KI-66 intermediate changes
git-svn-id: https://svn.apache.org/repos/asf/incubator/jsecurity/trunk@752394 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/changes.txt b/changes.txt
index d780873..e2921fa 100644
--- a/changes.txt
+++ b/changes.txt
@@ -2,8 +2,8 @@
* org.ki.spring.SpringWebConfiguration renamed to org.apache.ki.spring.SpringIniWebConfiguration
* org.apache.ki.util.ThreadContext fixed to correctly work in child/spawned threads from a parent thread (sometimes surfaced in Tomcat environments)
-* org.ki.web.servlet.FilterChainWrapper renamed to org.ki.web.servlet.ProxiedFilterChain to maintain parallel naming conventions with ProxiedSession.
-* org.ki.web.attr.CookieAttribute#onRetrieveValue would return deleted cookies (maxAge of 0) on Tomcat. It now only returns a value if the cookie is non null and maxAge != 0 (-1 or positive only).
+* org.ki.web.servlet.FilterChainWrapper renamed to org.apache.ki.web.servlet.ProxiedFilterChain to maintain parallel naming conventions with ProxiedSession.
+* org.apache.ki.web.attr.CookieAttribute#onRetrieveValue would return deleted cookies (maxAge of 0) on Tomcat. It now only returns a value if the cookie is non null and maxAge != 0 (-1 or positive only).
* Added *AnnotationHandler implementations and refactored the AuthorizingAnnotationMethodInterceptor implementations
to delegate to internal AnnotationHandler instances for performing authorization checks based on annotations. This was
done to ensure Annotations could be processed independently of where they are declared (method, class, etc).
diff --git a/samples/spring-hibernate/web/WEB-INF/applicationContext.xml b/samples/spring-hibernate/web/WEB-INF/applicationContext.xml
index ef15dbe..6b90617 100644
--- a/samples/spring-hibernate/web/WEB-INF/applicationContext.xml
+++ b/samples/spring-hibernate/web/WEB-INF/applicationContext.xml
@@ -87,7 +87,7 @@
<!-- JSecurity's main business-tier object for web-enabled applications
(use org.kifaultSecurityManager instead when there is no web environment)-->
- <bean id="securityManager" class="org.ki.web.DefaultWebSecurityManager">
+ <bean id="securityManager" class="org.apache.ki.web.DefaultWebSecurityManager">
<!-- Single realm app (realm configured next, below). If you have multiple realms, use the 'realms'
property instead. -->
<property name="realm" ref="sampleRealm"/>
diff --git a/samples/spring-hibernate/web/WEB-INF/web.xml b/samples/spring-hibernate/web/WEB-INF/web.xml
index 2d4348b..5b82a7b 100644
--- a/samples/spring-hibernate/web/WEB-INF/web.xml
+++ b/samples/spring-hibernate/web/WEB-INF/web.xml
@@ -76,7 +76,7 @@
[filters]
# Override the authentication filter to pass thru so we can handle login logic in our controller
- authc = org.ki.web.filter.authc.PassThruAuthenticationFilter
+ authc = org.apache.ki.web.filter.authc.PassThruAuthenticationFilter
jsecurity.loginUrl = /s/login
jsecurity.unauthorizedUrl = /unauthorized.jsp
authc.successUrl = /s/home
diff --git a/samples/spring/webroot/WEB-INF/applicationContext.xml b/samples/spring/webroot/WEB-INF/applicationContext.xml
index 955fded..1c47887 100644
--- a/samples/spring/webroot/WEB-INF/applicationContext.xml
+++ b/samples/spring/webroot/WEB-INF/applicationContext.xml
@@ -40,7 +40,7 @@
========================================================= -->
<!-- JSecurity's main business-tier object for web-enabled applications
(use org.kifaultSecurityManager instead when there is no web environment)-->
- <bean id="securityManager" class="org.ki.web.DefaultWebSecurityManager">
+ <bean id="securityManager" class="org.apache.ki.web.DefaultWebSecurityManager">
<!-- Single realm app. If you have multiple realms, use the 'realms' property instead. -->
<property name="realm" ref="jdbcRealm"/>
<property name="sessionMode" value="jsecurity"/>
diff --git a/samples/web/webroot/WEB-INF/web.xml b/samples/web/webroot/WEB-INF/web.xml
index a1844c5..3942382 100644
--- a/samples/web/webroot/WEB-INF/web.xml
+++ b/samples/web/webroot/WEB-INF/web.xml
@@ -24,7 +24,7 @@
<filter>
<filter-name>JSecurityFilter</filter-name>
- <filter-class>org.ki.web.servlet.JSecurityFilter</filter-class>
+ <filter-class>org.apache.ki.web.servlet.JSecurityFilter</filter-class>
<init-param>
<param-name>config</param-name>
<param-value>
diff --git a/support/spring/src/org/apache/ki/spring/SpringIniWebConfiguration.java b/support/spring/src/org/apache/ki/spring/SpringIniWebConfiguration.java
index c06f922..6e3462c 100644
--- a/support/spring/src/org/apache/ki/spring/SpringIniWebConfiguration.java
+++ b/support/spring/src/org/apache/ki/spring/SpringIniWebConfiguration.java
@@ -22,7 +22,6 @@
import java.util.Map;
import javax.servlet.ServletContext;
-import org.ki.web.config.IniWebConfiguration;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextException;
import org.springframework.web.context.support.WebApplicationContextUtils;
@@ -34,13 +33,14 @@
import org.apache.ki.mgt.RealmSecurityManager;
import org.apache.ki.mgt.SecurityManager;
import org.apache.ki.realm.Realm;
+import org.apache.ki.web.config.IniWebConfiguration;
/**
* <p>JSecurity configuration that relies on Spring to define and initialize the JSecurity SecurityManager
* instance (and all of its dependencies) and makes it available to the JSecurityFilter by performing a Spring bean
* lookup. The URL/filter definitions are still .ini based and loaded according to the behavior of the parent class
- * {@link org.ki.web.config.IniWebConfiguration}</p>
+ * {@link org.apache.ki.web.config.IniWebConfiguration}</p>
* <p/>
* That is, this class is offers a hybrid means of configuring JSecurity in Spring apps deployed in a web container:
* Spring XML config for the SecurityManager and its dependencies (realms, etc), and .ini format for configuring
@@ -56,7 +56,7 @@
* throw an exception that says you have to set the init-param to specify the bean name.</li>
* <li>if no beans of type {@link SecurityManager}, look for any beans of type {@link Realm}.
