Google Git
Sign in
apache / directory-fortress-core / refs/tags/v1.0-RC32 / . / ldap / setup / FortressDemoUsers.xml
blob: d24129741b4bd5b4ded34c58dcf62e1dd9337565 [file] [log] [blame]
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2009-2013. Joshua Tree Software, LLC. All Rights Reserved.
-->
<project basedir="." default="all" name="Fortress Sample Data">
<taskdef classname="us.jts.fortress.ant.FortressAntTask" name="FortressAdmin" >
<classpath path="${java.class.path}"/>
</taskdef>
<target name="all">
<FortressAdmin>
<addcontext>
<context name="${tenant}"/>
</addcontext>
<addcontainer>
<container name="People" description="Fortress People"/>
<container name="Policies" description="Fortress Policies"/>
<container name="RBAC" description="Fortress RBAC Policies"/>
<container name="Roles" parent="RBAC" description="Fortress Roles"/>
<container name="Permissions" parent="RBAC" description="Fortress Permissions"/>
<container name="Constraints" parent="RBAC" description="Fortress Separation of Duty Constraints"/>
<container name="ARBAC" description="Fortress Administrative RBAC Policies"/>
<container name="OS-U" parent="ARBAC" description="Fortress User Organizational Units"/>
<container name="OS-P" parent="ARBAC" description="Fortress Perm Organizational Units"/>
<container name="AdminRoles" parent="ARBAC" description="Fortress AdminRoles"/>
<container name="AdminPerms" parent="ARBAC" description="Fortress Admin Permissions"/>
</addcontainer>
<!-- Begin RBAC Admin Data: -->
<adduser>
<!-- User end time is very early - 8am so this user will fail AuthN if you login after that time. -->
<user userId="demoUser1"
password="password"
description="Demo Test User 1"
ou="demousrs1"
cn="JoeUser1"
sn="User1"
pwPolicy="Test1"
beginTime="0000"
endTime="0800"
beginDate="20090101"
endDate="20990101"
beginLockDate="none"
endLockDate="none"
dayMask="1234567"
timeout="60"
city="Lawrence"
state="KS"
country="US"
addresses="1450 Jayhawk Blvd.,50 Strong Hall"
postalCode="66045"
postOfficeBox="321"
building="50"
departmentNumber="77"
roomNumber="1"
email="joe.user@ku.edu,joe.user@jts.us"
phone="785 864-4700,785-864-4000"
mobile="785 864-4701,785 864-2201"
/>
<user userId="demoUser2" password="password" description="Demo Test User 2" ou="demousrs1" cn="JoeUser2" sn="User2" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="1234567" timeout="60"/>
<!-- Bad User day mask -->
<user userId="demoUser3" password="password" description="Demo Test User 3" ou="demousrs1" cn="JoeUser3" sn="User3" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="17" timeout="60"/>
<user userId="demoUser4" password="password" description="Demo Test User 4" ou="demousrs1" cn="JoeUser4" sn="User4" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="1234567" timeout="60"/>
<!-- Bad Role end time -->
<user userId="demoUser5" password="password" description="Demo Test User 5" ou="demousrs1" cn="JoeUser5" sn="User5" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="1234567" timeout="60"/>
<user userId="demoUser6" password="password" description="Demo Test User 6" ou="demousrs1" cn="JoeUser6" sn="User6" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="1234567" timeout="60"/>
<!-- Bad Role begin date -->
<user userId="demoUser7" password="password" description="Demo Test User 7" ou="demousrs1" cn="JoeUser7" sn="User7" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="1234567" timeout="60"/>
<user userId="demoUser8" password="password" description="Demo Test User 8" ou="demousrs1" cn="JoeUser8" sn="User8" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="1234567" timeout="60"/>
<!-- Bad Role end date -->
<user userId="demoUser9" password="password" description="Demo Test User 9" ou="demousrs1" cn="JoeUser9" sn="User9" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="1234567" timeout="60"/>
<user userId="demoUser10" password="password" description="Demo Test User 10" ou="demousrs1" cn="JoeUser10" sn="User10" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="1234567" timeout="60"/>
