| <!-- |
| ~ Copyright (c) 2013, JoshuaTree Software. All rights reserved. |
| --> |
| <!DOCTYPE web-app PUBLIC |
| "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" |
| "http://java.sun.com/dtd/web-app_2_3.dtd" > |
| |
| <web-app> |
| <display-name>Commander Web Admin</display-name> |
| |
| <servlet> |
| <servlet-name>wicket</servlet-name> |
| <servlet-class>org.apache.wicket.protocol.http.WicketServlet</servlet-class> |
| <init-param> |
| <param-name>applicationFactoryClassName</param-name> |
| <param-value>org.apache.wicket.spring.SpringWebApplicationFactory</param-value> |
| </init-param> |
| <init-param> |
| <param-name>applicationBean</param-name> |
| <param-value>wicketApplication</param-value> |
| </init-param> |
| <load-on-startup>1</load-on-startup> |
| </servlet> |
| |
| <context-param> |
| <param-name>contextConfigLocation</param-name> |
| <param-value>classpath:applicationContext.xml</param-value> |
| </context-param> |
| <listener> |
| <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> |
| </listener> |
| |
| <filter> |
| <filter-name>HomePageApplication</filter-name> |
| <filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class> |
| <init-param> |
| <param-name>applicationClassName</param-name> |
| <param-value>us.jts.commander.HomePageApplication</param-value> |
| </init-param> |
| </filter> |
| |
| <!-- The WicketSesionFilter can be used to provide thread local access to servlets/ JSPs/ etc --> |
| <filter> |
| <filter-name>WicketSessionFilter</filter-name> |
| <filter-class>org.apache.wicket.protocol.http.servlet.WicketSessionFilter</filter-class> |
| <init-param> |
| <param-name>filterName</param-name> |
| <!-- expose the session of the input example app --> |
| <param-value>FormInputApplication</param-value> |
| </init-param> |
| </filter> |
| |
| <!-- Begin SPRING Security configs: --> |
| <filter> |
| <filter-name>filterChainProxy</filter-name> |
| <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> |
| </filter> |
| |
| <filter-mapping> |
| <filter-name>filterChainProxy</filter-name> |
| <url-pattern>/*</url-pattern> |
| </filter-mapping> |
| <!-- End SPRING configs: --> |
| |
| <filter-mapping> |
| <filter-name>HomePageApplication</filter-name> |
| <url-pattern>/*</url-pattern> |
| <dispatcher>REQUEST</dispatcher> |
| <dispatcher>INCLUDE</dispatcher> |
| </filter-mapping> |
| |
| <error-page> |
| <error-code>403</error-code> |
| <location>/login/unauthorized.html</location> |
| </error-page> |
| <error-page> |
| <error-code>404</error-code> |
| <location>/login/pagenotfound.html</location> |
| </error-page> |
| <error-page> |
| <error-code>500</error-code> |
| <location>/login/unexpected.html</location> |
| </error-page> |
| |
| <!-- Begin JAVA EE Security configs: --> |
| <!-- Begin JAVA EE Security configs: --> |
| <security-constraint> |
| <display-name>Commander Security Constraint</display-name> |
| <web-resource-collection> |
| <web-resource-name>Protected Area</web-resource-name> |
| <!-- Define the context-relative URL(s) to be protected --> |
| <url-pattern>/wicket/*</url-pattern> |
| <!-- If you list http methods, only those methods are protected --> |
| <!--http-method>GET</http-method--> |
| </web-resource-collection> |
| <auth-constraint> |
| <!-- Anyone with one of the listed roles may access this area --> |
| <role-name>ROLE_ADMIN</role-name> |
| <role-name>ROLE_USERS</role-name> |
| <role-name>ROLE_ROLES</role-name> |
| <role-name>ROLE_PERMS</role-name> |
| <role-name>ROLE_SSDS</role-name> |
| <role-name>ROLE_DSDS</role-name> |
| <role-name>ROLE_POLICIES</role-name> |
| <role-name>ROLE_PERMOBJS</role-name> |
| <role-name>ROLE_USEROUS</role-name> |
| <role-name>ROLE_PERMOUS</role-name> |
| <role-name>ROLE_ADMINROLES</role-name> |
| <role-name>ROLE_ADMINOBJS</role-name> |
| <role-name>ROLE_ADMINPERMS</role-name> |
| <role-name>ROLE_AUDIT_AUTHZS</role-name> |
| <role-name>ROLE_AUDIT_MODS</role-name> |
| <role-name>ROLE_AUDIT_BINDS</role-name> |
| </auth-constraint> |
| </security-constraint> |
| |
| <!-- Default login configuration uses form-based authentication --> |
| <!-- |
| <login-config> |
| <auth-method>BASIC</auth-method> |
| <realm-name>SentrySecurityRealm</realm-name> |
| </login-config> |
| --> |
| <login-config> |
| <auth-method>FORM</auth-method> |
| <realm-name>SentrySecurityRealm</realm-name> |
| <form-login-config> |
| basedir |
| <form-login-page>/login/login.html</form-login-page> |
| <form-error-page>/login/error.html</form-error-page> |
| </form-login-config> |
| </login-config> |
| |
| <!-- Security roles referenced by this web application --> |
| <security-role> |
| <role-name>ROLE_ADMIN</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_USERS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_ROLES</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_PERMS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_SSDS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_DSDS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_POLICIES</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_PERMOBJS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_USEROUS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_PERMOUS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_ADMINROLES</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_ADMINOBJS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_ADMINPERMS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_AUDIT_AUTHZS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_AUDIT_MODS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_AUDIT_BINDS</role-name> |
| </security-role> |
| </web-app> |