* If some are found, create a default security manager by calling
- * {@link org.ki.web.config.IniWebConfiguration#createSecurityManager(java.util.Map) super.createSecurityManager(Map)}
+ * {@link org.apache.ki.web.config.IniWebConfiguration#createSecurityManager(java.util.Map) super.createSecurityManager(Map)}
* and set the Realms on that SecurityManager instance.</li>
* <li>If none of the above, throw an exception that explains the options.</li>
* <ol>
diff --git a/support/spring/src/org/apache/ki/spring/SpringJSecurityFilter.java b/support/spring/src/org/apache/ki/spring/SpringJSecurityFilter.java
index c7f95a0..6d435c8 100644
--- a/support/spring/src/org/apache/ki/spring/SpringJSecurityFilter.java
+++ b/support/spring/src/org/apache/ki/spring/SpringJSecurityFilter.java
@@ -18,7 +18,7 @@
*/
package org.apache.ki.spring;
-import org.ki.web.servlet.JSecurityFilter;
+import org.apache.ki.web.servlet.JSecurityFilter;
/**
* Extension of JSecurityFilter that uses {@link SpringIniWebConfiguration} to configure JSecurity in a Spring web
diff --git a/support/spring/test/org/ki/spring/SpringJSecurityFilterTest.java b/support/spring/test/org/ki/spring/SpringJSecurityFilterTest.java
index e46a489..1aca5c8 100644
--- a/support/spring/test/org/ki/spring/SpringJSecurityFilterTest.java
+++ b/support/spring/test/org/ki/spring/SpringJSecurityFilterTest.java
@@ -25,7 +25,7 @@
import static org.easymock.EasyMock.*;
import org.junit.Test;
-import org.ki.web.servlet.JSecurityFilter;
+import org.apache.ki.web.servlet.JSecurityFilter;
import org.springframework.web.context.WebApplicationContext;
import org.apache.ki.mgt.SecurityManager;
diff --git a/web/src/org/ki/web/DefaultWebSecurityManager.java b/web/src/org/apache/ki/web/DefaultWebSecurityManager.java
similarity index 95%
rename from web/src/org/ki/web/DefaultWebSecurityManager.java
rename to web/src/org/apache/ki/web/DefaultWebSecurityManager.java
index 50dbaef..4ec7ba8 100644
--- a/web/src/org/ki/web/DefaultWebSecurityManager.java
+++ b/web/src/org/apache/ki/web/DefaultWebSecurityManager.java
@@ -16,24 +16,23 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web;
+package org.apache.ki.web;
+
+import java.util.Collection;
+import javax.servlet.ServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.ki.realm.Realm;
import org.apache.ki.mgt.DefaultSecurityManager;
+import org.apache.ki.realm.Realm;
import org.apache.ki.session.mgt.SessionManager;
import org.apache.ki.subject.PrincipalCollection;
import org.apache.ki.util.LifecycleUtils;
-
-import org.ki.web.session.DefaultWebSessionManager;
-import org.ki.web.session.ServletContainerSessionManager;
-import org.ki.web.session.WebSessionManager;
-import org.ki.web.servlet.JSecurityHttpServletRequest;
-
-import javax.servlet.ServletRequest;
-import java.util.Collection;
+import org.apache.ki.web.servlet.KiHttpServletRequest;
+import org.apache.ki.web.session.DefaultWebSessionManager;
+import org.apache.ki.web.session.ServletContainerSessionManager;
+import org.apache.ki.web.session.WebSessionManager;
/**
@@ -187,7 +186,7 @@
protected void removeRequestIdentity() {
ServletRequest request = WebUtils.getServletRequest();
if ( request != null ) {
- request.setAttribute(JSecurityHttpServletRequest.IDENTITY_REMOVED_KEY, Boolean.TRUE);
+ request.setAttribute(KiHttpServletRequest.IDENTITY_REMOVED_KEY, Boolean.TRUE);
}
}
}
diff --git a/web/src/org/ki/web/RedirectView.java b/web/src/org/apache/ki/web/RedirectView.java
similarity index 99%
rename from web/src/org/ki/web/RedirectView.java
rename to web/src/org/apache/ki/web/RedirectView.java
index 42b8ebb..ed3aed6 100644
--- a/web/src/org/ki/web/RedirectView.java
+++ b/web/src/org/apache/ki/web/RedirectView.java
@@ -16,18 +16,19 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web;
+package org.apache.ki.web;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.ki.util.JavaEnvironment;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.apache.ki.util.JavaEnvironment;
/**
* <p>View that redirects to an absolute, context relative, or current request
diff --git a/web/src/org/ki/web/SavedRequest.java b/web/src/org/apache/ki/web/SavedRequest.java
similarity index 98%
rename from web/src/org/ki/web/SavedRequest.java
rename to web/src/org/apache/ki/web/SavedRequest.java
index 2431125..56faada 100644
--- a/web/src/org/ki/web/SavedRequest.java
+++ b/web/src/org/apache/ki/web/SavedRequest.java
@@ -16,10 +16,10 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web;
+package org.apache.ki.web;
