplanck
+krb5PrincipalName: mplanck@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: mplanck@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 666
+apacheSamType: 7
+safehausUid: mplanck
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 27304238
+safehausSecret:: aaaabbbbccccdddd
+safehausFailuresInEpoch: 0
+safehausResynchCount: -1
+safehausTokenPin: 1234
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=aeinstein, ou=Users, dc=example,dc=com
+cn: Albert Einstein
+sn: Einstein
+givenName: Albert
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: extensibleObject
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: aeinstein
+krb5PrincipalName: aeinstein@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: aeinstein@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 666
+apacheSamType: 7
+safehausUid: aeinstein
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 8745127341
+safehausSecret:: eeeeffffgggghhhh
+safehausFailuresInEpoch: 0
+safehausResynchCount: -1
+safehausTokenPin: 1234
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=nbohr, ou=Users, dc=example,dc=com
+cn: Neils Bohr
+sn: Bohr
+givenName: Neils
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: extensibleObject
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: nbohr
+krb5PrincipalName: nbohr@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: nbohr@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 666
+apacheSamType: 7
+safehausUid: nbohr
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 8745127341
+safehausSecret:: iiiijjjjkkkkllll
+safehausFailuresInEpoch: 0
+safehausResynchCount: -1
+safehausTokenPin: 1234
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+# ----------------------------------------------------------------------------
+# Sample Local Users (not 2-factor)
+# ----------------------------------------------------------------------------
+
+dn: uid=mborn, ou=Users, dc=example,dc=com
+cn: Max Born
+sn: Born
+givenName: Max
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: mborn
+krb5PrincipalName: mborn@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: mborn@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 667
+safehausUid: mborn
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 917483720127847
+safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^*
+safehausFailuresInEpoch: 0
+safehausTokenPin: 1234
+safehausResynchCount: -1
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=wpauli, ou=Users, dc=example,dc=com
+cn: Wolfgang Pauli
+sn: Pauli
+givenName: Wolfgang
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: wpauli
+krb5PrincipalName: wpauli@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: wpauli@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 667
+safehausUid: wpauli
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 917483720127847
+safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^*
+safehausFailuresInEpoch: 0
+safehausTokenPin: 1234
+safehausResynchCount: -1
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=mcurie, ou=Users, dc=example,dc=com
+cn: Marie Curie
+sn: Curie
+givenName: Marie
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: mcurie
+krb5PrincipalName: mcurie@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: mcurie@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 667
+safehausUid: mcurie
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 917483720127847
+safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^*
+safehausFailuresInEpoch: 0
+safehausTokenPin: 1234
+safehausResynchCount: -1
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+# ----------------------------------------------------------------------------
+# Sample External Users (not 2-factor)
+# ----------------------------------------------------------------------------
+
+dn: uid=pdirac, ou=Users, dc=example,dc=com
+objectClass: top
+objectClass: uidObject
+objectClass: extensibleObject
+objectClass: referral
+uid: pdirac
+ref: ldap://ad.example.com/uid=pdirac, ou=Users, dc=example,dc=com
+
+dn: uid=efermi, ou=Users, dc=example,dc=com
+objectClass: top
+objectClass: uidObject
+objectClass: extensibleObject
+objectClass: referral
+uid: efermi
+ref: ldap://openldap.example.com/uid=efermi, ou=Users, dc=example,dc=com
+
+dn: uid=rfeynman, ou=Users, dc=example,dc=com
+objectClass: top
+objectClass: uidObject
+objectClass: extensibleObject
+objectClass: referral
+uid: rfeynman
+ref: ldap://apacheds.example.com/uid=rfeynman, ou=Users, dc=example,dc=com
+
+# ----------------------------------------------------------------------------
+# Applications
+# ----------------------------------------------------------------------------
+
+dn: ou=Applications,dc=example,dc=com
+objectClass: top
+objectClass: organizationalunit
+ou: applications
+
+dn: appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyApplication
+objectclass: top
+appname: demo
+description: Demo application.
