portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jf...@apache.org
Subject cvs commit: jakarta-jetspeed/etc fusion-web.xml
Date Thu, 12 Aug 2004 12:55:07 GMT
jford       2004/08/12 05:55:05

  Modified:    etc      fusion-web.xml
  Log:
  Added security roles and constraints
  
  Revision  Changes    Path
  1.2       +75 -3     jakarta-jetspeed/etc/fusion-web.xml
  
  Index: fusion-web.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/etc/fusion-web.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- fusion-web.xml	30 Jul 2004 19:16:58 -0000	1.1
  +++ fusion-web.xml	12 Aug 2004 12:55:04 -0000	1.2
  @@ -15,8 +15,8 @@
   limitations under the License.
   -->
   <!DOCTYPE web-app
  -    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
  -    "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd">
  +    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
  +    "http://java.sun.com/dtd/web-app_2_3.dtd">
   
   <web-app>
       <display-name>Jetspeed Enterprise Information Portal</display-name>
  @@ -43,6 +43,23 @@
               <param-value>org.apache.jetspeed.services.logging.JetspeedLoggingService</param-value>
           
           </init-param>    
           <load-on-startup>1</load-on-startup>
  +
  +        <!--
  +        <security-role-ref>
  +          <role-name>user</role-name>  <!-//-Jetspeed role name, passed
to isUserInRole-//->
  +          <role-link>user</role-link>  <!-//-tomcat role name-//->
  +        </security-role-ref>
  +
  +        <security-role-ref>
  +          <role-name>admin</role-name>
  +          <role-link>admin</role-link>
  +        </security-role-ref>
  +
  +        <security-role-ref>
  +          <role-name>guest</role-name>
  +          <role-link>guest</role-link>
  +        </security-role-ref>
  +        -->
       </servlet>
   
       <servlet-mapping>
  @@ -90,5 +107,60 @@
         <res-type>javax.sql.DataSource</res-type>
         <res-auth>Container</res-auth>
     </resource-ref>
  -
  +  
  +  <!--
  +  <security-constraint>
  +      <display-name>Jetspeed Security</display-name>
  +      <web-resource-collection>
  +         <web-resource-name>Protected Area</web-resource-name>
  +           <!-//- Define the context-relative URL(s) to be protected -//->
  +         <url-pattern>/*</url-pattern>
  +     <!-//- If you list http methods, only those methods are protected -//->
  +     <http-method>DELETE</http-method>
  +       <http-method>GET</http-method>
  +       <http-method>POST</http-method>
  +     <http-method>PUT</http-method>
  +
  +      </web-resource-collection>
  +      <auth-constraint>
  +         <!-//- Anyone with one of the listed roles may access this area -//->
  +         <role-name>user</role-name>
  +         <role-name>admin</role-name>
  +      </auth-constraint>
  +      
  +      <!-//-
  +      <user-data-constraint>
  +        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  +      </user-data-constraint>
  +      -//->
  +    </security-constraint>
  +    
  +    <login-config>
  +      <auth-method>BASIC</auth-method>
  +      <realm-name>Jetspeed BASIC Authentication</realm-name>
  +    </login-config>
  +    
  +    <!-//- Default login configuration uses form-based authentication -//->
  +    <!-//-
  +    <login-config>
  +      <auth-method>FORM</auth-method>
  +      <realm-name>Example Form-Based Authentication Area</realm-name>
  +      <form-login-config>
  +        <form-login-page>/jsp/security/protected/login.jsp</form-login-page>
  +        <form-error-page>/jsp/security/protected/error.jsp</form-error-page>
  +      </form-login-config>
  +    </login-config>
  +    -//->
  +    
  +    <!-//- Security roles referenced by this web application -//->
  +    <security-role>
  +      <role-name>admin</role-name>
  +    </security-role>
  +    <security-role>
  +      <role-name>user</role-name>
  +    </security-role>
  +    <security-role>
  +      <role-name>guest</role-name>
  +    </security-role>
  +    -->
   </web-app>
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message