-import javax.servlet.http.HttpServletRequest;
import java.io.Serializable;
+import javax.servlet.http.HttpServletRequest;
/**
* Maintains request data for a request that was redirected, so that after authentication
diff --git a/web/src/org/ki/web/WebRememberMeManager.java b/web/src/org/apache/ki/web/WebRememberMeManager.java
similarity index 96%
rename from web/src/org/ki/web/WebRememberMeManager.java
rename to web/src/org/apache/ki/web/WebRememberMeManager.java
index 8c62088..7a5b697 100644
--- a/web/src/org/ki/web/WebRememberMeManager.java
+++ b/web/src/org/apache/ki/web/WebRememberMeManager.java
@@ -16,26 +16,26 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.ki.codec.Base64;
-import org.apache.ki.mgt.AbstractRememberMeManager;
-
-import org.ki.web.attr.CookieAttribute;
-import org.ki.web.attr.WebAttribute;
-import org.ki.web.servlet.JSecurityHttpServletRequest;
+package org.apache.ki.web;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.apache.ki.codec.Base64;
+import org.apache.ki.mgt.AbstractRememberMeManager;
+import org.apache.ki.web.attr.CookieAttribute;
+import org.apache.ki.web.attr.WebAttribute;
+import org.apache.ki.web.servlet.KiHttpServletRequest;
+
/**
* Remembers a Subject's identity by using a {@link WebAttribute WebAttribute} instance to retain
* the identity value between web requests.
*
- * <p>This class's default <code>WebAttribute</code> instance is a {@link CookieAttribute CookieAttribute}, storing
+ * <p>This class's default <code>WebAttribute</code> instance is a {@link org.apache.ki.web.attr.CookieAttribute CookieAttribute}, storing
* the Subject's {@link org.apache.ki.subject.Subject#getPrincipals principals} in a <code>Cookie</code>. Note that
* because this class subclasses the <code>AbstractRememberMeManager</code> which already provides serialization and
* encryption logic, this class utilizes both for added security before setting the cookie value.</p>
@@ -209,7 +209,7 @@
protected boolean isIdentityRemoved() {
ServletRequest request = WebUtils.getServletRequest();
if ( request != null ) {
- Boolean removed = (Boolean)request.getAttribute(JSecurityHttpServletRequest.IDENTITY_REMOVED_KEY);
+ Boolean removed = (Boolean)request.getAttribute(KiHttpServletRequest.IDENTITY_REMOVED_KEY);
return removed != null && removed;
}
return false;
diff --git a/web/src/org/ki/web/WebSubjectFactory.java b/web/src/org/apache/ki/web/WebSubjectFactory.java
similarity index 96%
rename from web/src/org/ki/web/WebSubjectFactory.java
rename to web/src/org/apache/ki/web/WebSubjectFactory.java
index 8470f8a..8a35ffd 100644
--- a/web/src/org/ki/web/WebSubjectFactory.java
+++ b/web/src/org/apache/ki/web/WebSubjectFactory.java
@@ -16,20 +16,19 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web;
+package org.apache.ki.web;
-import org.apache.ki.mgt.*;
+import java.net.InetAddress;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+
+import org.apache.ki.mgt.DefaultSubjectFactory;
import org.apache.ki.mgt.SecurityManager;
import org.apache.ki.mgt.SessionSubjectBinder;
import org.apache.ki.session.Session;
import org.apache.ki.subject.PrincipalCollection;
-
import org.apache.ki.subject.Subject;
-import org.ki.web.session.WebSessionManager;
-
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import java.net.InetAddress;
+import org.apache.ki.web.session.WebSessionManager;
/**
diff --git a/web/src/org/ki/web/WebUtils.java b/web/src/org/apache/ki/web/WebUtils.java
similarity index 99%
rename from web/src/org/ki/web/WebUtils.java
rename to web/src/org/apache/ki/web/WebUtils.java
index 2c305fe..fff5449 100644
--- a/web/src/org/ki/web/WebUtils.java
+++ b/web/src/org/apache/ki/web/WebUtils.java
@@ -16,27 +16,27 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web;
+package org.apache.ki.web;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.ki.SecurityUtils;
-import org.apache.ki.session.Session;
-import org.apache.ki.subject.Subject;
-import org.apache.ki.util.ThreadContext;
-
-import org.apache.ki.util.StringUtils;
-
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.InetAddress;
import java.net.URLDecoder;
import java.net.UnknownHostException;
import java.util.Map;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.apache.ki.SecurityUtils;
+import org.apache.ki.session.Session;
+import org.apache.ki.subject.Subject;
+import org.apache.ki.util.StringUtils;
+import org.apache.ki.util.ThreadContext;
/**
* Simple utility class for operations used across multiple class hierarchies in the web framework code.
