| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
| xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" |
| version="3.1"> |
| |
| <display-name>Fortress Web Admin</display-name> |
| |
| <context-param> |
| <param-name>contextConfigLocation</param-name> |
| <param-value>classpath:applicationContext.xml</param-value> |
| </context-param> |
| <listener> |
| <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> |
| </listener> |
| |
| <filter> |
| <filter-name>HomePageApplication</filter-name> |
| <filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class> |
| <init-param> |
| <param-name>applicationClassName</param-name> |
| <param-value>org.apache.directory.fortress.web.HomePageApplication</param-value> |
| </init-param> |
| </filter> |
| |
| <!-- The WicketSesionFilter can be used to provide thread local access to servlets/ JSPs/ etc --> |
| <filter> |
| <filter-name>WicketSessionFilter</filter-name> |
| <filter-class>org.apache.wicket.protocol.http.servlet.WicketSessionFilter</filter-class> |
| <init-param> |
| <param-name>filterName</param-name> |
| <!-- expose the session of the input example app --> |
| <param-value>FormInputApplication</param-value> |
| </init-param> |
| </filter> |
| |
| <!-- Begin SPRING Security configs: --> |
| <filter> |
| <filter-name>filterChainProxy</filter-name> |
| <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> |
| </filter> |
| |
| <filter-mapping> |
| <filter-name>filterChainProxy</filter-name> |
| <url-pattern>/*</url-pattern> |
| </filter-mapping> |
| <!-- End SPRING configs: --> |
| |
| <filter-mapping> |
| <filter-name>HomePageApplication</filter-name> |
| <url-pattern>/*</url-pattern> |
| <dispatcher>REQUEST</dispatcher> |
| <dispatcher>INCLUDE</dispatcher> |
| </filter-mapping> |
| |
| <error-page> |
| <error-code>403</error-code> |
| <location>/login/unauthorized.html</location> |
| </error-page> |
| <error-page> |
| <error-code>404</error-code> |
| <location>/login/pagenotfound.html</location> |
| </error-page> |
| <error-page> |
| <error-code>500</error-code> |
| <location>/login/unexpected.html</location> |
| </error-page> |
| |
| <!-- Begin JAVA EE Security configs: --> |
| <security-constraint> |
| <web-resource-collection> |
| <web-resource-name>app</web-resource-name> |
| <url-pattern>/wicket/bookmarkable/org.apache.directory.fortress.web.LogoutPage</url-pattern> |
| </web-resource-collection> |
| <!-- OMIT auth-constraint --> |
| </security-constraint> |
| |
| <security-constraint> |
| <display-name>Fortress Web Security Constraints</display-name> |
| <web-resource-collection> |
| <web-resource-name>Protected Area</web-resource-name> |
| <!-- Define the context-relative URL(s) to be protected --> |
| <url-pattern>/wicket/*</url-pattern> |
| </web-resource-collection> |
| <auth-constraint> |
| <!-- Anyone with one of the listed roles may access this area --> |
| <role-name>ROLE_ADMIN</role-name> |
| <role-name>ROLE_USERS</role-name> |
| <role-name>ROLE_ROLES</role-name> |
| <role-name>ROLE_PERMS</role-name> |
| <role-name>ROLE_SSDS</role-name> |
| <role-name>ROLE_DSDS</role-name> |
| <role-name>ROLE_POLICIES</role-name> |
| <role-name>ROLE_PERMOBJS</role-name> |
| <role-name>ROLE_USEROUS</role-name> |
| <role-name>ROLE_PERMOUS</role-name> |
| <role-name>ROLE_ADMINROLES</role-name> |
| <role-name>ROLE_ADMINOBJS</role-name> |
| <role-name>ROLE_ADMINPERMS</role-name> |
| <role-name>ROLE_AUDIT_AUTHZS</role-name> |
| <role-name>ROLE_AUDIT_MODS</role-name> |
| <role-name>ROLE_AUDIT_BINDS</role-name> |
| <role-name>ROLE_GROUPS</role-name> |
| </auth-constraint> |
| </security-constraint> |
| |
| <!-- Use form-based authentication --> |
| <login-config> |
| <auth-method>FORM</auth-method> |
| <realm-name>FortressSecurityRealm</realm-name> |
| <form-login-config> |
| <form-login-page>/login/login.html</form-login-page> |
| <form-error-page>/login/error.html</form-error-page> |
| </form-login-config> |
| </login-config> |
| |
| <!-- Security roles referenced by this web application --> |
| <security-role> |
| <role-name>ROLE_ADMIN</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_USERS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_ROLES</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_PERMS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_SSDS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_DSDS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_POLICIES</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_PERMOBJS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_USEROUS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_PERMOUS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_ADMINROLES</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_ADMINOBJS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_ADMINPERMS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_AUDIT_AUTHZS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_AUDIT_MODS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_AUDIT_BINDS</role-name> |
| </security-role> |
| <security-role> |
| <role-name>ROLE_GROUPS</role-name> |
| </security-role> |
| </web-app> |