geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Geronimo v2.1: Web Application Security Sample (page created)
Date Fri, 29 Feb 2008 15:55:00 GMT
<html>
<head>
    <base href="http://cwiki.apache.org/confluence" />
    <style type="text/css">
    <!--
    body, p, td, table, tr, .bodytext, .stepfield {
	font-family: Verdana, arial, sans-serif;
	font-size: 11px;
	line-height: 16px;
	color: #000000;
	font-weight: normal;
}
#PageContent {
	text-align: left;
	background-color: #fff;
	padding: 0px;
	margin: 0px;
    padding-bottom:20px;
}
/*
** when this stylesheet is used for the Tiny MCE Wysiwyg editor's edit area, we can't
** use an id=PageContent or class=wiki-content, so we must
** set the body style to that used for PageContent, and p to that used for wiki-content.
*/

body {
	margin: 0px;
	padding: 0px;
	text-align: center;
    background-color: #f0f0f0;
}

@media print {

body {
    background-color: #fff;
}

}

.monospaceInput {
    font:12px monospace
}

.wiki-content p, .commentblock p {
    margin: 16px 0px 16px 0px;
    padding: 0px;
}

.wiki-content-preview {
    padding: 5px;
    border-left: 1px solid #3c78b5;
    border-right: 1px solid #3c78b5;
}

ul, ol {
    margin-top: 2px;
    margin-bottom: 2px;
    padding-top: 0px;
    padding-bottom: 0px;
}

pre {
    padding: 0px;
    margin-top: 5px;
    margin-left: 15px;
    margin-bottom: 5px;
    margin-right: 5px;
    text-align: left;
}

.helpheading {
    font-weight: bold;
    background-color: #D0D9BD;
        border-bottom: 1px solid #3c78b5;
        padding: 4px 4px 4px 4px;
        margin: 0px;
        margin-top: 10px;
}
.helpcontent {
        padding: 4px 4px 20px 4px;
    background-color: #f5f7f1;
}

.code {
 	border: 1px dashed #3c78b5;
    font-size: 11px;
	font-family: Courier;
    margin: 10px;
	line-height: 13px;
}

.focusedComment {
    background: #ffffce;
}

.commentBox, .focusedComment {
    padding: 10px;
    margin: 5px 0 5px 0;
    border: 1px #bbb solid;
}

.codeHeader {
    background-color: #f0f0f0;
 	border-bottom: 1px dashed #3c78b5;
    padding: 3px;
	text-align: center;
}

.codeContent {
    text-align: left;
    background-color: #f0f0f0;
    padding: 3px;
}

.preformatted {
 	border: 1px dashed #3c78b5;
    font-size: 11px;
	font-family: Courier;
    margin: 10px;
	line-height: 13px;
}

.preformattedHeader {
    background-color: #f0f0f0;
 	border-bottom: 1px dashed #3c78b5;
    padding: 3px;
	text-align: center;
}

.preformattedContent {
    background-color: #f0f0f0;
    padding: 3px;
}

.panel {
 	border: 1px dashed #3c78b5;
    margin: 10px;
    margin-top: 0px;
}

.panelHeader {
    background-color: #f0f0f0;
 	border-bottom: 1px dashed #3c78b5;
    padding: 3px;
	text-align: center;
}

.panelContent {
    background-color: #f0f0f0;
    padding: 5px;
}

.anonymousAlert {
    background-color: #f0f0f0;
 	border: 1px dashed red;
    font-size: 11px;
    padding: 10px 5px 10px 5px;
    margin: 4px;
	line-height: 13px;
}

.lockAlert {
    background-color: #f0f0f0;
    width: 50%;
 	border: 1px dashed red;
    font-size: 11px;
    padding: 10px 5px 10px 5px;
    margin: 4px;
	line-height: 13px;
}


.code-keyword {
  color: #000091;
  background-color: inherit;
}

.code-object {
  color: #910091;
  background-color: inherit;
}

.code-quote {
  color: #009100;
  background-color: inherit;
}

.code-comment {
  color: #808080;
  background-color: inherit;
}


.code-xml .code-keyword {
  color: inherit;
  font-weight: bold;
}

.code-tag {
  color: #000091;
  background-color: inherit;
}

.breadcrumbs {
    background-color: #f0f0f0;
 	border-color: #3c78b5;
	border-width: 1px 0px 1px 0px;
	border-style: solid;
    font-size: 11px;
    padding: 3px 0px 3px 0px;
}

.navmenu {
    border: 1px solid #ccc;
}

.menuheading {
    font-weight: bold;
    background-color: #f0f0f0;
 	border-bottom: 1px solid #3c78b5;
	padding: 4px 4px 2px 4px;
}

.menuitems {
	padding: 4px 4px 20px 4px;
}

.rightpanel {
    border-left: 1px solid #ccc;
    border-bottom: 1px solid #ccc;
}

#helpheading {
    text-align: left;
    font-weight: bold;
    background-color: #D0D9BD;
 	border-bottom: 1px solid #3c78b5;
	padding: 4px 4px 4px 4px;
	margin: 0px;
}
#helpcontent {
	padding: 4px 4px 4px 4px;
    background-color: #f5f7f1;
}
.helptab-unselected {
    font-weight: bold;
	padding: 5px;
    background-color: #f5f7f1;
}
.helptab-selected {
    font-weight: bold;
    background-color: #D0D9BD;
	padding: 5px;
}
.helptabs {
    margin: 0px;
    background-color: #f5f7f1;
	padding: 5px;
}
.infopanel-heading {
    font-weight: bold;
	padding: 4px 0px 2px 0px;
}

.pagebody {
}

.pageheader {
	padding: 5px 5px 5px 0px;
 	border-bottom: 1px solid #3c78b5;
}

.pagetitle {
	font-size: 22px;
	font-weight: bold;
	font-family: Arial, sans-serif;
	color: #003366;
}

.newpagetitle {
    color: #ccc !important;
}

.steptitle {
	font-size: 18px;
	font-weight: bold;
	font-family: Arial, sans-serif;
	color: #003366;
	margin-bottom: 7px;
}

.substeptitle {
    font-size: 12px;
    font-weight: bold;
    font-family: Arial, sans-serif;
    color: #003366;
    margin: 2px 4px 4px 4px;
    padding: 2px 4px 1px 4px;
}

.stepdesc {
    font-family: Verdana, arial, sans-serif;
	font-size: 11px;
	line-height: 16px;
	font-weight: normal;
    color: #666666;
    margin-top: 7px;
    margin-bottom: 7px;
}

.steplabel {
    font-weight: bold;
    margin-right: 4px;
    color: black;
    float: left;
    width: 15%;
    text-align: right;
}

.stepfield {
    background: #f0f0f0;
    padding: 5px;
}

.submitButtons{
    margin-top:5px;
    text-align:right;
}

.formtitle {
	font-size: 12px;
	font-weight: bold;
	font-family: Arial, sans-serif;
	color: #003366;
}

.sectionbottom {
    border-bottom: 1px solid #3c78b5;
}

.topRow {
    border-top: 2px solid #3c78b5;
}

.tabletitle {
	font-size: 14px;
	font-weight: bold;
	font-family: Arial, sans-serif;
    padding: 3px 0px 2px 0px;
    margin: 8px 4px 2px 0px;
	color: #003366;
	border-bottom: 2px solid #3c78b5;
}
.pagesubheading {
    color: #666666;
    font-size: 10px;
    padding: 0px 0px 5px 0px;
}

HR {
	color: 3c78b5;
	height: 1;
}

A:link, A:visited, A:active, A:hover {
	color: #003366;
}

h1 A:link, h1 A:visited, h1 A:active {
	text-decoration: none;
}

h1 A:hover {
    border-bottom: 1px dotted #003366;
}

.wiki-content > :first-child, .commentblock > :first-child {
    margin-top: 3px;
}

.logocell {
    padding: 10px;
}

input {
	font-family: verdana, geneva, arial, sans-serif;
	font-size: 11px;
	color: #000000;
}

textarea, textarea.editor {
	font-family: verdana, geneva, arial, sans-serif;
	font-size: 11px;
	color: #333333;
}

/* use logoSpaceLink instead.
.spacenametitle {
	font: 21px/31px Impact, Arial, Helvetica;
    font-weight: 100;
    color: #999999;
	margin: 0px;
}
.spacenametitle img {
  margin: 0 0 -4px 0;
}
.spacenametitle a {
    text-decoration: none;
    color: #999999;
}
.spacenametitle a:visited {
    text-decoration: none;
    color: #999999;
}*/

.spacenametitle-printable {
	font: 20px/25px Impact, Arial, Helvetica;
    font-weight: 100;
    color: #999999;
	margin: 0px;
}
.spacenametitle-printable a {
    text-decoration: none;
    color: #999999;
}
.spacenametitle-printable a:visited {
    text-decoration: none;
    color: #999999;
}

.blogDate {
	font-weight: bold;
	text-decoration: none;
	color: black;
}

.blogSurtitle {
    background: #f0f0f0;
 	border: 1px solid #ddd;
	padding: 3px;
	margin: 1px 1px 10px 1px;
}