diff --git a/web/src/org/ki/web/attr/AbstractWebAttribute.java b/web/src/org/apache/ki/web/attr/AbstractWebAttribute.java
similarity index 99%
rename from web/src/org/ki/web/attr/AbstractWebAttribute.java
rename to web/src/org/apache/ki/web/attr/AbstractWebAttribute.java
index a532ab3..40f7cec 100644
--- a/web/src/org/ki/web/attr/AbstractWebAttribute.java
+++ b/web/src/org/apache/ki/web/attr/AbstractWebAttribute.java
@@ -16,17 +16,18 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.attr;
+package org.apache.ki.web.attr;
+
+import java.beans.PropertyEditor;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+
import org.apache.ki.KiException;
import org.apache.ki.util.ClassUtils;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import java.beans.PropertyEditor;
-
/**
* Convenient superclass for implementations of the {@link WebAttribute} interface. This class encapsulates
* converting values from a String form to Object form and vice versa through the use of a <tt>PropertyEditor</tt>
diff --git a/web/src/org/ki/web/attr/CookieAttribute.java b/web/src/org/apache/ki/web/attr/CookieAttribute.java
similarity index 99%
rename from web/src/org/ki/web/attr/CookieAttribute.java
rename to web/src/org/apache/ki/web/attr/CookieAttribute.java
index 578235d..da7c31c 100644
--- a/web/src/org/ki/web/attr/CookieAttribute.java
+++ b/web/src/org/apache/ki/web/attr/CookieAttribute.java
@@ -16,19 +16,20 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.attr;
+package org.apache.ki.web.attr;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.ki.util.StringUtils;
-import static org.ki.web.WebUtils.toHttp;
-
+import java.beans.PropertyEditor;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import java.beans.PropertyEditor;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.apache.ki.util.StringUtils;
+import static org.apache.ki.web.WebUtils.toHttp;
/**
* A <tt>CookieAttribute</tt> stores an object as a {@link Cookie} for access on later requests.
diff --git a/web/src/org/ki/web/attr/RequestParamAttribute.java b/web/src/org/apache/ki/web/attr/RequestParamAttribute.java
similarity index 98%
rename from web/src/org/ki/web/attr/RequestParamAttribute.java
rename to web/src/org/apache/ki/web/attr/RequestParamAttribute.java
index 86f670a..d298c2b 100644
--- a/web/src/org/ki/web/attr/RequestParamAttribute.java
+++ b/web/src/org/apache/ki/web/attr/RequestParamAttribute.java
@@ -16,14 +16,14 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.attr;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
+package org.apache.ki.web.attr;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
/**
* @author Les Hazlewood
* @since 0.2
diff --git a/web/src/org/ki/web/attr/WebAttribute.java b/web/src/org/apache/ki/web/attr/WebAttribute.java
similarity index 97%
rename from web/src/org/ki/web/attr/WebAttribute.java
rename to web/src/org/apache/ki/web/attr/WebAttribute.java
index 0b7b673..3e140ac 100644
--- a/web/src/org/ki/web/attr/WebAttribute.java
+++ b/web/src/org/apache/ki/web/attr/WebAttribute.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.attr;
+package org.apache.ki.web.attr;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
diff --git a/web/src/org/ki/web/config/IniWebConfiguration.java b/web/src/org/apache/ki/web/config/IniWebConfiguration.java
similarity index 91%
rename from web/src/org/ki/web/config/IniWebConfiguration.java
rename to web/src/org/apache/ki/web/config/IniWebConfiguration.java
index 5caa5fd..0c3c863 100644
--- a/web/src/org/ki/web/config/IniWebConfiguration.java
+++ b/web/src/org/apache/ki/web/config/IniWebConfiguration.java
@@ -16,33 +16,42 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.config;
+package org.apache.ki.web.config;
+
+import java.util.ArrayList;
+import java.util.LinkedHashMap;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+