+userpassword:: c2VjcmV0
+
+dn: ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: organizationalUnit
+objectclass: top
+ou: permissions
+
+dn: permname=bend,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: bend
+
+dn: permname=fold,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: fold
+
+dn: permname=mutilate,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: mutilate
+
+dn: permname=spindle,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: spindle
+
+dn: permname=twist,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: twist
+
+dn: ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: organizationalUnit
+objectclass: top
+ou: roles
+
+dn: rolename=superuser,ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyRole
+objectclass: top
+grants: bend
+grants: fold
+grants: mutilate
+grants: spindle
+grants: twist
+rolename: superuser
+
+dn: rolename=untrusted,ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyRole
+objectclass: top
+grants: bend
+rolename: untrusted
+
+dn: rolename=trusted,ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyRole
+objectclass: top
+grants: bend
+grants: fold
+grants: mutilate
+rolename: trusted
+
+dn: ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: organizationalUnit
+objectclass: top
+ou: profiles
+
+dn: profileid=nbohr,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+profileid: nbohr
+roles: trusted
+user: nbohr
+
+dn: profileid=nbohr-superuser,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+denials: fold
+profileid: nbohr-superuser
+roles: superuser
+user: nbohr
+
+dn: profileid=mborn,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: twist
+profileid: mborn
+roles: trusted
+user: mborn
+
+dn: profileid=aeinstein,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: twist
+profileid: aeinstein
+roles: trusted
+user: aeinstein
+
+dn: profileid=mcurie,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: spindle
+profileid: mcurie
+roles: trusted
+user: mcurie
+
+dn: profileid=wpauli,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+profileid: wpauli
+roles: untrusted
+user: wpauli

Added: directory/trunks/triplesec/webapp-servlet-demo/src/test/resources/server.xml
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-servlet-demo/src/test/resources/server.xml?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-servlet-demo/src/test/resources/server.xml (added)
+++ directory/trunks/triplesec/webapp-servlet-demo/src/test/resources/server.xml Tue Dec 12 07:23:31 2006
@@ -0,0 +1,250 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
+  "http://www.springframework.org/dtd/spring-beans.dtd">
+
+<beans>
+  <bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
+    <property name="properties">
+      <props>
+        <prop key="java.naming.security.authentication">simple</prop>
+        <prop key="java.naming.security.principal">uid=admin,ou=system</prop>
+        <prop key="java.naming.security.credentials">secret</prop>
+        <prop key="java.naming.provider.url">dc=example,dc=com</prop>
+        <prop key="java.naming.factory.state">org.safehaus.triplesec.store.ProfileStateFactory</prop>
+        <prop key="java.naming.factory.object">org.safehaus.triplesec.store.ProfileObjectFactory</prop>
+
+        <prop key="kdc.primary.realm">EXAMPLE.COM</prop>
+        <prop key="kdc.principal">krbtgt/EXAMPLE.COM@EXAMPLE.COM</prop>
+        <prop key="kdc.encryption.types">des-cbc-md5 des3-cbc-sha1 des3-cbc-md5 des-cbc-md4 des-cbc-crc</prop>
+        <prop key="kdc.entryBaseDn">ou=users,dc=example,dc=com</prop>
+        <prop key="kdc.java.naming.security.credentials">secret</prop>
+
+        <prop key="changepw.entryBaseDn">ou=users,dc=example,dc=com</prop>
+        <prop key="changepw.java.naming.security.credentials">secret</prop>
+        <prop key="changepw.principal">kadmin/changepw@EXAMPLE.COM</prop>
+
+        <!-- All times are in minutes -->
+        <prop key="kdc.allowable.clockskew">5</prop>
+        <prop key="kdc.tgs.maximum.ticket.lifetime">1440</prop>
+        <prop key="kdc.tgs.maximum.renewable.lifetime">10080</prop>
+        <prop key="kdc.pa.enc.timestamp.required">true</prop>
+        <prop key="kdc.tgs.empty.addresses.allowed">true</prop>
+        <prop key="kdc.tgs.forwardable.allowed">true</prop>
+        <prop key="kdc.tgs.proxiable.allowed">true</prop>
+        <prop key="kdc.tgs.postdate.allowed">true</prop>
+        <prop key="kdc.tgs.renewable.allowed">true</prop>
+
+        <prop key="safehaus.entry.basedn">ou=Users,dc=example,dc=com</prop>
+        <prop key="safehaus.load.testdata">true</prop>
+        <prop key="kerberos.sam.type.7">org.safehaus.triplesec.verifier.hotp.DefaultHotpSamVerifier</prop>
+      </props>
+    </property>
+  </bean>
+
+  <bean id="configuration" class="org.safehaus.triplesec.configuration.MutableTriplesecStartupConfiguration">
+    <property name="workingDirectory"><value>partitions</value></property>
+    <property name="allowAnonymousAccess"><value>false</value></property>
+    <property name="accessControlEnabled"><value>true</value></property>
+    <property name="ldapPort"><value>10389</value></property>
+    <property name="enableKerberos"><value>true</value></property>
+    <property name="enableNtp"><value>false</value></property>
+    <property name="enableChangePassword"><value>true</value></property>
+
+    <!-- Uncomment below to have the server load entries on startup!        -->
+    <!-- ldifDirectory property can point to a relative file, directory or  -->
+    <!-- can point to an absolute path to either using the URL path         -->
+    <!-- notation: i.e. file:///Users/jack/apacheds/ldifs                   -->
+
+    <!-- Entries will optionally be filtered using LdifLoadFilters in the   -->
+    <!-- order specified.  The included Krb5KdcEntryFilter will filter      -->
+    <!-- kerberos principals creating keys for them using their             -->
+    <!-- userPassword attribute if present.                                 -->
+
+    <!-- If missing the Triplesec server will use LDIF files under the conf -->
+    <!-- directory where it has been installed.                             -->
+
+    <!--
+    <property name="ldifDirectory">
+      <value>example.ldif</value>
+    </property>
+    -->
+    <property name="ldifFilters">
+      <list>
+        <bean class="org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter"/>
+      </list>
+    </property>
+
+    <property name="activationConfiguration">
+      <bean class="org.safehaus.triplesec.configuration.ActivationConfiguration">
+        <property name="enableDecoyMidlet"><value>true</value></property>
+        <property name="otpLength"><value>6</value></property>