.blogHeading {
    font-size: 20px;
    line-height: normal;
    font-weight: bold;
    padding: 0px;
    margin: 0px;
}

.blogHeading a {
   text-decoration: none;
   color: black;
}

.endsection {
	align: right;
	color: #666666;
	margin-top: 10px;
}
.endsectionleftnav {
	align: right;
	color: #666666;
	margin-top: 10px;
}

h1 {
	font-size: 24px;
	line-height: normal;
	font-weight: bold;
	background-color: #f0f0f0;
	color: #003366;
 	border-bottom: 1px solid #3c78b5;
	padding: 2px;
	margin: 36px 0px 4px 0px;
}

h2 {
	font-size: 18px;
	line-height: normal;
	font-weight: bold;
	background-color: #f0f0f0;
 	border-bottom: 1px solid #3c78b5;
	padding: 2px;
	margin: 27px 0px 4px 0px;
}

h3 {
	font-size: 14px;
	line-height: normal;
	font-weight: bold;
	background-color: #f0f0f0;
	padding: 2px;
	margin: 21px 0px 4px 0px;
}

h4 {
	font-size: 12px;
	line-height: normal;
	font-weight: bold;
	background-color: #f0f0f0;
	padding: 2px;
	margin: 18px 0px 4px 0px;
}

h4.search {
	font-size: 12px;
	line-height: normal;
	font-weight: normal;
	background-color: #f0f0f0;
	padding: 4px;
	margin: 18px 0px 4px 0px;
}

h5 {
	font-size: 10px;
	line-height: normal;
	font-weight: bold;
	background-color: #f0f0f0;
	padding: 2px;
	margin: 14px 0px 4px 0px;
}

h6 {
	font-size: 8px;
	line-height: normal;
	font-weight: bold;
	background-color: #f0f0f0;
	padding: 2px;
	margin: 14px 0px 4px 0px;
}

.smallfont {
    font-size: 10px;
}
.descfont {
    font-size: 10px;
    color: #666666;
}
.smallerfont {
    font-size: 9px;
}
.smalltext {
    color: #666666;
    font-size: 10px;
}
.smalltext a {
    color: #666666;
}
.smalltext-blue {
    color: #3c78b5;
    font-size: 10px;
}
.surtitle {
    margin-left: 1px;
    margin-bottom: 5px;
    font-size: 14px;
    color: #666666;
}

/* css hack found here:  http://www.fo3nix.pwp.blueyonder.co.uk/tutorials/css/hacks/ */
.navItemOver { font-size: 10px; font-weight: bold; color: #ffffff; background-color: #003366; cursor: hand; voice-family: '\'}\''; voice-family:inherit; cursor: pointer;}
.navItemOver a { color: #ffffff; background-color:#003366; text-decoration: none; }
.navItemOver a:visited { color: #ffffff; background-color:#003366; text-decoration: none; }
.navItemOver a:hover { color: #ffffff; background-color:#003366; text-decoration: none; }
.navItem { font-size: 10px; font-weight: bold; color: #ffffff; background-color: #3c78b5; }
.navItem a { color: #ffffff; text-decoration: none; }
.navItem a:hover { color: #ffffff; text-decoration: none; }
.navItem a:visited { color: #ffffff; text-decoration: none; }

div.padded { padding: 4px; }
div.thickPadded { padding: 10px; }
h3.macrolibrariestitle {
    margin: 0px 0px 0px 0px;
}

div.centered { text-align: center; margin: 10px; }
div.centered table {margin: 0px auto; text-align: left; }

.tableview table {
    margin: 0;
}

.tableview th {
    text-align: left;
    color: #003366;
    font-size: 12px;
    padding: 5px 0px 0px 5px;
    border-bottom: 2px solid #3c78b5;
}
.tableview td {
    text-align: left;
    border-color: #ccc;
    border-width: 0px 0px 1px 0px;
    border-style: solid;
    margin: 0;
    padding: 4px 10px 4px 5px;
}

.grid {
    margin: 2px 0px 5px 0px;
    border-collapse: collapse;
}
.grid th  {
    border: 1px solid #ccc;
    padding: 2px 4px 2px 4px;
    background: #f0f0f0;
    text-align: center;
}
.grid td  {
    border: 1px solid #ccc;
    padding: 3px 4px 3px 4px;
}
.gridHover {
	background-color: #f9f9f9;
}

td.infocell {
    background-color: #f0f0f0;
}
.label {
	font-weight: bold;
	color: #003366;
}

label {
	font-weight: bold;
	color: #003366;
}

.error {
	background-color: #fcc;
}

.errorBox {
	background-color: #fcc;
    border: 1px solid #c00;
    padding: 5px;
    margin: 5px;
}

.errorMessage {
	color: #c00;
}

.success {
	background-color: #dfd;
}

.successBox {
	background-color: #dfd;
    border: 1px solid #090;
    padding: 5px;
    margin-top:5px;
    margin-bottom:5px;
}

blockquote {
	padding-left: 10px;
	padding-right: 10px;
	margin-left: 5px;
	margin-right: 0px;
	border-left: 1px solid #3c78b5;
}

table.confluenceTable
{
    margin: 5px;
    border-collapse: collapse;
}

/* Added as a temporary fix for CONF-4223. The table elements appear to be inheriting the border: none attribute from the sectionMacro class */
table.confluenceTable td.confluenceTd
{
    border-width: 1px;
    border-style: solid;
    border-color: #ccc;
    padding: 3px 4px 3px 4px;
}

/* Added as a temporary fix for CONF-4223. The table elements appear to be inheriting the border: none attribute from the sectionMacro class */
table.confluenceTable th.confluenceTh
{
    border-width: 1px;
    border-style: solid;
    border-color: #ccc;
    padding: 3px 4px 3px 4px;
    background-color: #f0f0f0;
    text-align: center;
}

td.confluenceTd
{
    border-width: 1px;
    border-style: solid;
    border-color: #ccc;
    padding: 3px 4px 3px 4px;
}

th.confluenceTh
{
    border-width: 1px;
    border-style: solid;
    border-color: #ccc;
    padding: 3px 4px 3px 4px;
    background-color: #f0f0f0;
    text-align: center;
}

DIV.small {
	font-size: 9px;
}

H1.pagename {
	margin-top: 0px;
}

IMG.inline  {}

.loginform {
    margin: 5px;
    border: 1px solid #ccc;
}

/* The text how the "This is a preview" comment should be shown. */
.previewnote { text-align: center;
                font-size: 11px;
                    color: red; }

/* How the preview content should be shown */
.previewcontent { background: #E0E0E0; }

/* How the system messages should be shown (DisplayMessage.jsp) */
.messagecontent { background: #E0E0E0; }

/* How the "This page has been modified..." -comment should be shown. */
.conflictnote { }

.createlink {
    color: maroon;
}
a.createlink {
    color: maroon;
}
.templateparameter {
    font-size: 9px;
    color: darkblue;
}

.diffadded {
    background: #ddffdd;
    padding: 1px 1px 1px 4px;
	border-left: 4px solid darkgreen;
}
.diffdeleted {
    color: #999;
    background: #ffdddd;
    padding: 1px 1px 1px 4px;
	border-left: 4px solid darkred;
}
.diffnochange {
    padding: 1px 1px 1px 4px;
	border-left: 4px solid lightgrey;
}
.differror {
    background: brown;
}
.diff {
    font-family: lucida console, courier new, fixed-width;
	font-size: 12px;
	line-height: 14px;
}
.diffaddedchars {
    background-color:#99ff99;
    font-weight:bolder;
}
.diffremovedchars {
    background-color:#ff9999;
    text-decoration: line-through;
    font-weight:bolder;
}

.greybackground {
    background: #f0f0f0
}

.greybox {
 	border: 1px solid #ddd;
	padding: 3px;
	margin: 1px 1px 10px 1px;
}

.borderedGreyBox {
    border: 1px solid #cccccc;
    background-color: #f0f0f0;
    padding: 10px;
}

.greyboxfilled {
 	border: 1px solid #ddd;
    background: #f0f0f0;
    padding: 3px;
	margin: 1px 1px 10px 1px;
}

.navBackgroundBox {
    padding: 5px 5px 5px 5px;
    font-size: 22px;
	font-weight: bold;
	font-family: Arial, sans-serif;
	color: white;
    background: #3c78b5;
    text-decoration: none;
}

.previewBoxTop {
	background-color: #f0f0f0;
    border-width: 1px 1px 0px 1px;
    border-style: solid;
    border-color: #3c78b5;
    padding: 5px;
    margin: 5px 0px 0px 0px;
    text-align: center;
}
.previewContent {
    background-color: #fff;
 	border-color: #3c78b5;
	border-width: 0px 1px 0px 1px;
	border-style: solid;
	padding: 10px;
	margin: 0px;
}
.previewBoxBottom {
	background-color: #f0f0f0;
    border-width: 0px 1px 1px 1px;
    border-style: solid;
    border-color: #3c78b5;
    padding: 5px;
    margin: 0px 0px 5px 0px;
    text-align: center;
}

.functionbox {
    background-color: #f0f0f0;
 	border: 1px solid #3c78b5;
	padding: 3px;
	margin: 1px 1px 10px 1px;
}