<user userId="tcmanager" password="m@nager123" description="Tomcat Manager User" ou="demousrs1" cn="tcmanager" sn="manager" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="1234567" timeout="0"/>
<user userId="wasadmin" password="@dmin123" description="Websphere Console Admin" ou="demousrs1" cn="wasadmin" sn="admin" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="none" endLockDate="none" dayMask="1234567" timeout="0"/>
<user userId="demoAdminUser1"
password="password"
description="Demo Test Admin User 1"
ou="demousrs1"
cn="adminUser1"
sn="adminUser1"
pwPolicy="Test1"
beginTime="0000"
endTime="0000"
beginDate="20090101"
endDate="20990101"
beginLockDate="none"
endLockDate="none"
dayMask="1234567"
timeout="60"/>
</adduser>
<adduserrole>
<userrole userId="demoUser1"
name="role1"
beginTime="0000"
endTime="0000"
beginDate="none"
endDate="none"
beginLockDate="none"
endLockDate="none"
dayMask="all"
timeout="0"/>
<userrole userId="demoUser2" name="role1" beginTime="0000" endTime="0000" beginDate="none" endDate="none" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<userrole userId="demoUser3" name="role1" beginTime="0000" endTime="0000" beginDate="none" endDate="none" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<userrole userId="demoUser4" name="role1" beginTime="0000" endTime="0000" beginDate="none" endDate="none" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<userrole userId="demoUser4" name="EnmasseSuperUser" beginTime="0000" endTime="0000" beginDate="none" endDate="none" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<!-- Bad - role end time -->
<userrole userId="demoUser5" name="role1" beginTime="0700" endTime="0800" beginDate="20100101" endDate="21000101" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<userrole userId="demoUser6" name="role1" beginTime="0000" endTime="0000" beginDate="none" endDate="none" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<!-- Bad - role begin date -->
<userrole userId="demoUser7" name="role1" beginTime="0000" endTime="0000" beginDate="20110110" endDate="21000101" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<userrole userId="demoUser8" name="role1" beginTime="0000" endTime="0000" beginDate="none" endDate="none" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<!-- Bad - role end date -->
<userrole userId="demoUser9" name="role1" beginTime="0000" endTime="0000" beginDate="20100101" endDate="20100608" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<userrole userId="demoUser10" name="role1" beginTime="0000" endTime="0000" beginDate="none" endDate="none" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<userrole userId="tcmanager" name="manager-gui" beginTime="0000" endTime="0000" beginDate="none" endDate="none" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<userrole userId="tcmanager" name="manager" beginTime="0000" endTime="0000" beginDate="none" endDate="none" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
<userrole userId="tcmanager" name="manager-jmx" beginTime="0000" endTime="0000" beginDate="none" endDate="none" beginLockDate="none" endLockDate="none" dayMask="all" timeout="0"/>
</adduserrole>
<addrole>
<role name="role1" description="Tomcat Role 1 for Calendar App"/>
<role name="role2" description="Tomcat Role 2 for Calendar App"/>
<role name="manager-gui" description="Tomcat 7 Manager Role"/>
<role name="manager" description="Tomcat Manager Role"/>
<role name="manager-jmx" description="Tomcat Manager Role"/>
<role name="EnmasseSuperUser" description="Role to access En Masse services"/>
</addrole>
<addadminrole>
<role name="DemoAdminUsers"
description="Test Admin Role for Demo"
osps="demoapps1,demoapps2"
osus="demousrs1,demousrs2"
beginrange="role1"
endrange="role1"
begininclusive="true"
endinclusive="true"/>
</addadminrole>
<adduseradminrole>
<userrole userId="demouser4"
name="DemoAdminUsers"
beginTime="0000"
endTime="0000"
beginDate="none"
endDate="none"
beginLockDate="none"
endLockDate="none"
dayMask="all"
timeout="0"/>
</adduseradminrole>
<addsdset>