+        <property name="midletNameAttribute"><value>midletNameAttribute</value></property>
+      </bean>  
+    </property>    
+    
+    <property name="smsConfiguration">
+      <bean class="org.safehaus.triplesec.configuration.SmsConfiguration">
+        <property name="smsUsername"><value>hauskeys</value></property>
+        <property name="smsPassword"><value>secret</value></property>
+        <property name="smsAccountName"><value>demo</value></property>
+        <property name="smsTransportUrl"><value>http://www.nbroadcasting.com/customers/messages/Sender.asp</value></property>
+      </bean>  
+    </property>    
+    
+    <property name="smtpConfiguration">
+      <bean class="org.safehaus.triplesec.configuration.SmtpConfiguration">
+        <property name="smtpAuthenticate"><value>false</value></property>
+        <!-- uncomment and set above property if authentication is required by mail server
+             <property name="smtpUsername"><value>hauskeys</value></property>
+             <property name="smtpPassword"><value>secret</value></property>
+             -->
+             <property name="smtpHost"><value>localhost</value></property>
+             <property name="smtpSubject"><value>Triplesec Account Activated</value></property>
+             <property name="smtpFrom"><value>dev@safehaus.org</value></property>
+           </bean>  
+         </property>    
+         
+    <property name="contextPartitionConfigurations">
+      <set>
+        <ref bean="examplePartitionConfiguration"/>
+      </set>
+    </property>
+    <property name="bootstrapSchemas">
+      <set>
+        <bean class="org.apache.directory.server.core.schema.bootstrap.CorbaSchema"/>
+        <bean class="org.apache.directory.server.core.schema.bootstrap.CoreSchema"/>
+        <bean class="org.apache.directory.server.core.schema.bootstrap.CosineSchema"/>
+        <bean class="org.apache.directory.server.core.schema.bootstrap.ApacheSchema"/>
+        <bean class="org.apache.directory.server.core.schema.bootstrap.CollectiveSchema"/>
+        <bean class="org.apache.directory.server.core.schema.bootstrap.InetorgpersonSchema"/>
+        <bean class="org.apache.directory.server.core.schema.bootstrap.JavaSchema"/>
+        <bean class="org.apache.directory.server.core.schema.bootstrap.Krb5kdcSchema"/>
+        <bean class="org.apache.directory.server.core.schema.bootstrap.SystemSchema"/>
+        <bean class="org.safehaus.triplesec.store.schema.SafehausSchema"/>
+      </set>
+    </property>
+    
+    <property name="extendedOperationHandlers">
+      <list>
+        <bean class="org.apache.directory.server.ldap.support.extended.GracefulShutdownHandler"/>
+        <bean class="org.apache.directory.server.ldap.support.extended.LaunchDiagnosticUiHandler"/>
+      </list>
+    </property>  
+
+    <property name="interceptorConfigurations">
+      <list>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>normalizationService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.normalization.NormalizationService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>authenticationService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.authn.AuthenticationService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>referralService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.referral.ReferralService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>authorizationService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.authz.AuthorizationService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>defaultAuthorizationService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.authz.DefaultAuthorizationService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>exceptionService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.exception.ExceptionService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>schemaService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.schema.SchemaService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>subentryService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.subtree.SubentryService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>operationalAttributeService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.operational.OperationalAttributeService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>collectiveAttributeService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.collective.CollectiveAttributeService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>eventService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.directory.server.core.event.EventService" />
+          </property>
+        </bean>
+        <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>policyProtectionService</value></property>
+          <property name="interceptor">
+            <bean class="org.safehaus.triplesec.store.interceptor.PolicyProtectionInterceptor" />
+          </property>
+        </bean>
+      </list>
+    </property>
+  </bean>
+  
+  <bean id="examplePartitionConfiguration" class="org.apache.directory.server.core.configuration.MutablePartitionConfiguration">
+    <property name="name"><value>example</value></property>
+    <property name="suffix"><value>dc=example,dc=com</value></property>
+    <property name="indexedAttributes">
+      <set>
+        <value>objectClass</value>
+        <value>ou</value>
+        <value>dc</value>
+        <value>uid</value>
+        <value>profileId</value>
+        <value>roles</value>
+        <value>grants</value>
+        <value>denials</value>
+        <value>krb5PrincipalName</value>
+      </set>
+    </property>
+    <property name="contextEntry">
+      <value>
+        objectClass: top
+        objectClass: domain
+        objectClass: extensibleObject
+        dc: example
+        administrativeRole: accessControlSpecificArea
+        administrativeRole: collectiveAttributeSpecificArea
+      </value>
+    </property>
+  </bean>
+
+  <bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
+    <property name="customEditors">
+      <map>
+        <entry key="javax.naming.directory.Attributes">
+          <bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/>
+        </entry>
+      </map>
+   </property>
+  </bean>
+</beans>

Added: directory/trunks/triplesec/webapp-wicket-admin/pom.xml
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/pom.xml?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/pom.xml (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/pom.xml Tue Dec 12 07:23:31 2006
@@ -0,0 +1,177 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+  
+    http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License. 