.functionbox-greyborder {
    background-color: #f0f0f0;
 	border: 1px solid #ddd;
	padding: 3px;
	margin: 1px 1px 10px 1px;
}

.search-highlight {
    background-color: #ffffcc;
}

/* normal (white) background */
.rowNormal {
    background-color: #ffffff;
 }

/* alternate (pale yellow) background */
.rowAlternate {
    background-color: #f7f7f7;
}

/* used in the list attachments table */
.rowAlternateNoBottomColor {
    background-color: #f7f7f7;
}

.rowAlternateNoBottomNoColor {
}

.rowAlternateNoBottomColor td {
    border-bottom: 0px;
}

.rowAlternateNoBottomNoColor td {
    border-bottom: 0px;
}

/* row highlight (grey) background */
.rowHighlight {
    background-color: #f0f0f0;

}

TD.greenbar {FONT-SIZE: 2px; BACKGROUND: #00df00; BORDER: 1px solid #9c9c9c; PADDING: 0px; }
TD.redbar {FONT-SIZE: 2px; BACKGROUND: #df0000; BORDER: 1px solid #9c9c9c; PADDING: 0px; }
TD.darkredbar {FONT-SIZE: 2px; BACKGROUND: #af0000; BORDER: 1px solid #9c9c9c; PADDING: 0px; }

TR.testpassed {FONT-SIZE: 2px; BACKGROUND: #ddffdd; PADDING: 0px; }
TR.testfailed {FONT-SIZE: 2px; BACKGROUND: #ffdddd; PADDING: 0px; }

.toolbar  {
    margin: 0px;
    border-collapse: collapse;
}

.toolbar td  {
    border: 1px solid #ccc;
    padding: 2px 2px 2px 2px;
    color: #ccc;
}

td.noformatting {
    border-width: 0px;
    border-style: none;
    text-align: center;
	padding: 0px;
}

.commentblock {
    margin: 12px 0 12px 0;
}

/*
 * Divs displaying the license information, if necessary.
 */
.license-eval, .license-none, .license-nonprofit {
    border-top: 1px solid #bbbbbb;
    text-align: center;
    font-size: 10px;
    font-family: Verdana, Arial, Helvetica, sans-serif;
}

.license-eval, .license-none {
    background-color: #ffcccc;
}

.license-eval b, .license-none b {
    color: #990000
}

.license-nonprofit {
    background-color: #ffffff;
}

/*
 * The shadow at the bottom of the page between the main content and the
 * "powered by" section.
 */
.bottomshadow {
    height: 12px;
    background-image: url("$req.contextPath/images/border/border_bottom.gif");
    background-repeat: repeat-x;
}

/*
 * Styling of the operations box
 */
.navmenu .operations li, .navmenu .operations ul {
    list-style: none;
    margin-left: 0;
    padding-left: 0;
}

.navmenu .operations ul {
    margin-bottom: 9px;
}

.navmenu .label {
    font-weight: inherit;
}

/*
 * Styling of ops as a toolbar
 */
.toolbar div {
    display: none;
}

.toolbar .label {
    display: none;
}

.toolbar .operations {
    display: block;
}

.toolbar .operations ul {
    display: inline;
    list-style: none;
    margin-left: 10px;
    padding-left: 0;
}

.toolbar .operations li {
    list-style: none;
    display: inline;
}

/* list page navigational tabs */
#foldertab {
padding: 3px 0px 3px 8px;
margin-left: 0;
border-bottom: 1px solid #3c78b5;
font: bold 11px Verdana, sans-serif;
}

#foldertab li {
list-style: none;
margin: 0;
display: inline;
}

#foldertab li a {
padding: 3px 0.5em;
margin-left: 3px;
border: 1px solid #3c78b5;
border-bottom: none;
background: #3c78b5;
text-decoration: none;
}

#foldertab li a:link { color: #ffffff; }
#foldertab li a:visited { color: #ffffff; }

#foldertab li a:hover {
color: #ffffff;
background: #003366;
border-color: #003366;
}

#foldertab li a.current {
background: white;
border-bottom: 1px solid white;
color: black;
}

#foldertab li a.current:link { color: black; }
#foldertab li a.current:visited { color: black; }
#foldertab li a.current:hover {
background: white;
border-bottom: 1px solid white;
color: black;
}

/* alphabet list */
ul#squaretab {
margin-left: 0;
padding-left: 0;
white-space: nowrap;
font: bold 8px Verdana, sans-serif;
}

#squaretab li {
display: inline;
list-style-type: none;
}

#squaretab a {
padding: 2px 6px;
border: 1px solid #3c78b5;
}

#squaretab a:link, #squaretab a:visited {
color: #fff;
background-color: #3c78b5;
text-decoration: none;
}

#squaretab a:hover {
color: #ffffff;
background-color: #003366;
border-color: #003366;
text-decoration: none;
}

#squaretab li a#current {
background: white;
color: black;
}

.blogcalendar * {
    font-family:verdana, arial, sans-serif;
    font-size:x-small;
    font-weight:normal;
    line-height:140%;
    padding:2px;
}


table.blogcalendar {
    border: 1px solid #3c78b5;
}

.blogcalendar th.calendarhead, a.calendarhead {
    font-size:x-small;
    font-weight:bold;
    padding:2px;
    text-transform:uppercase;
    background-color: #3c78b5;
    color: #ffffff;
    letter-spacing: .3em;
    text-transform: uppercase;
}

.calendarhead:visited {color: white;}
.calendarhead:active {color: white;}
.calendarhead:hover {color: white;}

.blogcalendar th {
    font-size:x-small;
    font-weight:bold;
    padding:2px;
    background-color:#f0f0f0;
}

.blogcalendar td {
    font-size:x-small;
    font-weight:normal;
}

.searchGroup { padding: 0 0 10px 0; background: #f0f0f0; }
.searchGroupHeading { font-size: 10px; font-weight: bold; color: #ffffff; background-color: #3c78b5; padding: 2px 4px 1px 4px; }
.searchItem { padding: 1px 4px 1px 4px; }
.searchItemSelected { padding: 1px 4px 1px 4px; font-weight: bold; background: #ddd; }

/* permissions page styles */
.permissionHeading {
    border-bottom: #bbb; border-width: 0 0 1px 0; border-style: solid; font-size: 16px; text-align: left;
}
.permissionTab {
    border-width: 0 0 0 1px; border-style: solid; background: #3c78b5; color: #ffffff; font-size: 10px;
}
.permissionSuperTab {
    border-width: 0 0 0 1px; border-style: solid; background: #003366; color: #ffffff;
}
.permissionCell {
    border-left: #bbb; border-width: 0 0 0 1px; border-style: solid;
}

/* warning panel */
.warningPanel { background: #FFFFCE; border:#F0C000 1px solid; padding: 8px; margin: 10px; }
/* alert panel */
.alertPanel { background: #FFCCCC; border:#C00 1px solid; padding: 8px; margin: 10px; }
/* info panel */
.infoPanel { background: #D8E4F1; border:#3c78b5 1px solid; padding: 8px; margin: 10px; }

/* side menu highlighting (e.g. space content screen) */
.optionPadded { padding: 2px; }
.optionSelected { background-color: #ffffcc; padding: 2px; border: 1px solid #ddd; margin: -1px; }
.optionSelected a { font-weight: bold; text-decoration: none; color: black; }

/* information macros */
.noteMacro { border-style: solid; border-width: 1px; border-color: #F0C000; background-color: #FFFFCE; text-align:left; margin-top: 5px; margin-bottom: 5px}
.warningMacro { border-style: solid; border-width: 1px; border-color: #c00; background-color: #fcc; text-align:left; margin-top: 5px; margin-bottom: 5px}
.infoMacro { border-style: solid; border-width: 1px; border-color: #3c78b5; background-color: #D8E4F1; text-align:left; margin-top: 5px; margin-bottom: 5px}
.tipMacro { border-style: solid; border-width: 1px; border-color: #090; background-color: #dfd; text-align:left; margin-top: 5px; margin-bottom: 5px}
.informationMacroPadding { padding: 5px 0 0 5px; }

table.infoMacro td, table.warningMacro td, table.tipMacro td, table.noteMacro td, table.sectionMacro td {
    border: none;
}

table.sectionMacroWithBorder td.columnMacro { border-style: dashed; border-width: 1px; border-color: #cccccc;}

.pagecontent
{
    padding: 10px;
    text-align: left;
}

/* styles for links in the top bar */
.topBarDiv a:link {color: #ffffff;}
.topBarDiv a:visited {color: #ffffff;}
.topBarDiv a:active {color: #ffffff;}
.topBarDiv a:hover {color: #ffffff;}
.topBarDiv {color: #ffffff;}

.topBar {
    background-color: #003366;
}


/* styles for extended operations */
.greyLinks a:link {color: #666666; text-decoration:underline;}
.greyLinks a:visited {color: #666666; text-decoration:underline;}
.greyLinks a:active {color: #666666; text-decoration:underline;}
.greyLinks a:hover {color: #666666; text-decoration:underline;}
.greyLinks {color: #666666; display:block; padding: 10px}