import org.apache.ki.config.ConfigurationException;
import org.apache.ki.config.IniConfiguration;
import org.apache.ki.config.ReflectionBuilder;
import org.apache.ki.mgt.RealmSecurityManager;
import org.apache.ki.util.AntPathMatcher;
import org.apache.ki.util.PatternMatcher;
-
import static org.apache.ki.util.StringUtils.split;
-
-import org.ki.web.DefaultWebSecurityManager;
-import org.ki.web.WebUtils;
-import org.ki.web.filter.PathConfigProcessor;
-import org.ki.web.filter.authc.AnonymousFilter;
-import org.ki.web.filter.authc.BasicHttpAuthenticationFilter;
-import org.ki.web.filter.authc.FormAuthenticationFilter;
-import org.ki.web.filter.authc.UserFilter;
-import org.ki.web.filter.authz.PermissionsAuthorizationFilter;
-import org.ki.web.filter.authz.RolesAuthorizationFilter;
-import org.ki.web.servlet.AdviceFilter;
-import org.ki.web.servlet.ProxiedFilterChain;
-
-import javax.servlet.*;
-import java.util.*;
+import org.apache.ki.web.DefaultWebSecurityManager;
+import org.apache.ki.web.WebUtils;
+import org.apache.ki.web.filter.PathConfigProcessor;
+import org.apache.ki.web.filter.authc.AnonymousFilter;
+import org.apache.ki.web.filter.authc.BasicHttpAuthenticationFilter;
+import org.apache.ki.web.filter.authc.FormAuthenticationFilter;
+import org.apache.ki.web.filter.authc.UserFilter;
+import org.apache.ki.web.filter.authz.PermissionsAuthorizationFilter;
+import org.apache.ki.web.filter.authz.RolesAuthorizationFilter;
+import org.apache.ki.web.servlet.AdviceFilter;
+import org.apache.ki.web.servlet.ProxiedFilterChain;
/**
@@ -168,7 +177,7 @@
* calls this method.
* <p/>
* The default implementation merely returns
- * <code>new {@link org.ki.web.servlet.ProxiedFilterChain FilterChainWrapper(filters, originalChain)}</code>,
+ * <code>new {@link org.apache.ki.web.servlet.ProxiedFilterChain FilterChainWrapper(filters, originalChain)}</code>,
* and can be overridden by subclasses for custom creation.
*
* @param filters the configured filter chain for the incoming request application path
@@ -200,7 +209,7 @@
/**
* Merely returns
- * <code>WebUtils.{@link WebUtils#getPathWithinApplication(javax.servlet.http.HttpServletRequest) getPathWithinApplication(request)}</code>
+ * <code>WebUtils.{@link org.apache.ki.web.WebUtils#getPathWithinApplication(javax.servlet.http.HttpServletRequest) getPathWithinApplication(request)}</code>
* and can be overridden by subclasses for custom request-to-application-path resolution behavior.
*
* @param request the incoming <code>ServletRequest</code>
@@ -215,7 +224,7 @@
* the JSecurity environment for the web application.
* <p/>
* The default implementation simply returns
- * <code>new {@link org.ki.web.DefaultWebSecurityManager DefaultWebSecurityManager()};</code>
+ * <code>new {@link org.apache.ki.web.DefaultWebSecurityManager DefaultWebSecurityManager()};</code>
*
* @return a new, uninitialized <code>SecurityManager</code> instance that will be used to build up
* the JSecurity environment for the web application.
diff --git a/web/src/org/ki/web/config/WebConfiguration.java b/web/src/org/apache/ki/web/config/WebConfiguration.java
similarity index 98%
rename from web/src/org/ki/web/config/WebConfiguration.java
rename to web/src/org/apache/ki/web/config/WebConfiguration.java
index 7328686..cc37754 100644
--- a/web/src/org/ki/web/config/WebConfiguration.java
+++ b/web/src/org/apache/ki/web/config/WebConfiguration.java
@@ -16,15 +16,15 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.config;
-
-import org.apache.ki.config.Configuration;
+package org.apache.ki.web.config;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import org.apache.ki.config.Configuration;
+
/**
* A <code>WebConfiguration</code> configures JSecurity components in a web-enabled application.