+-->
+<project>
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>org.safehaus.triplesec</groupId>
+    <artifactId>build</artifactId>
+    <version>1.0-SNAPSHOT</version>
+  </parent>
+  <artifactId>triplesec-wicket-admin</artifactId>
+  <name>Triplesec Webapp Admin (Wicket Based)</name>
+  <packaging>war</packaging>  
+  <build>
+    <finalName>tsec-wicket-admin</finalName>
+    <plugins>
+      <plugin>
+        <groupId>org.mortbay.jetty</groupId>
+        <artifactId>maven-jetty6-plugin</artifactId>
+        <configuration>
+          <scanIntervalSeconds>10</scanIntervalSeconds>
+          <systemProperties>
+            <systemProperty>
+              <name>org.apache.commons.logging.Log</name>
+               <value>org.apache.commons.logging.impl.SimpleLog</value>
+            </systemProperty>
+         </systemProperties>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+  <dependencies>
+    <dependency>
+      <groupId>wicket</groupId>
+      <artifactId>wicket</artifactId>
+      <version>1.2-beta2</version>
+    </dependency>
+    <dependency>
+      <groupId>servletapi</groupId>
+      <artifactId>servletapi</artifactId>
+      <version>2.3</version>
+      <scope>provided</scope>
+    </dependency>
+    <dependency>
+      <groupId>log4j</groupId>
+      <artifactId>log4j</artifactId>
+      <version>1.2.11</version>
+    </dependency>
+    <dependency>
+      <groupId>${pom.groupId}</groupId>
+      <artifactId>triplesec-main</artifactId>
+      <version>${pom.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>${pom.groupId}</groupId>
+      <artifactId>triplesec-integration</artifactId>
+      <version>${pom.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>${pom.groupId}</groupId>
+      <artifactId>triplesec-admin-api</artifactId>
+      <version>${pom.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-ldap</artifactId>
+      <version>0.9.5.3-SNAPSHOT</version>
+    </dependency>
+    <dependency>
+      <groupId>org.slf4j</groupId>
+      <artifactId>nlog4j</artifactId>
+      <version>1.2.25</version>
+      <scope>provided</scope>
+    </dependency>
+  </dependencies>
+
+  <profiles>
+    <profile>
+      <id>default</id>
+      <activation>
+        <activeByDefault>true</activeByDefault>
+      </activation>
+      <build>
+        <plugins>
+           <plugin>
+              <artifactId>maven-surefire-plugin</artifactId>
+              <configuration>
+                <excludes>
+                  <!-- Do not run this test since it never exists -->
+                  <exclude>**/RunWicketAdminUI.java</exclude>
+				  <!-- Avoid normal integration tests -->
+                  <exclude>**/*ITest.java</exclude>
+                  <exclude>**/*IntegrationTest.java</exclude>
+                </excludes>
+              </configuration>
+            </plugin>
+         </plugins>
+       </build>
+    </profile>
+    <profile>
+      <id>integration</id>
+      <activation>
+        <property><name>integration</name></property>
+      </activation>
+      <build>
+        <plugins>
+          <plugin>
+            <artifactId>maven-surefire-plugin</artifactId>
+            <configuration>
+              <systemProperties>
+                <property>
+                  <name>org.safehaus.triplesec.integration.resourcesDirectory</name>
+                  <value>${basedir}/src/test/resources</value>
+                </property>
+              </systemProperties>
+              <excludes>
+                <!-- Do not run this test since it never exists -->
+                <exclude>**/RunWicketAdminUI.java</exclude>
+              </excludes>
+            </configuration>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
+    <profile>
+      <id>ui</id>
+      <activation>
+        <property><name>ui</name></property>
+      </activation>
+      <build>
+        <plugins>
+          <plugin>
+            <artifactId>maven-surefire-plugin</artifactId>
+            <configuration>
+              <systemProperties>
+                <property>
+                  <name>org.safehaus.triplesec.integration.resourcesDirectory</name>
+                  <value>${basedir}/src/test/resources</value>
+                </property>
+                <property>
+                  <name>org.safehaus.triplesec.integration.webapps</name>
+                  <value>admin</value>
+                </property>
+                <property>
+                  <name>org.safehaus.triplesec.integration.webappWarBase.admin</name>
+                  <value>${basedir}/target/tsec-wicket-admin.war</value>
+                </property>
+              </systemProperties>
+              <includes>
+                <include>**/RunWicketAdminUI.java</include>
+              </includes>
+              <excludes>
+                <exclude>**/*Test.java</exclude>
+              </excludes>
+            </configuration>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
+  </profiles>
+</project>

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/models/ConnectionInfo.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/models/ConnectionInfo.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/models/ConnectionInfo.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/models/ConnectionInfo.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,157 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.models;
+
+import org.apache.directory.shared.ldap.util.NamespaceTools;
+
+/**
+ * Model bean for storing and passing Triplesec connection metadata.