.logoSpaceLink {color: #999999; text-decoration: none}
.logoSpaceLink a:link {color: #999999; text-decoration: none}
.logoSpaceLink a:visited {color: #999999; text-decoration: none}
.logoSpaceLink a:active {color: #999999; text-decoration: none}
.logoSpaceLink a:hover {color: #003366; text-decoration: none}

/* basic panel (basicpanel.vmd) style */
.basicPanelContainer {border: 1px solid #3c78b5; margin-top: 2px; margin-bottom: 8px; width: 100%}
.basicPanelTitle {padding: 5px; margin: 0px; background-color: #f0f0f0; color: black; font-weight: bold;}
.basicPanelBody {padding: 5px; margin: 0px}

.separatorLinks a:link {color: white}
.separatorLinks a:visited {color: white}
.separatorLinks a:active {color: white}

.greynavbar {background-color: #f0f0f0; border-top: 1px solid #3c78b5; margin-top: 2px}

div.headerField {
    float: left;
    width: auto;
    height: 100%;
}

.headerFloat {
    margin-left: auto;
    width: 50%;
}

.headerFloatLeft {
    float: left;
    margin-right: 20px;
    margin-bottom: 10px;
}

#headerRow {
    padding: 10px;
}

div.license-personal {
   background-color: #003366;
   color: #ffffff;
}

div.license-personal a {
   color: #ffffff;
}

.greyFormBox {
    border: 1px solid #cccccc;
    padding: 5px;
}

/* IE automatically adds a margin before and after form tags. Use this style to remove that */
.marginlessForm {
    margin: 0px;
}

.openPageHighlight {
    background-color: #ffffcc;
    padding: 2px;
    border: 1px solid #ddd;
}

.editPageInsertLinks, .editPageInsertLinks a
{
    color: #666666;
    font-weight: bold;
    font-size: 10px;
}

/* Style for label heatmap. */
.top10 a {
    font-weight: bold;
    font-size: 2em;
    color: #003366;
}
.top25 a {
    font-weight: bold;
    font-size: 1.6em;
    color: #003366;
}
.top50 a {
    font-size: 1.4em;
    color: #003366;
}
.top100 a {
    font-size: 1.2em;
    color: #003366;
}

.heatmap {
    list-style:none;
    width: 95%;
    margin: 0px auto;
}

.heatmap a {
    text-decoration:none;
}

.heatmap a:hover {
    text-decoration:underline;
}

.heatmap li {
    display: inline;
}

.minitab {
padding: 3px 0px 3px 8px;
margin-left: 0;
margin-top: 1px;
margin-bottom: 0px;
border-bottom: 1px solid #3c78b5;
font: bold 9px Verdana, sans-serif;
text-decoration: none;
float:none;
}
.selectedminitab {
padding: 3px 0.5em;
margin-left: 3px;
margin-top: 1px;
border: 1px solid #3c78b5;
background: white;
border-bottom: 1px solid white;
color: #000000;
text-decoration: none;
}
.unselectedminitab {
padding: 3px 0.5em;
margin-left: 3px;
margin-top: 1px;
border: 1px solid #3c78b5;
border-bottom: none;
background: #3c78b5;
color: #ffffff;
text-decoration: none;
}

a.unselectedminitab:hover {
color: #ffffff;
background: #003366;
border-color: #003366;
}

a.unselectedminitab:link { color: white; }
a.unselectedminitab:visited { color: white; }

a.selectedminitab:link { color: black; }
a.selectedminitab:visited { color: black; }

.linkerror { background-color: #fcc;}

a.labelOperationLink:link {text-decoration: underline}
a.labelOperationLink:active {text-decoration: underline}
a.labelOperationLink:visited {text-decoration: underline}
a.labelOperationLink:hover {text-decoration: underline}

a.newLabel:link {background-color: #ddffdd}
a.newLabel:active {background-color: #ddffdd}
a.newLabel:visited {background-color: #ddffdd}
a.newLabel:hover {background-color: #ddffdd}

ul.square {list-style-type: square}

.inline-control-link {
    background: #ffc;
    font-size: 9px;
    color: #666;
    padding: 2px;
    text-transform: uppercase;
    text-decoration: none;
}


.inline-control-link a:link {text-decoration: none}
.inline-control-link a:active {text-decoration: none}
.inline-control-link a:visited {text-decoration: none}
.inline-control-link a:hover {text-decoration: none}

.inline-control-link {
    background: #ffc;
    font-size: 9px;
    color: #666;
    padding: 2px;
    text-transform: uppercase;
    text-decoration: none;
    cursor: pointer;
}

div.auto_complete {
    width: 350px;
    background: #fff;
}
div.auto_complete ul {
    border: 1px solid #888;
    margin: 0;
    padding: 0;
    width: 100%;
    list-style-type: none;
}
div.auto_complete ul li {
    margin: 0;
    padding: 3px;
}
div.auto_complete ul li.selected {
    background-color: #ffb;
}
div.auto_complete ul strong.highlight {
    color: #800;
    margin: 0;
    padding: 0;
}

/******* Edit Page Styles *******/
.toogleFormDiv{
    border:1px solid #A7A6AA;
    background-color:white;
    padding:5px;
    margin-top: 5px;
}

.toogleInfoDiv{
    border:1px solid #A7A6AA;
    background-color:white;
    display:none;
    padding:5px;
    margin-top: 10px;
}

.inputSection{
    margin-bottom:20px;
}

#editBox{
   border:1px solid lightgray;
   background-color:#F0F0F0;
}

/******* Left Navigation Theme Styles ********/
.leftnav li a {
    text-decoration:none;
    color:white;
    margin:0px;
    display:block;
    padding:2px;
    padding-left:5px;
    background-color: #3c78b5;
    border-top:1px solid #3c78b5;
}

.leftnav li a:active {color:white;}
.leftnav li a:visited {color:white;}
.leftnav li a:hover {background-color: #003366; color:white;}

/* Added by Shaun during i18n */
.replaced
{
    background-color: #33CC66;
}

.topPadding
{
    margin-top: 20px;
}

/* new form style */
.form-block {
    padding: 6px;
}
.form-error-block {
    padding: 6px;
    background: #fcc;
    border-top: #f0f0f0 1px solid;
    border-bottom: #f0f0f0 1px solid;
    margin-bottom: 6px;
    padding: 0 12px 0 12px;
}
.form-element-large {
    font-size: 16px;
    font-weight: bold;
    font-family: Arial, sans-serif;
    color: #003366;
}

.form-element-small {
    font-size: 12px;
    font-weight: bold;
    font-family: Arial, sans-serif;
    color: #003366;
}

.form-header {
    background: lightyellow;
    border-top: #f0f0f0 1px solid;
    border-bottom: #f0f0f0 1px solid;
    margin-bottom: 6px;
    padding: 0 12px 0 12px;
}
.form-header p, .form-block p, .form-error-block p {
    line-height: normal;
    margin: 12px 0 12px 0;
}
.form-example {
    color: #888;
    font-size: 11px;
}
.form-divider {
    border-bottom: #ccc 1px solid;
    margin-bottom: 6px;
}
.form-buttons {
    margin-top: 6px;
    border-top: #ccc 1px solid;
    border-bottom: #ccc 1px solid;
    background: #f0f0f0;
    padding: 10px;
    text-align: center;
}
.form-buttons input {
    width: 100px;
}
.form-block .error {
    padding: 6px;
    margin-bottom: 6px;
}
    -->
    </style>
</head>
<body>

<div id="PageContent">
<table class="pagecontent" border="0" cellpadding="0" cellspacing="0" width="100%"><tr>
<td valign="top" class="pagebody">

    <div class="pageheader">
        <span class="pagetitle">
            Page Created :
            <a href="http://cwiki.apache.org/confluence/display/GMOxDOC21">GMOxDOC21</a> :
            <a href="http://cwiki.apache.org/confluence/display/GMOxDOC21/Web+Application+Security+Sample">Web Application Security Sample</a>
        </span>
    </div>

     <p>
        <a href="http://cwiki.apache.org/confluence/display/GMOxDOC21/Web+Application+Security+Sample">Web Application Security Sample</a>
        has been created by             <a href="http://cwiki.apache.org/confluence/display/~beckerdo">Dan Becker</a>
            <span class="smallfont">(Feb 29, 2008)</span>.
     </p>

    <span class="label">Content:</span><br />
    <div class="greybox wiki-content"><style type='text/css'>/*<![CDATA[*/
table.ScrollbarTable  {border: none;padding: 3px;width: 100%;padding: 3px;margin: 0px;background-color: #f0f0f0}
table.ScrollbarTable td.ScrollbarPrevIcon {text-align: center;width: 16px;border: none;}
table.ScrollbarTable td.ScrollbarPrevName {text-align: left;border: none;}
table.ScrollbarTable td.ScrollbarParent {text-align: center;border: none;}
table.ScrollbarTable td.ScrollbarNextName {text-align: right;border: none;}
table.ScrollbarTable td.ScrollbarNextIcon {text-align: center;width: 16px;border: none;}