* <p/>
diff --git a/web/src/org/ki/web/filter/AccessControlFilter.java b/web/src/org/apache/ki/web/filter/AccessControlFilter.java
similarity index 99%
rename from web/src/org/ki/web/filter/AccessControlFilter.java
rename to web/src/org/apache/ki/web/filter/AccessControlFilter.java
index 6d17451..1c06539 100644
--- a/web/src/org/ki/web/filter/AccessControlFilter.java
+++ b/web/src/org/apache/ki/web/filter/AccessControlFilter.java
@@ -16,16 +16,15 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter;
+package org.apache.ki.web.filter;
+
+import java.io.IOException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
import org.apache.ki.SecurityUtils;
import org.apache.ki.subject.Subject;
-
-import org.ki.web.WebUtils;
-
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import java.io.IOException;
+import org.apache.ki.web.WebUtils;
/**
* Superclass for any filter that controls access to a resource and may redirect the user to the login page
diff --git a/web/src/org/ki/web/filter/PathConfigProcessor.java b/web/src/org/apache/ki/web/filter/PathConfigProcessor.java
similarity index 96%
rename from web/src/org/ki/web/filter/PathConfigProcessor.java
rename to web/src/org/apache/ki/web/filter/PathConfigProcessor.java
index c3f4478..0c62270 100644
--- a/web/src/org/ki/web/filter/PathConfigProcessor.java
+++ b/web/src/org/apache/ki/web/filter/PathConfigProcessor.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter;
+package org.apache.ki.web.filter;
import javax.servlet.Filter;
diff --git a/web/src/org/ki/web/filter/PathMatchingFilter.java b/web/src/org/apache/ki/web/filter/PathMatchingFilter.java
similarity index 98%
rename from web/src/org/ki/web/filter/PathMatchingFilter.java
rename to web/src/org/apache/ki/web/filter/PathMatchingFilter.java
index 552e75e..8140db5 100644
--- a/web/src/org/ki/web/filter/PathMatchingFilter.java
+++ b/web/src/org/apache/ki/web/filter/PathMatchingFilter.java
@@ -16,21 +16,22 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter;
+package org.apache.ki.web.filter;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.ki.util.AntPathMatcher;
-import org.apache.ki.util.PatternMatcher;
-import static org.apache.ki.util.StringUtils.split;
-import org.ki.web.WebUtils;
-import org.ki.web.servlet.AdviceFilter;
-
+import java.util.LinkedHashMap;
+import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
-import java.util.LinkedHashMap;
-import java.util.Map;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.apache.ki.util.AntPathMatcher;
+import org.apache.ki.util.PatternMatcher;
+import static org.apache.ki.util.StringUtils.split;
+import org.apache.ki.web.WebUtils;
+import org.apache.ki.web.servlet.AdviceFilter;
/**
* <p>Base class for Filters that will process only specified paths and allow all others to pass through.</p>
diff --git a/web/src/org/ki/web/filter/authc/AnonymousFilter.java b/web/src/org/apache/ki/web/filter/authc/AnonymousFilter.java
similarity index 96%
rename from web/src/org/ki/web/filter/authc/AnonymousFilter.java
rename to web/src/org/apache/ki/web/filter/authc/AnonymousFilter.java
index 3fefa6e..7bf1721 100644
--- a/web/src/org/ki/web/filter/authc/AnonymousFilter.java
+++ b/web/src/org/apache/ki/web/filter/authc/AnonymousFilter.java
@@ -16,13 +16,13 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter.authc;
-
-import org.ki.web.filter.PathMatchingFilter;
+package org.apache.ki.web.filter.authc;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import org.apache.ki.web.filter.PathMatchingFilter;
+
/**
* Filter that allows access to a path immeidately without performing security checks of any kind.
* <p/>
diff --git a/web/src/org/ki/web/filter/authc/AuthenticatingFilter.java b/web/src/org/apache/ki/web/filter/authc/AuthenticatingFilter.java
similarity index 95%
rename from web/src/org/ki/web/filter/authc/AuthenticatingFilter.java
rename to web/src/org/apache/ki/web/filter/authc/AuthenticatingFilter.java
index 306a9ba..963dd75 100644
--- a/web/src/org/ki/web/filter/authc/AuthenticatingFilter.java
+++ b/web/src/org/apache/ki/web/filter/authc/AuthenticatingFilter.java
@@ -16,18 +16,17 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter.authc;
+package org.apache.ki.web.filter.authc;
+
+import java.net.InetAddress;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
import org.apache.ki.authc.AuthenticationException;
import org.apache.ki.authc.AuthenticationToken;
import org.apache.ki.authc.UsernamePasswordToken;
-
import org.apache.ki.subject.Subject;
-import org.ki.web.WebUtils;
-
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import java.net.InetAddress;
+import org.apache.ki.web.WebUtils;
/**
* An <code>AuthenticationFilter</code> that is capable of automatically performing an authentication attempt
@@ -85,7 +84,7 @@
* during construction of an <code>AuthenticationToken</code>.
* <p/>
* The default implementation merely returns
- * {@link WebUtils#getInetAddress(javax.servlet.ServletRequest) WebUtils.getInetAddress(request)}.
+ * {@link org.apache.ki.web.WebUtils#getInetAddress(javax.servlet.ServletRequest) WebUtils.getInetAddress(request)}.