+ */
+public class ConnectionInfo
+{
+    private String host;
+    private int ldapPort;
+    private int krb5Port;
+    private boolean useLdaps;
+    private String realm;
+    private String principal;
+    private String credentials;
+    private String passcode;
+
+    public ConnectionInfo()
+    {
+    }
+
+
+    public ConnectionInfo( String host, int ldapPort, int krb5Port, boolean useLdaps,
+                           String realm, String principal, String credentials, String passcode )
+    {
+        this.host = host;
+        this.ldapPort = ldapPort;
+        this.krb5Port = krb5Port;
+        this.useLdaps = useLdaps;
+        this.realm = realm;
+        this.principal = principal;
+        this.credentials = credentials;
+        this.passcode = passcode;
+    }
+
+
+    public String getHost()
+    {
+        return host;
+    }
+
+
+    public void setHost(String aHost)
+    {
+        host = aHost;
+    }
+
+
+    public int getLdapPort()
+    {
+        return ldapPort;
+    }
+
+
+    public void setLdapPort(int aLdapPort)
+    {
+        ldapPort = aLdapPort;
+    }
+
+
+    public int getKrb5Port()
+    {
+        return krb5Port;
+    }
+
+
+    public void setKrb5Port(int aKrb5Port)
+    {
+        krb5Port = aKrb5Port;
+    }
+
+
+    public boolean isUseLdaps()
+    {
+        return useLdaps;
+    }
+
+
+    public void setUseLdaps(boolean aUseLdaps)
+    {
+        useLdaps = aUseLdaps;
+    }
+
+
+    public String getRealm()
+    {
+        return realm;
+    }
+
+
+    public void setRealm(String aRealm)
+    {
+        realm = aRealm;
+    }
+
+
+    public String getLdapRealmBase()
+    {
+        return NamespaceTools.inferLdapName( realm );
+    }
+
+
+    public String getPrincipal()
+    {
+        return principal;
+    }
+
+
+    public void setPrincipal(String aPrincipal)
+    {
+        principal = aPrincipal;
+    }
+
+
+    public String getCredentials()
+    {
+        return credentials;
+    }
+
+
+    public void setCredentials(String aCredentials)
+    {
+        credentials = aCredentials;
+    }
+
+
+    public String getPasscode()
+    {
+        return passcode;
+    }
+
+
+    public void setPasscode(String aPasscode)
+    {
+        passcode = aPasscode;
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/AuthenticatedPage.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/AuthenticatedPage.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/AuthenticatedPage.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/AuthenticatedPage.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,28 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.security;
+
+/**
+ * Simple tagging interface that denotes a web page as requiring
+ * authentication to access.
+ */
+public interface AuthenticatedPage
+{
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/AuthenticatedWebSession.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/AuthenticatedWebSession.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/AuthenticatedWebSession.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/AuthenticatedWebSession.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,133 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.security;
+
+import wicket.protocol.http.WebApplication;
+import wicket.protocol.http.WebSession;
+import org.safehaus.triplesec.adminui.models.ConnectionInfo;
+import org.safehaus.triplesec.adminui.services.ConnectionManager;
+
+/**
+ * Basic authenticated web session.  Subclasses must provide an implementation
+ * of the <code>authenticate</code> method based on connection and credential
+ * information contained within an instance of the
+ * {@link org.safehaus.triplesec.adminui.models.ConnectionInfo} bean.
+ */
+public class AuthenticatedWebSession extends WebSession
+{
+    private static final long serialVersionUID = 1L;
+    /**
+     * Manages an authenticated connection to the Triplesec server.
+     */
+    private ConnectionManager connection = null;
+
+
+    /**
+     * Construct the authenticated web session.
+     *
+     * @param application the web application
+     */
+    public AuthenticatedWebSession( final WebApplication application ) {
+        super( application );
+    }
+
+
+    /**
+     * Authenticates this session to the Triplesec server using the given
+     * {@link org.safehaus.triplesec.adminui.models.ConnectionInfo} properties.
+     *
+     * @param info the <code>ConnectionInfo</code> properties
+     * @return <code>true</code> if the user was authenticated successfully
+     */
+    public boolean authenticate( ConnectionInfo info ) {
+
+        // if the user is (somehow) already signed in, then wave 'em on by...
+        if ( isAuthenticated() )
+        {
+            return true;
+        }
+
+        // create a session-level instance of the Triplesec server connection manager
+        connection = new ConnectionManager();
+
+        // TODO -- delete this once the login dialogs are completed...
+        if ( info == null ) {
+            info = new ConnectionInfo();
+            info.setCredentials( "secret" );
+            info.setHost( "localhost" );
+            info.setKrb5Port( 88 );
+            info.setLdapPort( 10389 );
+            info.setPrincipal( "admin" );
+            info.setRealm( "EXAMPLE.COM" );
+            info.setUseLdaps( false );
+        }
+
+        // return the results of our attempt to connect to the Triplesec server
+        return connection.connect( info );
+    }
+
+
+    /**
+     * @return <code>true</code> if the user is signed in to this session
+     */
+    public boolean isAuthenticated()
+    {
+        return connection != null;
+    }
+
+
+    public Throwable getAuthenticationError()
+    {
+        if ( connection == null )
+        {
+            throw new IllegalStateException(
+                    "Instance of " + ConnectionManager.class.getName() + " not yet instantiated"
+            );
+        }
+        return connection.getLastFailure();
+    }
+
+    /**
+     * Invalidate the session by disconnecting from the Triplesec server.
+     */
+    public void invalidate() {
+        if ( connection != null )
+        {
+            connection.disconnect();
+            connection = null;
+        }
+        super.invalidate();
+    }
+
+
+    /**
+     * Returns the Triplesec server admin connection manager.
+     */
+    public ConnectionManager getConnection()
+    {
+        if ( connection == null )
+        {
+            throw new IllegalStateException(
+                    "Instance of " + ConnectionManager.class.getName() + " not yet instantiated"
+            );
+        }
+        return connection;
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/PageAuthorizationStrategy.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/PageAuthorizationStrategy.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/PageAuthorizationStrategy.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/security/PageAuthorizationStrategy.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,39 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.security;
+
+import wicket.authorization.strategies.page.SimplePageAuthorizationStrategy;
+import wicket.Session;
+
+/**
+ * Implementation of a web page authorization strategy.