/*]]>*/</style><div class="Scrollbar"><table class='ScrollbarTable'><tr><td class='ScrollbarPrevIcon'><a href="/confluence/display/GMOxDOC21/SPECjAppServer2004"><img border='0' align='middle' src='/confluence/images/icons/back_16.gif' width='16' height='16'></a></td><td width='33%' class='ScrollbarPrevName'><a href="/confluence/display/GMOxDOC21/SPECjAppServer2004">SPECjAppServer2004</a>&nbsp;</td><td width='33%' class='ScrollbarParent'><sup><a href="/confluence/display/GMOxDOC21/Sample+applications"><img border='0' align='middle' src='/confluence/images/icons/up_16.gif' width='8' height='8'></a></sup><a href="/confluence/display/GMOxDOC21/Sample+applications">Sample applications</a></td><td width='33%' class='ScrollbarNextName'>&nbsp;</td></tr></table></div>
<p><a name="WebApplicationSecuritySample-top"></a></p>

<p>This article focuses on the web application security related features of the Apache Geronimo server. The sample application covered in this article is a basic time reporting system that uses Servlets, JSPs and J2EE declarative security. In addition to above features it uses Geronimo's embedded Derby database to store user information of the system. Even though this application uses a database to hold user information, it is merely for configuration purposes. For detailed information on the usage of JDBC in Geronimo, refer the <span class="nobr"><a href="/confluence/pages/createpage.action?spaceKey=GMOxDOC21&amp;title=Simple+database+access+sample+application&amp;linkCreation=true&amp;fromPageId=78220" title="Create Page: Simple database access sample application" class="createlink">Simple database access sample application<sup><img class="rendericon" src="/confluence/images/icons/plus.gif" height="7" width="7" align="absmiddle" alt="" border="0"/></sup></a></span> article.
   </p>

<p>After reading this article you should be able to configure Geronimo application server for web applications with declarative security features.</p>

<p>This article is organized in to following sections.</p>
<ul>
	<li><a href="#WebApplicationSecuritySample-web" title="web on Web Application Security Sample">Web Applications Geronimo</a></li>
	<li><a href="#WebApplicationSecuritySample-overview" title="overview on Web Application Security Sample">Application Overview</a></li>
	<li><a href="#WebApplicationSecuritySample-configure" title="configure on Web Application Security Sample">Configuring, Building and Deploying the Sample Application</a></li>
	<li><a href="#WebApplicationSecuritySample-testing" title="testing on Web Application Security Sample">Testing of the Sample Application</a></li>
	<li><a href="#WebApplicationSecuritySample-summary" title="summary on Web Application Security Sample">Summary</a></li>
</ul>


<h1><a name="WebApplicationSecuritySample-WebApplicationsinGeronimo"></a>Web Applications in Geronimo<a name="WebApplicationSecuritySample-web"></a></h1>

<p>Apache Geronimo includes a Web application container supporting J2EE Web applications. The Web container itself supports basic configuration such as network ports and SSL options, and each Web application may include Geronimo-specific configuration information as well. Web applications participate in the Geronimo security infrastructure, so authenticating to a Web application allows access to secure EJBs and Connectors as well.</p>

<p>Apache Geronimo currently supports two Web containers: Jetty and Tomcat. </p>

<h3><a name="WebApplicationSecuritySample-Jetty"></a>Jetty</h3>
<p>Jetty is a 100% Java HTTP Server and Servlet Container. This means that you do not need to configure and run a separate Web server in order to use servlets and JSPs to generate dynamic content. Jetty is a fully featured Web server for static and dynamic content.</p>

<p>Unlike separate server/container solutions, Jetty's Web server and Web application run in the same process without interconnection overheads and complications. Furthermore, as a pure java component, Jetty can be easily included in your application for demonstration, distribution or deployment. Jetty is available on all Java supported platforms.<br/>
<span class="nobr"><a href="http://jetty.mortbay.org/jetty/index.html" title="Visit page outside Confluence" rel="nofollow">http://jetty.mortbay.org/jetty/index.html<sup><img class="rendericon" src="/confluence/images/icons/linkext7.gif" height="7" width="7" align="absmiddle" alt="" border="0"/></sup></a></span></p>

<h3><a name="WebApplicationSecuritySample-Tomcat"></a>Tomcat</h3>
<p>Apache Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies.<br/>
<span class="nobr"><a href="http://tomcat.apache.org/" title="Visit page outside Confluence" rel="nofollow">http://tomcat.apache.org/<sup><img class="rendericon" src="/confluence/images/icons/linkext7.gif" height="7" width="7" align="absmiddle" alt="" border="0"/></sup></a></span></p>

<h1><a name="WebApplicationSecuritySample-ApplicationOverview"></a>Application Overview <a name="WebApplicationSecuritySample-overview"></a></h1>

<p>The Time Report application helps to report working times of different projects. Even though this is not a full blown time reporting application, it covers most of the displaying and security related features web applications in Apache Geronimo.</p>

<p>This sample application allows two types of user groups to report their time tasks to the system, namely   managers and employees. Both type of users have to provide their credentials before reporting time tasks. Managers are more of super users of the system, so they can add employees to the system additionally.</p>

<p>The Time Report application has the following list of pages.</p>
<ul>
	<li>Welcome</li>
	<li>Login</li>
	<li>Time Report</li>
	<li>Add Employees</li>
	<li>Logout</li>
</ul>


<p>The following figure illustrates overview of application flow:</p>

<p><span class="error">Unable to render embedded object: File (time_report_flow.gif) not found.</span><br/>
By default the given sample application is directed to the Welcome page with a link to the Time Report functionality. The users can access the Time Report page by providing a valid user name and password to the Login page. If those provided user credentials are from a manager role, Time Report page will display an additional link to the Add Employees functionality too.</p>

<h2><a name="WebApplicationSecuritySample-Applicationcontents"></a>Application contents</h2>
<p>Following is the main folder hierarchy of the Time Reporting application. It display both JSPs and configuration files used in the application.</p>
<div class="code"><div class="codeContent">
<pre class="code-java">|- employee
     |- index.jsp
|- login
     |- login.jsp
     |- login_error.jsp
     |- logout.jsp
|- manager
     |- index.jsp
|- WEB_INF
     |- geronimo-web.xml
     |- web.xml
|- index.jsp</pre>
</div></div>

<p>In addition to the above JSPs and configurations, two other servlets are also required to fulfill the business logic of the application.</p>
<ul>
	<li>AddTimeRecordServlet - Read the input data from the Time Report page</li>
	<li>AddEmployeeServlet - Capture input information from Add Employee page</li>
</ul>


<p>Security configuration of the Time Report application is handled by <b>geronimo-web.xml</b> and <b>web.xml</b> files. <b>geronimo-web.xml</b> is used to define user roles of the application with <b>TimeReportRealm</b>.</p>

<p>The first part of <b>geronimo-web.xml</b> is straight forward. However, the security configuration is tricky. The &lt;security-realm-name&gt; is described in the &lt;security&gt; element through a sequence of declarations in the &lt;realms&gt; element.</p>

<p>While the web.xml specifies the security roles, the geronimo-web.xml maps to which specific users or groups in the Geronimo security realms they belong to. If there is a user that is not logged in, it defaults to what is defined in the &lt;default-principal&gt; element.</p>

<p>There are two roles that are issued in this project: manager and employee. Since a manager is also an employee of the company, it will be listed under employee too. However, it also has its spot under the 'manager' role.</p>

<div class="code" style="border-style: solid; "><div class="codeHeader" style="border-bottom-style: solid; "><b>geronimo-web.xml</b></div><div class="codeContent">
<pre class="code-xml"><span class="code-tag">&lt;?xml version=<span class="code-quote">"1.0"</span> encoding=<span class="code-quote">"UTF-8"</span>?&gt;</span>
&lt;web-app
	xmlns=<span class="code-quote">"http://geronimo.apache.org/xml/ns/j2ee/web-1.1"</span>&gt;
	
	<span class="code-tag">&lt;environment&gt;</span>
		<span class="code-tag">&lt;moduleId&gt;</span>
                        <span class="code-tag">&lt;groupId&gt;</span>${pom.groupId}<span class="code-tag">&lt;/groupId&gt;</span>
                        <span class="code-tag">&lt;artifactId&gt;</span>${pom.artifactId}<span class="code-tag">&lt;/artifactId&gt;</span>
                        <span class="code-tag">&lt;version&gt;</span>${version}<span class="code-tag">&lt;/version&gt;</span> 
                        <span class="code-tag">&lt;type&gt;</span>war<span class="code-tag">&lt;/type&gt;</span>
		<span class="code-tag">&lt;/moduleId&gt;</span>		
	<span class="code-tag">&lt;/environment&gt;</span>
		
	<span class="code-tag">&lt;context-root&gt;</span>/timereport<span class="code-tag">&lt;/context-root&gt;</span>
	
	<span class="code-tag">&lt;security-realm-name&gt;</span>TimeReportRealm<span class="code-tag">&lt;/security-realm-name&gt;</span>
	