*
* @param request the incoming ServletRequest
* @return the <code>InetAddress</code> to associate with the login attempt.
diff --git a/web/src/org/ki/web/filter/authc/AuthenticationFilter.java b/web/src/org/apache/ki/web/filter/authc/AuthenticationFilter.java
similarity index 95%
rename from web/src/org/ki/web/filter/authc/AuthenticationFilter.java
rename to web/src/org/apache/ki/web/filter/authc/AuthenticationFilter.java
index 6615519..7da315c 100644
--- a/web/src/org/ki/web/filter/authc/AuthenticationFilter.java
+++ b/web/src/org/apache/ki/web/filter/authc/AuthenticationFilter.java
@@ -16,16 +16,16 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter.authc;
-
-import org.apache.ki.subject.Subject;
-import org.ki.web.SavedRequest;
-import org.ki.web.WebUtils;
-import org.ki.web.filter.AccessControlFilter;
+package org.apache.ki.web.filter.authc;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import org.apache.ki.subject.Subject;
+import org.apache.ki.web.SavedRequest;
+import org.apache.ki.web.WebUtils;
+import org.apache.ki.web.filter.AccessControlFilter;
+
/**
* <p>Base class for all Filters that require the current user to be authenticated. This class encapsulates the
* logic of checking whether a user is already authenticated in the system. If the user is not authenticated, we use
diff --git a/web/src/org/ki/web/filter/authc/BasicHttpAuthenticationFilter.java b/web/src/org/apache/ki/web/filter/authc/BasicHttpAuthenticationFilter.java
similarity index 99%
rename from web/src/org/ki/web/filter/authc/BasicHttpAuthenticationFilter.java
rename to web/src/org/apache/ki/web/filter/authc/BasicHttpAuthenticationFilter.java
index a0d5e36..c9c54a6 100644
--- a/web/src/org/ki/web/filter/authc/BasicHttpAuthenticationFilter.java
+++ b/web/src/org/apache/ki/web/filter/authc/BasicHttpAuthenticationFilter.java
@@ -16,20 +16,20 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter.authc;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.ki.authc.AuthenticationToken;
-import org.apache.ki.codec.Base64;
-
-import org.ki.web.WebUtils;
+package org.apache.ki.web.filter.authc;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.apache.ki.authc.AuthenticationToken;
+import org.apache.ki.codec.Base64;
+import org.apache.ki.web.WebUtils;
+
/**
* Requires the requesting user to be {@link org.apache.ki.subject.Subject#isAuthenticated() authenticated} for the
diff --git a/web/src/org/ki/web/filter/authc/FormAuthenticationFilter.java b/web/src/org/apache/ki/web/filter/authc/FormAuthenticationFilter.java
similarity index 97%
rename from web/src/org/ki/web/filter/authc/FormAuthenticationFilter.java
rename to web/src/org/apache/ki/web/filter/authc/FormAuthenticationFilter.java
index 32618ce..6951136 100644
--- a/web/src/org/ki/web/filter/authc/FormAuthenticationFilter.java
+++ b/web/src/org/apache/ki/web/filter/authc/FormAuthenticationFilter.java
@@ -16,21 +16,21 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter.authc;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.ki.authc.AuthenticationException;
-import org.apache.ki.authc.AuthenticationToken;
-import org.apache.ki.authc.UsernamePasswordToken;
-import org.apache.ki.subject.Subject;
-
-import org.ki.web.WebUtils;
+package org.apache.ki.web.filter.authc;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.apache.ki.authc.AuthenticationException;
+import org.apache.ki.authc.AuthenticationToken;
+import org.apache.ki.authc.UsernamePasswordToken;
+import org.apache.ki.subject.Subject;
+import org.apache.ki.web.WebUtils;
+
/**
* Requires the requesting user to be authenticated for the request to continue, and if they are not, forces the user
@@ -51,12 +51,12 @@
* (e.g. no account, incorrect password, etc).
*
* <p>If you would prefer to handle the authentication validation and login in your own code, consider using the
- * {@link org.ki.web.filter.authc.PassThruAuthenticationFilter} instead, which allows requests to the
+ * {@link PassThruAuthenticationFilter} instead, which allows requests to the
* {@link #loginUrl} to pass through to your application's code directly.
