You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
147 lines
4.7 KiB
147 lines
4.7 KiB
<?xml version="1.0" encoding="UTF-8"?> |
|
<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'> |
|
|
|
<!-- |
|
- Contacts web application |
|
- $Id$ |
|
- File will be copied into WAR's WEB-INF directory if using container adapter |
|
--> |
|
|
|
<web-app> |
|
|
|
<display-name>Contacts Sample Application</display-name> |
|
|
|
<description> |
|
Example of an application secured using Acegi Security System for Spring. |
|
</description> |
|
|
|
<!-- |
|
- Location of the XML file that defines the root application context |
|
- Applied by ContextLoaderListener. |
|
--> |
|
<context-param> |
|
<param-name>contextConfigLocation</param-name> |
|
<param-value>/WEB-INF/applicationContext.xml</param-value> |
|
</context-param> |
|
|
|
<filter> |
|
<filter-name>Acegi HTTP BASIC Authorization Filter</filter-name> |
|
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class> |
|
<init-param> |
|
<param-name>targetClass</param-name> |
|
<param-value>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</param-value> |
|
</init-param> |
|
</filter> |
|
|
|
<filter> |
|
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name> |
|
<filter-class>net.sf.acegisecurity.ui.AutoIntegrationFilter</filter-class> |
|
</filter> |
|
|
|
<filter-mapping> |
|
<filter-name>Acegi HTTP BASIC Authorization Filter</filter-name> |
|
<url-pattern>/*</url-pattern> |
|
</filter-mapping> |
|
|
|
<filter-mapping> |
|
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name> |
|
<url-pattern>/*</url-pattern> |
|
</filter-mapping> |
|
|
|
<!-- |
|
- Loads the root application context of this web app at startup, |
|
- by default from "/WEB-INF/applicationContext.xml". |
|
- Use WebApplicationContextUtils.getWebApplicationContext(servletContext) |
|
- to access it anywhere in the web application, outside of the framework. |
|
--> |
|
<listener> |
|
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> |
|
</listener> |
|
|
|
<!-- |
|
- Servlet that dispatches request to registered handlers (Controller implementations). |
|
- Has its own application context, by default defined in "{servlet-name}-servlet.xml", |
|
- i.e. "contacts-servlet.xml". |
|
- |
|
- A web app can contain any number of such servlets. |
|
- Note that this web app does not have a shared root application context, |
|
- therefore the DispatcherServlet contexts do not have a common parent. |
|
--> |
|
<servlet> |
|
<servlet-name>contacts</servlet-name> |
|
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> |
|
<load-on-startup>1</load-on-startup> |
|
</servlet> |
|
|
|
<servlet> |
|
<servlet-name>caucho</servlet-name> |
|
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> |
|
<load-on-startup>2</load-on-startup> |
|
</servlet> |
|
|
|
<!-- |
|
- Maps the contacts dispatcher to /*. |
|
- |
|
--> |
|
<servlet-mapping> |
|
<servlet-name>contacts</servlet-name> |
|
<url-pattern>*.htm</url-pattern> |
|
</servlet-mapping> |
|
|
|
<!-- |
|
- Dispatcher servlet mapping for HTTP remoting via the Caucho protocols, |
|
- i.e. Hessian and Burlap (see caucho-servlet.xml for the controllers). |
|
--> |
|
<servlet-mapping> |
|
<servlet-name>caucho</servlet-name> |
|
<url-pattern>/caucho/*</url-pattern> |
|
</servlet-mapping> |
|
|
|
<welcome-file-list> |
|
<welcome-file>index.jsp</welcome-file> |
|
</welcome-file-list> |
|
|
|
<taglib> |
|
<taglib-uri>/spring</taglib-uri> |
|
<taglib-location>/WEB-INF/spring.tld</taglib-location> |
|
</taglib> |
|
|
|
<security-constraint> |
|
<display-name>Secured Area Security Constraint</display-name> |
|
<web-resource-collection> |
|
<web-resource-name>Secured Area</web-resource-name> |
|
<url-pattern>/secure/*</url-pattern> |
|
</web-resource-collection> |
|
<auth-constraint> |
|
<role-name>ROLE_TELLER</role-name> |
|
<role-name>ROLE_SUPERVISOR</role-name> |
|
</auth-constraint> |
|
</security-constraint> |
|
|
|
<!-- Default login configuration using BASIC authentication --> |
|
<!-- |
|
<login-config> |
|
<auth-method>BASIC</auth-method> |
|
<realm-name>Spring Powered Realm</realm-name> |
|
</login-config> |
|
--> |
|
|
|
<!-- Default login configuration using form-based authentication --> |
|
<login-config> |
|
<auth-method>FORM</auth-method> |
|
<realm-name>Spring Powered Realm</realm-name> |
|
<form-login-config> |
|
<form-login-page>/login.jsp</form-login-page> |
|
<form-error-page>/login.jsp?login_error=1</form-error-page> |
|
</form-login-config> |
|
</login-config> |
|
|
|
<!-- Security roles referenced by this web application --> |
|
<security-role> |
|
<role-name>ROLE_SUPERVISOR</role-name> |
|
</security-role> |
|
<security-role> |
|
<role-name>ROLE_TELLER</role-name> |
|
</security-role> |
|
|
|
</web-app>
|
|
|