	<span class="code-tag">&lt;security&gt;</span>
		<span class="code-tag">&lt;default-principal realm-name=<span class="code-quote">"TimeReportRealm"</span>&gt;</span>
			&lt;principal name=<span class="code-quote">"anonymous"</span>
				   class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"</span>
				   /&gt;
		<span class="code-tag">&lt;/default-principal&gt;</span>
		<span class="code-tag">&lt;role-mappings&gt;</span>			
			<span class="code-tag">&lt;role role-name=<span class="code-quote">"employee"</span>&gt;</span>
				<span class="code-tag">&lt;realm realm-name=<span class="code-quote">"TimeReportRealm"</span>&gt;</span>
					&lt;principal name=<span class="code-quote">"EmployeeGroup"</span>
					   class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"</span>
				   	/&gt;
				<span class="code-tag">&lt;/realm&gt;</span>
				<span class="code-tag">&lt;realm realm-name=<span class="code-quote">"TimeReportRealm"</span>&gt;</span>
					&lt;principal name=<span class="code-quote">"ManagerGroup"</span>
					   class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"</span>
					/&gt;					
				<span class="code-tag">&lt;/realm&gt;</span>
			<span class="code-tag">&lt;/role&gt;</span>
			<span class="code-tag">&lt;role role-name=<span class="code-quote">"manager"</span>&gt;</span>
				<span class="code-tag">&lt;realm realm-name=<span class="code-quote">"TimeReportRealm"</span>&gt;</span>
					&lt;principal name=<span class="code-quote">"ManagerGroup"</span>
					   class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"</span>
					/&gt;					
				<span class="code-tag">&lt;/realm&gt;</span>								
			<span class="code-tag">&lt;/role&gt;</span>
		<span class="code-tag">&lt;/role-mappings&gt;</span>
    <span class="code-tag">&lt;/security&gt;</span>
    
<span class="code-tag">&lt;/web-app&gt;</span></pre>
</div></div> 

<p><b>web.xml</b> will map the defined user roles to resources in the web application. It also defines the login configurations of the application.</p>
<div class="code" style="border-style: solid; "><div class="codeHeader" style="border-bottom-style: solid; "><b>web.xml</b></div><div class="codeContent">
<pre class="code-xml"><span class="code-tag">&lt;?xml version=<span class="code-quote">"1.0"</span> encoding=<span class="code-quote">"UTF-8"</span>?&gt;</span>
&lt;web-app xmlns=<span class="code-quote">"http://java.sun.com/xml/ns/j2ee"</span>
	 <span class="code-keyword">xmlns:xsi</span>=<span class="code-quote">"http://www.w3.org/2001/XMLSchema-instance"</span>
	 xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
	 http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
	 version=<span class="code-quote">"2.4"</span>&gt;	
	 
	<span class="code-tag">&lt;welcome-file-list&gt;</span>
		<span class="code-tag">&lt;welcome-file&gt;</span>index.jsp<span class="code-tag">&lt;/welcome-file&gt;</span>
  	<span class="code-tag">&lt;/welcome-file-list&gt;</span>
  	
	<span class="code-tag">&lt;security-constraint&gt;</span>
		<span class="code-tag">&lt;web-resource-collection&gt;</span>
			<span class="code-tag">&lt;web-resource-name&gt;</span>employee<span class="code-tag">&lt;/web-resource-name&gt;</span>
			<span class="code-tag">&lt;url-pattern&gt;</span>/employee/*<span class="code-tag">&lt;/url-pattern&gt;</span>			
		<span class="code-tag">&lt;/web-resource-collection&gt;</span>
		<span class="code-tag">&lt;auth-constraint&gt;</span>
			<span class="code-tag">&lt;role-name&gt;</span>employee<span class="code-tag">&lt;/role-name&gt;</span>			 
		<span class="code-tag">&lt;/auth-constraint&gt;</span>
	<span class="code-tag">&lt;/security-constraint&gt;</span>
	
	<span class="code-tag">&lt;security-constraint&gt;</span>
		<span class="code-tag">&lt;web-resource-collection&gt;</span>
			<span class="code-tag">&lt;web-resource-name&gt;</span>manager<span class="code-tag">&lt;/web-resource-name&gt;</span>
			<span class="code-tag">&lt;url-pattern&gt;</span>/manager/*<span class="code-tag">&lt;/url-pattern&gt;</span>			
		<span class="code-tag">&lt;/web-resource-collection&gt;</span>
		<span class="code-tag">&lt;auth-constraint&gt;</span>
			<span class="code-tag">&lt;role-name&gt;</span>manager<span class="code-tag">&lt;/role-name&gt;</span>
		<span class="code-tag">&lt;/auth-constraint&gt;</span>
	<span class="code-tag">&lt;/security-constraint&gt;</span>
	
	<span class="code-tag">&lt;login-config&gt;</span>
		<span class="code-tag">&lt;auth-method&gt;</span>FORM<span class="code-tag">&lt;/auth-method&gt;</span>
		<span class="code-tag">&lt;realm-name&gt;</span>TimeReportRealm<span class="code-tag">&lt;/realm-name&gt;</span>
		<span class="code-tag">&lt;form-login-config&gt;</span>
			<span class="code-tag">&lt;form-login-page&gt;</span>/login/login.jsp<span class="code-tag">&lt;/form-login-page&gt;</span>
			<span class="code-tag">&lt;form-error-page&gt;</span>/login/login_error.jsp<span class="code-tag">&lt;/form-error-page&gt;</span>
		<span class="code-tag">&lt;/form-login-config&gt;</span>
	<span class="code-tag">&lt;/login-config&gt;</span>
	
	<span class="code-tag">&lt;security-role&gt;</span>
		<span class="code-tag">&lt;role-name&gt;</span>employee<span class="code-tag">&lt;/role-name&gt;</span>		
    	<span class="code-tag">&lt;/security-role&gt;</span>
	<span class="code-tag">&lt;security-role&gt;</span>
		<span class="code-tag">&lt;role-name&gt;</span>manager<span class="code-tag">&lt;/role-name&gt;</span>		
    <span class="code-tag">&lt;/security-role&gt;</span>
    	
    <span class="code-tag">&lt;servlet&gt;</span>
	    <span class="code-tag">&lt;display-name&gt;</span>AddTimeRecordServlet<span class="code-tag">&lt;/display-name&gt;</span>
	    <span class="code-tag">&lt;servlet-name&gt;</span>AddTimeRecordServlet<span class="code-tag">&lt;/servlet-name&gt;</span>
	    <span class="code-tag">&lt;servlet-class&gt;</span>org.apache.geronimo.samples.timereport.web.AddTimeRecordServlet<span class="code-tag">&lt;/servlet-class&gt;</span>
  	<span class="code-tag">&lt;/servlet&gt;</span>
  	<span class="code-tag">&lt;servlet&gt;</span>
	    <span class="code-tag">&lt;display-name&gt;</span>AddEmployeeServlet<span class="code-tag">&lt;/display-name&gt;</span>
	    <span class="code-tag">&lt;servlet-name&gt;</span>AddEmployeeServlet<span class="code-tag">&lt;/servlet-name&gt;</span>
	    <span class="code-tag">&lt;servlet-class&gt;</span>org.apache.geronimo.samples.timereport.web.AddEmployeeServlet<span class="code-tag">&lt;/servlet-class&gt;</span>
  	<span class="code-tag">&lt;/servlet&gt;</span>
  	
  	<span class="code-tag">&lt;servlet-mapping&gt;</span>
	    <span class="code-tag">&lt;servlet-name&gt;</span>AddTimeRecordServlet<span class="code-tag">&lt;/servlet-name&gt;</span>
	    <span class="code-tag">&lt;url-pattern&gt;</span>/employee/add_timerecord<span class="code-tag">&lt;/url-pattern&gt;</span>
    <span class="code-tag">&lt;/servlet-mapping&gt;</span>
    <span class="code-tag">&lt;servlet-mapping&gt;</span>
	    <span class="code-tag">&lt;servlet-name&gt;</span>AddEmployeeServlet<span class="code-tag">&lt;/servlet-name&gt;</span>
	    <span class="code-tag">&lt;url-pattern&gt;</span>/manager/add_employee<span class="code-tag">&lt;/url-pattern&gt;</span>
    <span class="code-tag">&lt;/servlet-mapping&gt;</span>
        
<span class="code-tag">&lt;/web-app&gt;</span></pre>
</div></div>

<p>To restrict access to the Add Employee functionality from Time Report page, programmatic authentication has beeen used as in indicated below. </p>
<div class="code" style="border-style: solid; "><div class="codeHeader" style="border-bottom-style: solid; "><b>employee/index.jsp</b></div><div class="codeContent">
<pre class="code-java">...
&lt;BR&gt;
&lt;%<span class="code-keyword">if</span>(request.isUserInRole(<span class="code-quote">"manager"</span>)){%&gt;
&lt;A href=<span class="code-quote">"../manager/"</span>&gt;Add Employees&lt;/A&gt;
&lt;BR&gt;
...</pre>
</div></div>

<p><b>geronimo-application.xml</b> tells the application that there is a database pool that needs to be deployed as well. The <b>security realm</b> configurations are included along with this db pool. The db pool is defined in TimeReportPool.xml and the driver that is needs in order to be deployed is the tranql-connector-ra-1.3.rar file--these two files will reside on the top level layer of the resultant EAR file.</p>