+ */
+public class PageAuthorizationStrategy extends SimplePageAuthorizationStrategy
+{
+    public PageAuthorizationStrategy(Class securePageType)
+    {
+        super( securePageType );
+    }
+
+    protected boolean isAuthorized()
+    {
+        return (((AuthenticatedWebSession) Session.get()).isAuthenticated());
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/services/ConnectionManager.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/services/ConnectionManager.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/services/ConnectionManager.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/services/ConnectionManager.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,183 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.services;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.safehaus.triplesec.admin.TriplesecAdmin;
+import org.safehaus.triplesec.admin.dao.DaoFactory;
+import org.safehaus.triplesec.admin.dao.ldap.LdapDaoFactory;
+import org.safehaus.triplesec.adminui.models.ConnectionInfo;
+import org.safehaus.triplesec.configuration.TriplesecStartupConfiguration;
+
+import javax.naming.Context;
+import java.util.Observable;
+import java.util.Properties;
+
+/**
+ * Manages a connection to a Triplesec server.
+ */
+public class ConnectionManager extends Observable
+{
+    private static final Logger log = LoggerFactory.getLogger( ConnectionManager.class );
+    private Throwable lastFailure;
+    private TriplesecAdmin admin;
+    private String realm;
+
+    /**
+     * Connects to the TripleSec server as identified by the <code>ConnectionInfo</code> object.
+     */
+    public boolean connect( ConnectionInfo connectionInfo )
+    {
+        Properties env = new Properties();
+        env.put( DaoFactory.IMPLEMENTATION_CLASS, LdapDaoFactory.class.getName() );
+        env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+        StringBuffer buf = new StringBuffer();
+
+        buf.append( "ldap" );
+        if ( connectionInfo.isUseLdaps() )
+        {
+            buf.append( "s" );
+        }
+        buf.append( "://" ).append( connectionInfo.getHost() ).append( ":" ).append( connectionInfo.getLdapPort() );
+        buf.append( "/" ).append( connectionInfo.getLdapRealmBase() );
+        env.put( Context.PROVIDER_URL, buf.toString() );
+
+        if ( connectionInfo.getPrincipal().equals( "admin" ) )
+        {
+            env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
+        }
+        else
+        {
+            // TODO
+            // use profile information to determine the actual user
+            // we need to login first using an ApplicationPolicy
+            throw new RuntimeException( "not yet implemented..." );
+        }
+        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+        env.put( Context.SECURITY_CREDENTIALS, connectionInfo.getCredentials() );
+        realm = connectionInfo.getRealm();
+        try
+        {
+            admin = new TriplesecAdmin( env );
+        }
+        // TODO make sure we catch all kinds of subclasses and handle differently...
+        catch ( Throwable t )
+        {
+            log.error( "Failed to connect to Triplesec server: " + connectionInfo, t );
+            lastFailure = t;
+            admin = null;
+            return false;
+        }
+        super.setChanged();
+        super.notifyObservers();
+        return true;
+    }
+
+
+    /**
+     * Disconnects from the Triplesec server.
+     */
+    public boolean disconnect()
+    {
+        if ( admin == null )
+        {
+            return true;
+        }
+        admin.close();
+        admin = null;
+        realm = null;
+        super.setChanged();
+        super.notifyObservers();
+        return true;
+    }
+
+    /**
+     * Connect to the specified Triplesec server.
+     */
+    public boolean connect( TriplesecStartupConfiguration config, Properties env )
+    {
+        Properties props = new Properties();
+        props.putAll( env );
+        props.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+        props.put( DaoFactory.IMPLEMENTATION_CLASS, LdapDaoFactory.class.getName() );
+        StringBuffer buf = new StringBuffer();
+        buf.append( "ldap://localhost:" ).append( config.getLdapPort() );
+        buf.append( "/" ).append( props.getProperty( Context.PROVIDER_URL ) );
+        props.put( Context.PROVIDER_URL, buf.toString() );
+        props.remove( "java.naming.factory.object" );
+        props.remove( "java.naming.factory.state" );
+
+        realm = props.getProperty( "kdc.primary.realm" );
+        try
+        {
+            admin = new TriplesecAdmin( props );
+        }
+        catch ( Throwable t )
+        {
+            log.error( "Failed to connect to Triplesec server: " + env, t );
+            lastFailure = t;
+            admin = null;
+            realm = null;
+            return false;
+        }
+
+        super.setChanged();
+        super.notifyObservers();
+        return true;
+    }
+
+
+    /**
+     * Returns <code>true</code> if the connection manager is connected to a Triplesec server instance; otherwise
+     * returns <code>false</code>.
+     */
+    public boolean isConnected()
+    {
+        return admin != null;
+    }
+
+
+    /**
+     * Returns instance of last exception thrown by the connection manager.
+     */
+    public Throwable getLastFailure()
+    {
+        return lastFailure;
+    }
+
+
+    /**
+     * Returns a handle to the Triplesec server admin API.
+     */
+    public TriplesecAdmin getAdmin()
+    {
+        return admin;
+    }
+
+
+    /**
+     * Returns the kerberos security realm.
+     */
+    public String getRealm()
+    {
+        return realm;
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/TriplesecAdminApplication.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/TriplesecAdminApplication.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/TriplesecAdminApplication.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/TriplesecAdminApplication.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,104 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.view;
+
+import org.safehaus.triplesec.adminui.security.AuthenticatedPage;
+import org.safehaus.triplesec.adminui.security.AuthenticatedWebSession;
+import org.safehaus.triplesec.adminui.security.PageAuthorizationStrategy;
+import org.safehaus.triplesec.adminui.view.pages.HomePage;
+import org.safehaus.triplesec.adminui.view.pages.LoginPage;
+import wicket.authorization.IUnauthorizedComponentInstantiationListener;
+import wicket.authorization.UnauthorizedInstantiationException;
+import wicket.protocol.http.WebApplication;
+import wicket.Component;
+import wicket.Session;
+import wicket.Page;
+import wicket.RestartResponseAtInterceptPageException;
+import wicket.ISessionFactory;
+
+/**
+ * Entry point of the Triplesec Demo web application.