<sdset name="DemoSSD1"
description="Demo static separation of duties"
cardinality="2"
settype="STATIC"
setmembers="role1,role2"/>
</addsdset>
<addpwpolicy>
<!-- safe modify must be false iff user can chg pw after reset -->
<policy name="Test1"
minAge="0"
maxAge="2000000"
inHistory="5"
checkQuality="2"
minLength="4"
expireWarning="1000000"
graceLoginLimit="3"
lockout="true"
lockoutDuration="0"
maxFailure="3"
failureCountInterval="0"
mustChange="true"
allowUserChange="true"
safeModify="false" />
</addpwpolicy>
<addpermobj>
<permobj objectName="/cal/cal1.jsp"
description="Fortress Web Demo App Object 1"
ou="demoapps1"
type="Ant"/>
<permobj objectName="/cal/cal2.jsp"
description="Fortress Web Demo App Object 2"
ou="demoapps1"
type="Ant"/>
<!--
<permobj admin="true"
objectName="us.jts.fortress.audit.AuditMgrImpl"
description="AuditMgr Object"
ou="demoapps1" type="Ant"/>
-->
</addpermobj>
<addpermop>
<permop opName="main" objectName="/cal/cal1.jsp" type="Ant"/>
<permop opName="8am" objectName="/cal/cal2.jsp" type="Ant"/>
<permop opName="9am" objectName="/cal/cal2.jsp" type="Ant"/>
<permop opName="10am" objectName="/cal/cal2.jsp" type="Ant"/>
<permop opName="11am" objectName="/cal/cal2.jsp" type="Ant"/>
<permop opName="12pm" objectName="/cal/cal2.jsp" type="Ant"/>
<permop opName="1pm" objectName="/cal/cal2.jsp" type="Ant"/>
<permop opName="2pm" objectName="/cal/cal2.jsp" type="Ant"/>
<permop opName="3pm" objectName="/cal/cal2.jsp" type="Ant"/>
<permop opName="4pm" objectName="/cal/cal2.jsp" type="Ant"/>
<permop opName="5pm" objectName="/cal/cal2.jsp" type="Ant"/>
<permop opName="6pm" objectName="/cal/cal2.jsp" type="Ant"/>
<!--
<permop admin="true" opName="searchBinds" objectName="us.jts.fortress.audit.AuditMgrImpl" type="Ant"/>
<permop admin="true" opName="searchAuthZs" objectName="us.jts.fortress.audit.AuditMgrImpl" type="Ant"/>
<permop admin="true" opName="getUserAuthZs" objectName="us.jts.fortress.audit.AuditMgrImpl" type="Ant"/>
<permop admin="true" opName="searchUserSessions" objectName="us.jts.fortress.audit.AuditMgrImpl" type="Ant"/>
<permop admin="true" opName="searchAdminMods" objectName="us.jts.fortress.audit.AuditMgrImpl" type="Ant"/>
<permop admin="true" opName="searchInvalidUsers" objectName="us.jts.fortress.audit.AuditMgrImpl" type="Ant"/>
-->
</addpermop>
<addpermgrant>
<permgrant objName="/cal/cal1.jsp" opName="main" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="8am" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="10am" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="12pm" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="2pm" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="4pm" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="6pm" roleNm="role1"/>
<!--
<permgrant admin="true" objName="us.jts.fortress.audit.AuditMgrImpl" opName="searchBinds" roleNm="DemoAdminUsers"/>
<permgrant admin="true" objName="us.jts.fortress.audit.AuditMgrImpl" opName="searchAuthZs" roleNm="DemoAdminUsers"/>
<permgrant admin="true" objName="us.jts.fortress.audit.AuditMgrImpl" opName="getUserAuthZs" roleNm="DemoAdminUsers"/>
<permgrant admin="true" objName="us.jts.fortress.audit.AuditMgrImpl" opName="searchUserSessions" roleNm="DemoAdminUsers"/>
<permgrant admin="true" objName="us.jts.fortress.audit.AuditMgrImpl" opName="searchAdminMods" roleNm="DemoAdminUsers"/>
<permgrant admin="true" objName="us.jts.fortress.audit.AuditMgrImpl" opName="searchInvalidUsers" roleNm="DemoAdminUsers"/>
-->
</addpermgrant>
<!-- Begin ARBAC Delegated Admin Data: -->
<addorgunit>
<orgunit name="demousrs1" typeName="USER" description="Test User Org 1 for User on Tomcat Calendar App"/>
<orgunit name="demousrs2" typename="USER" description="Test User Org 2 for User on Tomcat Calendar App"/>
<orgunit name="demoapps1" typeName="PERM" description="Test Perm Org 1 for Permission on Tomcat Calendar App"/>
<orgunit name="demoapps2" typename="PERM" description="Test Perm Org 2 for Permission on Tomcat Calendar App"/>
</addorgunit>
</FortressAdmin>
</target>
</project>