<div class="code" style="border-style: solid; "><div class="codeHeader" style="border-bottom-style: solid; "><b>geronimo-application.xml</b></div><div class="codeContent">
<pre class="code-xml"><span class="code-tag">&lt;?xml version=<span class="code-quote">"1.0"</span> encoding=<span class="code-quote">"UTF-8"</span>?&gt;</span>
<span class="code-tag">&lt;application xmlns=<span class="code-quote">"http://geronimo.apache.org/xml/ns/j2ee/application-1.2"</span>&gt;</span>

    <span class="code-tag">&lt;environment xmlns=<span class="code-quote">"http://geronimo.apache.org/xml/ns/deployment-1.2"</span>&gt;</span>
        <span class="code-tag">&lt;moduleId&gt;</span>
            <span class="code-tag">&lt;groupId&gt;</span>${pom.groupId}<span class="code-tag">&lt;/groupId&gt;</span>
            <span class="code-tag">&lt;artifactId&gt;</span>${pom.artifactId}<span class="code-tag">&lt;/artifactId&gt;</span>
            <span class="code-tag">&lt;version&gt;</span>${version}<span class="code-tag">&lt;/version&gt;</span>
            <span class="code-tag">&lt;type&gt;</span>ear<span class="code-tag">&lt;/type&gt;</span>
        <span class="code-tag">&lt;/moduleId&gt;</span>
    <span class="code-tag">&lt;/environment&gt;</span>
	
    <span class="code-tag">&lt;module&gt;</span>
        <span class="code-tag">&lt;connector&gt;</span>tranql-connector-ra-1.3.rar<span class="code-tag">&lt;/connector&gt;</span>
        <span class="code-tag">&lt;alt-dd&gt;</span>TimeReportPool.xml<span class="code-tag">&lt;/alt-dd&gt;</span>
    <span class="code-tag">&lt;/module&gt;</span>
<span class="code-tag">&lt;/application&gt;</span></pre>
</div></div>

<p><b>TimeReportPool.xml</b> defines two things: the database pool itself and a security realm. As shown, the first part is similar to any other db pool plan. The second part, are the essentials for a security realm plan. By combining the two into a separate file, we can ship a db pool and a security realm with the application so it will require less things to install.</p>

<div class="code" style="border-style: solid; "><div class="codeHeader" style="border-bottom-style: solid; "><b>TimeReportPool.xml</b></div><div class="codeContent">
<pre class="code-xml"><span class="code-tag">&lt;?xml version=<span class="code-quote">"1.0"</span> encoding=<span class="code-quote">"UTF-8"</span>?&gt;</span>
<span class="code-tag">&lt;connector xmlns=<span class="code-quote">"http://geronimo.apache.org/xml/ns/j2ee/connector-1.2"</span>&gt;</span>
    <span class="code-tag">&lt;dep:environment <span class="code-keyword">xmlns:dep</span>=<span class="code-quote">"http://geronimo.apache.org/xml/ns/deployment-1.2"</span>&gt;</span>
        <span class="code-tag">&lt;dep:moduleId&gt;</span>
            <span class="code-tag">&lt;dep:groupId&gt;</span>console.dbpool<span class="code-tag">&lt;/dep:groupId&gt;</span>
            <span class="code-tag">&lt;dep:artifactId&gt;</span>TimeReportPool<span class="code-tag">&lt;/dep:artifactId&gt;</span>
            <span class="code-tag">&lt;dep:version&gt;</span>1.0<span class="code-tag">&lt;/dep:version&gt;</span>
            <span class="code-tag">&lt;dep:type&gt;</span>rar<span class="code-tag">&lt;/dep:type&gt;</span>
        <span class="code-tag">&lt;/dep:moduleId&gt;</span>
        <span class="code-tag">&lt;dep:dependencies&gt;</span>
            <span class="code-tag">&lt;dep:dependency&gt;</span>
                <span class="code-tag">&lt;dep:groupId&gt;</span>org.apache.geronimo.configs<span class="code-tag">&lt;/dep:groupId&gt;</span>
                <span class="code-tag">&lt;dep:artifactId&gt;</span>j2ee-security<span class="code-tag">&lt;/dep:artifactId&gt;</span>
                <span class="code-tag">&lt;dep:type&gt;</span>car<span class="code-tag">&lt;/dep:type&gt;</span>
            <span class="code-tag">&lt;/dep:dependency&gt;</span>
            <span class="code-tag">&lt;dep:dependency&gt;</span>
                <span class="code-tag">&lt;dep:groupId&gt;</span>org.apache.geronimo.configs<span class="code-tag">&lt;/dep:groupId&gt;</span>
                <span class="code-tag">&lt;dep:artifactId&gt;</span>system-database<span class="code-tag">&lt;/dep:artifactId&gt;</span>
                <span class="code-tag">&lt;dep:type&gt;</span>car<span class="code-tag">&lt;/dep:type&gt;</span>
            <span class="code-tag">&lt;/dep:dependency&gt;</span>
        <span class="code-tag">&lt;/dep:dependencies&gt;</span>
    <span class="code-tag">&lt;/dep:environment&gt;</span>
	<span class="code-tag"><span class="code-comment">&lt;!--db pool fragment--&gt;</span></span>
    <span class="code-tag">&lt;resourceadapter&gt;</span>
        <span class="code-tag">&lt;outbound-resourceadapter&gt;</span>
            <span class="code-tag">&lt;connection-definition&gt;</span>
                <span class="code-tag">&lt;connectionfactory-interface&gt;</span>javax.sql.DataSource<span class="code-tag">&lt;/connectionfactory-interface&gt;</span>
                <span class="code-tag">&lt;connectiondefinition-instance&gt;</span>
                    <span class="code-tag">&lt;name&gt;</span>TimeReportPool<span class="code-tag">&lt;/name&gt;</span>
                    <span class="code-tag">&lt;config-property-setting name=<span class="code-quote">"Driver"</span>&gt;</span>org.apache.derby.jdbc.EmbeddedDriver<span class="code-tag">&lt;/config-property-setting&gt;</span>
                    <span class="code-tag">&lt;config-property-setting name=<span class="code-quote">"UserName"</span>&gt;</span>app<span class="code-tag">&lt;/config-property-setting&gt;</span>
                    <span class="code-tag">&lt;config-property-setting name=<span class="code-quote">"ConnectionURL"</span>&gt;</span>jdbc:derby:TimeReportDB<span class="code-tag">&lt;/config-property-setting&gt;</span>
                    <span class="code-tag">&lt;connectionmanager&gt;</span>
                        <span class="code-tag">&lt;local-transaction/&gt;</span>
                        <span class="code-tag">&lt;single-pool&gt;</span>
                            <span class="code-tag">&lt;max-size&gt;</span>10<span class="code-tag">&lt;/max-size&gt;</span>
                            <span class="code-tag">&lt;min-size&gt;</span>0<span class="code-tag">&lt;/min-size&gt;</span>
                            <span class="code-tag">&lt;match-one/&gt;</span>
                        <span class="code-tag">&lt;/single-pool&gt;</span>
                    <span class="code-tag">&lt;/connectionmanager&gt;</span>
                <span class="code-tag">&lt;/connectiondefinition-instance&gt;</span>
            <span class="code-tag">&lt;/connection-definition&gt;</span>
        <span class="code-tag">&lt;/outbound-resourceadapter&gt;</span>
    <span class="code-tag">&lt;/resourceadapter&gt;</span>
	<span class="code-tag"><span class="code-comment">&lt;!--security realm fragment--&gt;</span></span>
	<span class="code-tag">&lt;gbean name=<span class="code-quote">"TimeReportRealm"</span> class=<span class="code-quote">"org.apache.geronimo.security.realm.GenericSecurityRealm"</span>&gt;</span>
		<span class="code-tag">&lt;attribute name=<span class="code-quote">"realmName"</span>&gt;</span>TimeReportRealm<span class="code-tag">&lt;/attribute&gt;</span>
		<span class="code-tag">&lt;reference name=<span class="code-quote">"ServerInfo"</span>&gt;</span>
			<span class="code-tag">&lt;name&gt;</span>ServerInfo<span class="code-tag">&lt;/name&gt;</span>
		<span class="code-tag">&lt;/reference&gt;</span>
		<span class="code-tag">&lt;xml-reference name=<span class="code-quote">"LoginModuleConfiguration"</span>&gt;</span>
			<span class="code-tag">&lt;log:login-config <span class="code-keyword">xmlns:log</span>=<span class="code-quote">"http://geronimo.apache.org/xml/ns/loginconfig-1.1"</span>&gt;</span>
				<span class="code-tag">&lt;log:login-module control-flag=<span class="code-quote">"REQUIRED"</span> wrap-principals=<span class="code-quote">"false"</span>&gt;</span>
					<span class="code-tag">&lt;log:login-domain-name&gt;</span>TimeReportRealm<span class="code-tag">&lt;/log:login-domain-name&gt;</span>
					<span class="code-tag">&lt;log:login-module-class&gt;</span>org.apache.geronimo.security.realm.providers.SQLLoginModule<span class="code-tag">&lt;/log:login-module-class&gt;</span>
					<span class="code-tag">&lt;log:option name=<span class="code-quote">"jdbcDriver"</span>&gt;</span>org.apache.derby.jdbc.EmbeddedDriver<span class="code-tag">&lt;/log:option&gt;</span>
					<span class="code-tag">&lt;log:option name=<span class="code-quote">"jdbcUser"</span>&gt;</span>app<span class="code-tag">&lt;/log:option&gt;</span>
					<span class="code-tag">&lt;log:option name=<span class="code-quote">"userSelect"</span>&gt;</span>select userid, password from users where userid=?<span class="code-tag">&lt;/log:option&gt;</span>
					<span class="code-tag">&lt;log:option name=<span class="code-quote">"groupSelect"</span>&gt;</span>select userid, groupname from usergroups where userid=?<span class="code-tag">&lt;/log:option&gt;</span>
					<span class="code-tag">&lt;log:option name=<span class="code-quote">"jdbcURL"</span>&gt;</span>jdbc:derby:TimeReportDB<span class="code-tag">&lt;/log:option&gt;</span>
				<span class="code-tag">&lt;/log:login-module&gt;</span>
			<span class="code-tag">&lt;/log:login-config&gt;</span>
		<span class="code-tag">&lt;/xml-reference&gt;</span>
	<span class="code-tag">&lt;/gbean&gt;</span>
<span class="code-tag">&lt;/connector&gt;</span></pre>
</div></div>

