Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Tree: 41a837f8cd
Branches Tags
spring-security
/
samples
/
contacts
/
etc
/
ca
/
web.xml

web.xml 4.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143 
  1. <?xml version="1.0" encoding="UTF-8"?>
    2. 

  2. <!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
    3. 

  3. 

  4. <!--
    5. 

  5.   - Contacts web application
    6. 

  6.   - $Id$
    7. 

  7.   - File will be copied into WAR's WEB-INF directory if using container adapter
    8. 

  8.   -->
    9. 

  9. 

  10. <web-app>
    11. 

  11. 

  12.     <display-name>Contacts Sample Application</display-name>
    13. 

  13.     
    14. 

  14. 	<description>
    15. 

  15.     	Example of an application secured using Acegi Security System for Spring.
    16. 

  16.     </description>
    17. 

  17. 

  18. 	<!--
    19. 

  19. 	  - Location of the XML file that defines the root application context
    20. 

  20. 	  - Applied by ContextLoaderListener.
    21. 

  21. 	  -->
    22. 

  22. 	<context-param>
    23. 

  23. 		<param-name>contextConfigLocation</param-name>
    24. 

  24. 		<param-value>/WEB-INF/applicationContext.xml</param-value>
    25. 

  25. 	</context-param>
    26. 

  26. 

  27.     <filter>
    28. 

  28.         <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
    29. 

  29.         <filter-class>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</filter-class>
    30. 

  30.     </filter>
    31. 

  31. 

  32.     <filter>
    33. 

  33.         <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
    34. 

  34.         <filter-class>net.sf.acegisecurity.ui.AutoIntegrationFilter</filter-class>
    35. 

  35.     </filter>
    36. 

  36. 

  37.     <filter-mapping>
    38. 

  38.       <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
    39. 

  39.       <url-pattern>/*</url-pattern>
    40. 

  40.     </filter-mapping>
    41. 

  41. 

  42.     <filter-mapping>
    43. 

  43.       <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
    44. 

  44.       <url-pattern>/*</url-pattern>
    45. 

  45.     </filter-mapping>
    46. 

  46. 

  47. 	<!--
    48. 

  48. 	  - Loads the root application context of this web app at startup,
    49. 

  49. 	  - by default from "/WEB-INF/applicationContext.xml".
    50. 

  50. 	  - Use WebApplicationContextUtils.getWebApplicationContext(servletContext)
    51. 

  51. 	  - to access it anywhere in the web application, outside of the framework.
    52. 

  52.     -->
    53. 

  53. 	<listener>
    54. 

  54. 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    55. 

  55. 	</listener>
    56. 

  56. 

  57.   <!--
    58. 

  58.     - Servlet that dispatches request to registered handlers (Controller implementations).
    59. 

  59.     - Has its own application context, by default defined in "{servlet-name}-servlet.xml",
    60. 

  60.     - i.e. "contacts-servlet.xml".
    61. 

  61.     -
    62. 

  62.     - A web app can contain any number of such servlets.
    63. 

  63.     - Note that this web app does not have a shared root application context,
    64. 

  64.     - therefore the DispatcherServlet contexts do not have a common parent.
    65. 

  65.     -->
    66. 

  66. 	<servlet>
    67. 

  67. 		<servlet-name>contacts</servlet-name>
    68. 

  68. 		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    69. 

  69. 		<load-on-startup>1</load-on-startup>
    70. 

  70. 	</servlet>
    71. 

  71. 

  72. 	<servlet>
    73. 

  73. 		<servlet-name>caucho</servlet-name>
    74. 

  74. 		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    75. 

  75. 		<load-on-startup>2</load-on-startup>
    76. 

  76. 	</servlet>
    77. 

  77. 

  78.   <!--
    79. 

  79.     - Maps the contacts dispatcher to /*.
    80. 

  80.     -
    81. 

  81.    -->
    82. 

  82. 	<servlet-mapping>
    83. 

  83.     	<servlet-name>contacts</servlet-name>
    84. 

  84.     	<url-pattern>*.htm</url-pattern>
    85. 

  85.  	</servlet-mapping>
    86. 

  86.   
    87. 

  87.   <!--
    88. 

  88. 	- Dispatcher servlet mapping for HTTP remoting via the Caucho protocols,
    89. 

  89. 	- i.e. Hessian and Burlap (see caucho-servlet.xml for the controllers).
    90. 

  90.    -->
    91. 

  91. 	<servlet-mapping>
    92. 

  92. 		<servlet-name>caucho</servlet-name>
    93. 

  93. 		<url-pattern>/caucho/*</url-pattern>
    94. 

  94. 	</servlet-mapping>
    95. 

  95. 

  96.  	<welcome-file-list>
    97. 

  97. 		<welcome-file>index.jsp</welcome-file>
    98. 

  98. 	</welcome-file-list>
    99. 

  99. 

  100.   	<taglib>
    101. 

  101.       <taglib-uri>/spring</taglib-uri>
    102. 

  102.       <taglib-location>/WEB-INF/spring.tld</taglib-location>
    103. 

  103.   	</taglib>
    104. 

  104. 

  105.     <security-constraint>
    106. 

  106.       <display-name>Secured Area Security Constraint</display-name>
    107. 

  107.       <web-resource-collection>
    108. 

  108.          <web-resource-name>Secured Area</web-resource-name>
    109. 

  109.          <url-pattern>/secure/*</url-pattern>
    110. 

  110.       </web-resource-collection>
    111. 

  111.       <auth-constraint>
    112. 

  112.          <role-name>ROLE_TELLER</role-name>
    113. 

  113. 	     <role-name>ROLE_SUPERVISOR</role-name>
    114. 

  114.       </auth-constraint>
    115. 

  115.     </security-constraint>
    116. 

  116. 

  117.     <!-- Default login configuration using BASIC authentication -->
    118. 

  118. 	<!--
    119. 

  119. 	<login-config>
    120. 

  120.       <auth-method>BASIC</auth-method>
    121. 

  121.       <realm-name>Spring Powered Realm</realm-name>
    122. 

  122. 	</login-config>
    123. 

  123.     -->
    124. 

  124.   
    125. 

  125.     <!-- Default login configuration using form-based authentication -->
    126. 

  126.     <login-config>
    127. 

  127.       <auth-method>FORM</auth-method>
    128. 

  128.       <realm-name>Spring Powered Realm</realm-name>
    129. 

  129.       <form-login-config>
    130. 

  130.         <form-login-page>/login.jsp</form-login-page>
    131. 

  131.         <form-error-page>/login.jsp?login_error=1</form-error-page>
    132. 

  132.       </form-login-config>
    133. 

  133.     </login-config>
    134. 

  134. 

  135.     <!-- Security roles referenced by this web application -->
    136. 

  136.     <security-role>
    137. 

  137.       <role-name>ROLE_SUPERVISOR</role-name>
    138. 

  138.     </security-role>
    139. 

  139.     <security-role>
    140. 

  140.       <role-name>ROLE_TELLER</role-name>
    141. 

  141.     </security-role>    
    142. 

  142. 

  143. </web-app>
    144.