+ */
+public class TriplesecAdminApplication extends WebApplication
+    implements IUnauthorizedComponentInstantiationListener
+{
+    /**
+     * Returns the class of the default home page of the application.
+     */
+    public Class getHomePage()
+    {
+        return HomePage.class;
+    }
+
+
+    /**
+     * Provides a runtime hook for custom initialization of the application.
+     */
+    protected void init()
+    {
+        getMarkupSettings().setStripWicketTags( true );
+
+        // set authorization strategy
+        getSecuritySettings().setAuthorizationStrategy(
+            new PageAuthorizationStrategy( AuthenticatedPage.class )
+        );
+
+        // set unauthorized instantiation instantiation listener
+        getSecuritySettings().setUnauthorizedComponentInstantiationListener( this );
+    }
+
+
+    /**
+     * @see wicket.protocol.http.WebApplication#getSessionFactory()
+     */
+    protected ISessionFactory getSessionFactory()
+    {
+        return new ISessionFactory()
+        {
+            private static final long serialVersionUID = 1L;
+
+            public Session newSession()
+            {
+                return new AuthenticatedWebSession( TriplesecAdminApplication.this );
+            }
+        };
+    }
+
+    public void onUnauthorizedInstantiation(final Component component)
+    {
+        if ( component instanceof Page )
+        {
+            if ( !isAuthenticated() )
+            {
+                throw new RestartResponseAtInterceptPageException( LoginPage.class );
+            }
+        }
+        else
+        {
+            // the component was not a page, so throw an exception
+            throw new UnauthorizedInstantiationException( component.getClass() );
+        }
+    }
+
+    private boolean isAuthenticated()
+    {
+        return (((AuthenticatedWebSession) Session.get()).isAuthenticated());
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/borders/PageBorder.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/borders/PageBorder.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/borders/PageBorder.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/borders/PageBorder.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,41 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.view.borders;
+
+import wicket.markup.html.border.Border;
+import wicket.model.IModel;
+
+/**
+ * Renders a consistent border layout for every page when included.
+ */
+public class PageBorder extends Border
+{
+    private static final long serialVersionUID = -8571671577233566370L;
+
+    public PageBorder( String id )
+    {
+        super( id );
+    }
+
+    public PageBorder( String id, IModel model )
+    {
+        super( id, model );
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/borders/PanelBorder.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/borders/PanelBorder.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/borders/PanelBorder.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/borders/PanelBorder.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,40 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.view.borders;
+
+import wicket.markup.html.border.Border;
+import wicket.markup.html.basic.Label;
+import wicket.model.IModel;
+
+/**
+ * Renders a consistent border layout for a panel when included.
+ */
+public class PanelBorder extends Border
+{
+    private static final long serialVersionUID = 2132244418269079978L;
+
+    public PanelBorder( String id, IModel titleModel )
+    {
+        super( id );
+
+        // add the panel title to the panel border...
+        add( new Label( "title", titleModel ) );
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/BasePage.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/BasePage.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/BasePage.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/BasePage.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,41 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.view.pages;
+
+import wicket.markup.html.WebPage;
+import wicket.markup.html.border.Border;
+import org.safehaus.triplesec.adminui.view.borders.PageBorder;
+
+/**
+ * Abstract base class for (most) all pages in the application.  It will
+ * ensure that the page border is rendered.
+ */
+public abstract class BasePage extends WebPage
+{
+    private static final long serialVersionUID = -5614416105628790524L;
+
+    public BasePage()
+    {
+        // create border and add it to the page
+        Border border = new PageBorder( "border" );
+        border.setTransparentResolver( true );
+        super.add( border );
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/HomePage.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/HomePage.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/HomePage.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/HomePage.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,36 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.view.pages;
+
+import wicket.markup.html.basic.Label;
+import org.safehaus.triplesec.adminui.security.AuthenticatedPage;
+
+/**
+ * The default home page of the Safehaus Demo web application.
+ */
+public class HomePage extends BasePage implements AuthenticatedPage
+{
+    private static final long serialVersionUID = 944257846240276627L;
+
+    public HomePage()
+    {
+        add( new Label( "message", "Hello, World!" ) );
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/LoginPage.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/LoginPage.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/LoginPage.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/pages/LoginPage.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,34 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.view.pages;
+
+import org.safehaus.triplesec.adminui.view.panels.LoginPanel;
+
+
+public class LoginPage extends BasePage
+{
+    private static final long serialVersionUID = 6117013758573504600L;
+
+    public LoginPage()
+    {
+        super();
+        add( new LoginPanel( "loginPanel", null ) );
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/panels/BasePanel.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/panels/BasePanel.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/panels/BasePanel.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/panels/BasePanel.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,45 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.view.panels;
+
+import wicket.markup.html.panel.Panel;
+import wicket.model.IModel;
+import wicket.model.Model;
+import org.safehaus.triplesec.adminui.view.borders.PanelBorder;
+
+/**
+ * Base class for content panels.
