| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| ~ Licensed to the Apache Software Foundation (ASF) under one |
| ~ or more contributor license agreements. See the NOTICE file |
| ~ distributed with this work for additional information |
| ~ regarding copyright ownership. The ASF licenses this file |
| ~ to you under the Apache License, Version 2.0 (the |
| ~ "License"); you may not use this file except in compliance |
| ~ with the License. You may obtain a copy of the License at |
| ~ |
| ~ http://www.apache.org/licenses/LICENSE-2.0 |
| ~ |
| ~ Unless required by applicable law or agreed to in writing, |
| ~ software distributed under the License is distributed on an |
| ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| ~ KIND, either express or implied. See the License for the |
| ~ specific language governing permissions and limitations |
| ~ under the License. |
| --> |
| <web-app version="2.4" |
| xmlns="http://java.sun.com/xml/ns/j2ee" |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
| xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> |
| |
| <!-- =================================================================== |
| - Context parameters |
| - =================================================================== --> |
| <context-param> |
| <param-name>contextConfigLocation</param-name> |
| <param-value> |
| /WEB-INF/applicationContext.xml |
| </param-value> |
| </context-param> |
| |
| <!-- |
| - Key of the system property that should specify the root directory of this |
| - web app. Applied by WebAppRootListener or Log4jConfigListener. |
| --> |
| <context-param> |
| <param-name>webAppRootKey</param-name> |
| <param-value>jsecurity-spring-hibernate-sample.webapp.root</param-value> |
| </context-param> |
| |
| <!-- =================================================================== |
| - Servlet listeners |
| - =================================================================== --> |
| <listener> |
| <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class> |
| </listener> |
| <listener> |
| <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> |
| </listener> |
| |
| <!-- =================================================================== |
| - Filters |
| - =================================================================== --> |
| <filter> |
| <filter-name>openSessionInViewFilter</filter-name> |
| <filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilter</filter-class> |
| </filter> |
| |
| <filter> |
| <filter-name>JSecurityFilter</filter-name> |
| <filter-class>org.apache.ki.spring.SpringJSecurityFilter</filter-class> |
| <init-param> |
| <param-name>config</param-name> |
| <param-value> |
| |
| # The JSecurityFilter configuration is very powerful and flexible, while still remaining succinct. |
| # Please read the comprehensive example, with full comments and explanations, in the JavaDoc: |
| # |
| # http://www.jsecurity.org/api/org/jsecurity/web/servlet/JSecurityFilter.html |
| |
| # If you'd prefer to not have this configuration in web.xml, you can create a file called jsecurity.ini |
| # in the root of your classpath and JSecurity will automatically pick it up. |
| |
| [filters] |
| # Override the authentication filter to pass thru so we can handle login logic in our controller |
| authc = org.ki.web.filter.authc.PassThruAuthenticationFilter |
| jsecurity.loginUrl = /s/login |
| jsecurity.unauthorizedUrl = /unauthorized.jsp |
| authc.successUrl = /s/home |
| |
| [urls] |
| /s/signup=anon |
| /s/manageUsers=perms[user:manage] |
| /s/**=authc |
| </param-value> |
| </init-param> |
| |
| </filter> |
| |
| <filter-mapping> |
| <filter-name>openSessionInViewFilter</filter-name> |
| <url-pattern>/s/*</url-pattern> |
| </filter-mapping> |
| |
| <filter-mapping> |
| <filter-name>JSecurityFilter</filter-name> |
| <url-pattern>/s/*</url-pattern> |
| </filter-mapping> |
| |
| <!-- =================================================================== |
| - Servlets |
| - =================================================================== --> |
| <servlet> |
| <servlet-name>sprhib</servlet-name> |
| <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> |
| <load-on-startup>1</load-on-startup> |
| </servlet> |
| |
| <servlet-mapping> |
| <servlet-name>sprhib</servlet-name> |
| <url-pattern>/s/*</url-pattern> |
| </servlet-mapping> |
| |
| |
| <!-- =================================================================== |
| - Welcome file list |
| - =================================================================== --> |
| <welcome-file-list> |
| <welcome-file>index.jsp</welcome-file> |
| </welcome-file-list> |
| |
| <error-page> |
| <error-code>401</error-code> |
| <location>/unauthorized.jsp</location> |
| </error-page> |
| |
| </web-app> |