<h2><a name="WebApplicationSecuritySample-Toolsused"></a>Tools used</h2>
<p>The tools used for developing and building the Time Reporting sample application are:</p>

<h3><a name="WebApplicationSecuritySample-ApacheMaven2"></a>Apache Maven 2</h3>
<p>Maven is a popular open source build tool for enterprise Java projects, designed to take much of the hard work out of the build process. Maven uses a declarative approach, where the project structure and contents are described, rather than the task-based approach used in Ant or in traditional make files, for example. This helps enforce company-wide development standards and reduces the time needed to write and maintain build scripts. The declarative, lifecycle-based approach used by Maven 1 is, for many, a radical departure from more traditional build techniques, and Maven 2 goes even further in this regard. Maven 2 can be download from the following URL:<br/>
<span class="nobr"><a href="http://maven.apache.org" title="Visit page outside Confluence" rel="nofollow">http://maven.apache.org<sup><img class="rendericon" src="/confluence/images/icons/linkext7.gif" height="7" width="7" align="absmiddle" alt="" border="0"/></sup></a></span></p>

<h1><a name="WebApplicationSecuritySample-Configuring%2CBuildingandDeployingtheSampleApplication"></a>Configuring, Building and Deploying the Sample Application <a name="WebApplicationSecuritySample-configure"></a></h1>

<p>Download the Time Reporting application from the following link:<br/>
<span class="error">&#91;Time Report|^timereport_.zip&#93;</span></p>

<p>After extracting the zip file, the &lt;time_report&gt; directory is created.</p>

<h2><a name="WebApplicationSecuritySample-SourceCode"></a>Source Code</h2>

<p>You can checkout the source code of this sample from SVN:</p>

<p>svn checkout <span class="nobr"><a href="http://svn.apache.org/repos/asf/geronimo/samples/trunk/samples/timereport" title="Visit page outside Confluence" rel="nofollow">http://svn.apache.org/repos/asf/geronimo/samples/trunk/samples/timereport<sup><img class="rendericon" src="/confluence/images/icons/linkext7.gif" height="7" width="7" align="absmiddle" alt="" border="0"/></sup></a></span></p>

<h2><a name="WebApplicationSecuritySample-Configuring"></a>Configuring</h2>
<p>Since Time Reporting application is going to use J2EE declarative security, user needs to create a database to hold the information and deploy the security realm.</p>

<h3><a name="WebApplicationSecuritySample-CreateDatabasetoholdUserInformation"></a>Create Database to hold User Information</h3>
<p>After starting Apache Geronimo server, log into the console and follow the given steps to create the <b>TimeReportDB</b> to hold user information for the application.</p>

<div class="preformatted" style="border-style: solid; "><div class="preformattedHeader" style="border-bottom-style: solid; "><b>TimeReportDB.sql</b></div><div class="preformattedContent">
<pre>CREATE TABLE users(
	userid VARCHAR(15) PRIMARY KEY,
	password VARCHAR(15),
	name VARCHAR(40)
);

CREATE TABLE usergroups(
	userid VARCHAR(15),
	groupname VARCHAR(20),
	PRIMARY KEY (userid, groupname)
);

INSERT INTO users VALUES('emp1', 'pass1', 'Employee 1');
INSERT INTO users VALUES('emp2', 'pass2', 'Employee 2');
INSERT INTO users VALUES('mgm1', 'pass3', 'Manager 1');
INSERT INTO users VALUES('mgm2', 'pass4', 'Manager 2');

INSERT INTO usergroups VALUES('emp1', 'EmployeeGroup');
INSERT INTO usergroups VALUES('emp2', 'EmployeeGroup');
INSERT INTO usergroups VALUES('mgm1', 'ManagerGroup');
INSERT INTO usergroups VALUES('mgm2', 'ManagerGroup');
</pre>
</div></div>

<ol>
	<li>Select <b>DB Manager</b> link from the <b>Console Navigation</b> in the left.</li>
	<li>Give the database name as <b>TimeReportDB</b> in the <b>Create DB</b> field and click <b>Create</b> button.</li>
	<li>Select TimeReportDB to the <b>Use DB</b> field.</li>
	<li>Open <b>TimeReportDB.sql</b> in the <b>time_report/config</b> directory.</li>
	<li>Paste the content <b>TimeReportDB.sql</b> to the <b>SQL Commands</b> text area and press <b>Run SQL</b> button.</li>
</ol>


<h2><a name="WebApplicationSecuritySample-Building"></a>Building</h2>
<p>Time Report application comes with an pom.xml to help users to build from source code. Open a command prompt window and navigate to the <b>timereport</b> directory and just give <b>mvn install site</b> command to build. This will create a <b>timereport-ear-2.0-SNAPSHOT.ear</b> under the <b>timereport</b> folder. Now, you are ready to deploy the Time Report application in the Geronimo Application server.</p>

<h2><a name="WebApplicationSecuritySample-Deploying"></a>Deploying</h2>
<p>Deploying the sample application is pretty straight forward, since we are using the Geronimo Console. </p>
<ol>
	<li>Scroll down to <b>Deploy New</b> from the <b>Console Navigation</b> panel.</li>
	<li>Load <b>timereport-ear-2.0-SNAPSHOT.ear</b> from <b>time_report</b> folder in to the <b>Archive</b> input box.</li>
	<li>Press <b>Install</b> button to deploy application in the server.</li>
</ol>


<p><a href="#WebApplicationSecuritySample-top" title="top on Web Application Security Sample">Back to Top</a></p>

<h1><a name="WebApplicationSecuritySample-TestingoftheSampleApplication"></a>Testing of the Sample Application <a name="WebApplicationSecuritySample-testing"></a></h1>

<p>To test the sample application open a browser and type <span class="nobr"><a href="http://localhost:8080/timereport" title="Visit page outside Confluence" rel="nofollow">http://localhost:8080/timereport<sup><img class="rendericon" src="/confluence/images/icons/linkext7.gif" height="7" width="7" align="absmiddle" alt="" border="0"/></sup></a></span>. It will forward to the Welcome page of the application.</p>

<p>User can access Time Report page providing username as <b>emp1</b> and password with <b>pass1</b>. To login to the application as a Manager provide <b>mgm1</b> and <b>pass3</b> credentials.</p>

<h1><a name="WebApplicationSecuritySample-Summary"></a>Summary <a name="WebApplicationSecuritySample-summary"></a></h1>

<p>This article has shown you how to deploy web application in to the Geronimo Application server with J2EE declarative security features. You followed step-by-step instructions to build, deploy and test the sample application.</p>

<p>Some highlights of the article are:-</p>
<ul>
	<li>Apache Geronimo provides two different web containers namely Jetty and Tomcat.</li>
	<li>Create a database to hold security data with built-in Derby.</li>
	<li>Define security roles in Geronimo Web applications.</li>
	<li>Deploy deployment plans and web archives using the Geronimo Console.</li>
</ul>
</div>


</td></tr></table></div>
<p>
<table border="0" cellpadding="0" cellspacing="0" width="100%">
    <tr>
        <td height="12" background="http://cwiki.apache.org/confluence/images/border/border_bottom.gif"><img src="http://cwiki.apache.org/confluence/images/border/spacer.gif" width="1" height="1" border="0"/></td>
    </tr>
</table>

<div class="smalltext">
    Powered by
    <a href="http://www.atlassian.com/software/confluence/default.jsp?clicked=footer" class="smalltext">Atlassian Confluence</a>
    (Version: 2.2.9 Build:#527 Sep 07, 2006)
    -
    <a href="http://jira.atlassian.com/secure/BrowseProject.jspa?id=10470" class="smalltext">Bug/feature request</a><br/>
    <br>
    <a href="http://cwiki.apache.org/confluence/users/viewnotifications.action">Unsubscribe or edit your notifications preferences</a>

</div>

</body>
</html>


Mime
View raw message