+ */
+public abstract class BasePanel extends Panel
+{
+    protected BasePanel( String id, String title ) {
+        this( id, null, title );
+    }
+
+    protected BasePanel( String id, IModel model, String title )
+    {
+        super(id, model);
+
+        // create border and add it to the page
+        PanelBorder border = new PanelBorder( "border", new Model( title ) );
+        border.setTransparentResolver( true );
+        super.add( border );
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/panels/LoginPanel.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/panels/LoginPanel.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/panels/LoginPanel.java (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/java/org/safehaus/triplesec/adminui/view/panels/LoginPanel.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,33 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.adminui.view.panels;
+
+import wicket.model.IModel;
+
+
+public class LoginPanel extends BasePanel
+{
+    private static final long serialVersionUID = -2026363140037616620L;
+
+    public LoginPanel( String id, IModel model )
+    {
+        super( id, model, "Connection Properties" );
+    }
+}

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/borders/PageBorder.html
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/borders/PageBorder.html?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/borders/PageBorder.html (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/borders/PageBorder.html Tue Dec 12 07:23:31 2006
@@ -0,0 +1,65 @@
+<!-- 
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+
+-->
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:wicket="http://wicket.sourceforge.net/" xml:lang="en" lang="en">
+<head>
+    <wicket:head>
+        <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+        <link rel="stylesheet" href="css/style.css" type="text/css"/>
+    </wicket:head>
+</head>
+<body>
+<wicket:border>
+    <div id="top">
+        <h1>triplesec server administration</h1>
+        <h2>keep it simple&nbsp;&middot;&nbsp;keep it safe</h2>
+    </div>
+    <div id="container">
+        <div id="sideMenu">
+            <ul class="menu">
+                <li class="menu">
+                    <a href="#">overview of site</a>
+                    <p class="assistiveText">where is this link going?</p>
+                </li>
+                <li class="menu">
+                    <a href="#">details about people</a>
+                    <p class="assistiveText">who knows who's in here?</p>
+                </li>
+                <li class="menu">
+                    <a href="#">contact information</a>
+                    <p class="assistiveText">i ain't saying nothing?</p>
+                </li>
+            </ul>
+        </div>
+
+
+        <div id="content">
+            <div id="MainCopy">
+                <wicket:body/>
+            </div>
+        </div>
+    </div>
+    <div id="footer">
+        &#xA9; <a href="http://www.safehaus.org">Safehaus</a> 2005
+    </div>
+</wicket:border>
+</body>
+</html>

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/borders/PanelBorder.html
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/borders/PanelBorder.html?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/borders/PanelBorder.html (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/borders/PanelBorder.html Tue Dec 12 07:23:31 2006
@@ -0,0 +1,24 @@
+<!-- 
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+
+-->
+
+<wicket:border>
+    <h3><span wicket:id="title">Panel Title</span></h3>
+    <div id="panelcontent"><wicket:body/></div>
+</wicket:border>

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/pages/HomePage.html
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/pages/HomePage.html?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/pages/HomePage.html (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/pages/HomePage.html Tue Dec 12 07:23:31 2006
@@ -0,0 +1,33 @@
+<!-- 
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+
+-->
+
+<?xml version="1.0"?>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:wicket="http://wicket.sourceforge.net/" xml:lang="en" lang="en">
+<head>
+    <wicket:head>
+        <title>TripleSec Admin Home Page</title>
+    </wicket:head>
+</head>
+<body>
+    <span wicket:id="border">
+        <span wicket:id="message">[insert message here]</span>
+    </span>
+</body>
+</html>

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/pages/LoginPage.html
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/pages/LoginPage.html?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/pages/LoginPage.html (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/pages/LoginPage.html Tue Dec 12 07:23:31 2006
@@ -0,0 +1,34 @@
+<!-- 
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+
+-->
+
+<?xml version="1.0"?>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:wicket="http://wicket.sourceforge.net/" xml:lang="en" lang="en">
+<head>
+    <wicket:head>
+        <title>TripleSec Admin Connection</title>
+        <link rel="stylesheet" href="css/style.css" type="text/css"/>
+    </wicket:head>
+</head>
+<body>
+    <span wicket:id="border">
+        <span wicket:id="loginPanel"/>
+    </span>
+</body>
+</html>

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/panels/BasePanel.html
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/panels/BasePanel.html?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/panels/BasePanel.html (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/panels/BasePanel.html Tue Dec 12 07:23:31 2006
@@ -0,0 +1,30 @@
+<!-- 
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+
+-->
+
+<?xml version="1.0"?>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:wicket="http://wicket.sourceforge.net/" xml:lang="en" lang="en">
+<body>
+    <wicket:panel>
+        <span wicket:id="border">
+            <wicket:child/>
+        </span>
+    </wicket:panel>
+</body>
+</html>

Added: directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/panels/LoginPanel.html
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/panels/LoginPanel.html?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/panels/LoginPanel.html (added)
+++ directory/trunks/triplesec/webapp-wicket-admin/src/main/resources/org/safehaus/triplesec/adminui/view/panels/LoginPanel.html Tue Dec 12 07:23:31 2006
@@ -0,0 +1,7 @@
+<wicket:extend>
+    This is the stubbed out Login Panel.
+    <form>
+        <label for="test">Test</label>
+        <input id="test" type="text"/>
+    </form>
+</wicket:extend>
\ No newline at end of file



Mime
View raw message