*
* @author Les Hazlewood
* @author Jeremy Haile
- * @see org.ki.web.filter.authc.PassThruAuthenticationFilter
+ * @see PassThruAuthenticationFilter
* @since 0.9
*/
public class FormAuthenticationFilter extends AuthenticatingFilter {
diff --git a/web/src/org/ki/web/filter/authc/PassThruAuthenticationFilter.java b/web/src/org/apache/ki/web/filter/authc/PassThruAuthenticationFilter.java
similarity index 98%
rename from web/src/org/ki/web/filter/authc/PassThruAuthenticationFilter.java
rename to web/src/org/apache/ki/web/filter/authc/PassThruAuthenticationFilter.java
index e12874d..0bbfb78 100644
--- a/web/src/org/ki/web/filter/authc/PassThruAuthenticationFilter.java
+++ b/web/src/org/apache/ki/web/filter/authc/PassThruAuthenticationFilter.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter.authc;
+package org.apache.ki.web.filter.authc;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
diff --git a/web/src/org/ki/web/filter/authc/UserFilter.java b/web/src/org/apache/ki/web/filter/authc/UserFilter.java
similarity index 96%
rename from web/src/org/ki/web/filter/authc/UserFilter.java
rename to web/src/org/apache/ki/web/filter/authc/UserFilter.java
index f60a32b..a875359 100644
--- a/web/src/org/ki/web/filter/authc/UserFilter.java
+++ b/web/src/org/apache/ki/web/filter/authc/UserFilter.java
@@ -16,14 +16,14 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter.authc;
-
-import org.apache.ki.subject.Subject;
-import org.ki.web.filter.AccessControlFilter;
+package org.apache.ki.web.filter.authc;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import org.apache.ki.subject.Subject;
+import org.apache.ki.web.filter.AccessControlFilter;
+
/**
* Filter that allows access to resources if the accessor is a known user, which is defined as
* having a known principal. This means that any user who is authenticated or remembered via a
diff --git a/web/src/org/ki/web/filter/authz/AuthorizationFilter.java b/web/src/org/apache/ki/web/filter/authz/AuthorizationFilter.java
similarity index 95%
rename from web/src/org/ki/web/filter/authz/AuthorizationFilter.java
rename to web/src/org/apache/ki/web/filter/authz/AuthorizationFilter.java
index 5e985fc..4e1cdaf 100644
--- a/web/src/org/ki/web/filter/authz/AuthorizationFilter.java
+++ b/web/src/org/apache/ki/web/filter/authz/AuthorizationFilter.java
@@ -16,17 +16,17 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter.authz;
+package org.apache.ki.web.filter.authz;
-import org.apache.ki.subject.Subject;
-import org.apache.ki.util.StringUtils;
-import org.ki.web.WebUtils;
-import org.ki.web.filter.AccessControlFilter;
-
+import java.io.IOException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
+
+import org.apache.ki.subject.Subject;
+import org.apache.ki.util.StringUtils;
+import org.apache.ki.web.WebUtils;
+import org.apache.ki.web.filter.AccessControlFilter;
/**
* Superclass for authorization-related filters. For unauthorized requests, this filter redirects to the
diff --git a/web/src/org/ki/web/filter/authz/PermissionsAuthorizationFilter.java b/web/src/org/apache/ki/web/filter/authz/PermissionsAuthorizationFilter.java
similarity index 97%
rename from web/src/org/ki/web/filter/authz/PermissionsAuthorizationFilter.java
rename to web/src/org/apache/ki/web/filter/authz/PermissionsAuthorizationFilter.java
index 6f61492..847b83a 100644
--- a/web/src/org/ki/web/filter/authz/PermissionsAuthorizationFilter.java
+++ b/web/src/org/apache/ki/web/filter/authz/PermissionsAuthorizationFilter.java
@@ -16,13 +16,13 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter.authz;
+package org.apache.ki.web.filter.authz;
-import org.apache.ki.subject.Subject;
-
+import java.io.IOException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
-import java.io.IOException;
+
+import org.apache.ki.subject.Subject;
/**
* Filter that allows access if the current user has the permissions specified by the mapped value, or denies access
diff --git a/web/src/org/ki/web/filter/authz/RolesAuthorizationFilter.java b/web/src/org/apache/ki/web/filter/authz/RolesAuthorizationFilter.java
similarity index 97%
rename from web/src/org/ki/web/filter/authz/RolesAuthorizationFilter.java
rename to web/src/org/apache/ki/web/filter/authz/RolesAuthorizationFilter.java
index 6b0eff3..0d3e377 100644
--- a/web/src/org/ki/web/filter/authz/RolesAuthorizationFilter.java
+++ b/web/src/org/apache/ki/web/filter/authz/RolesAuthorizationFilter.java
@@ -16,16 +16,16 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.filter.authz;
+package org.apache.ki.web.filter.authz;
+
+import java.io.IOException;
+import java.util.Set;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
import org.apache.ki.subject.Subject;
import org.apache.ki.util.CollectionUtils;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import java.io.IOException;
-import java.util.Set;
-
/**
* Filter that allows access if the current user has the roles specified by the mapped value, or denies access
diff --git a/web/src/org/ki/web/servlet/AdviceFilter.java b/web/src/org/apache/ki/web/servlet/AdviceFilter.java
similarity index 99%
rename from web/src/org/ki/web/servlet/AdviceFilter.java
rename to web/src/org/apache/ki/web/servlet/AdviceFilter.java
index b971df5..2dc97c0 100644
--- a/web/src/org/ki/web/servlet/AdviceFilter.java
+++ b/web/src/org/apache/ki/web/servlet/AdviceFilter.java
@@ -16,16 +16,16 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.servlet;
+package org.apache.ki.web.servlet;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
+import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
-import java.io.IOException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
/**
* A Servlet Filter that enables AOP-style advice for a SerlvetRequest via
diff --git a/web/src/org/ki/web/servlet/JSecurityFilter.java b/web/src/org/apache/ki/web/servlet/JSecurityFilter.java
similarity index 86%
rename from web/src/org/ki/web/servlet/JSecurityFilter.java
rename to web/src/org/apache/ki/web/servlet/JSecurityFilter.java
index 1932dde..6ab4a88 100644
--- a/web/src/org/ki/web/servlet/JSecurityFilter.java
+++ b/web/src/org/apache/ki/web/servlet/JSecurityFilter.java
@@ -16,31 +16,34 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.servlet;
+package org.apache.ki.web.servlet;
+
+import java.beans.PropertyDescriptor;
+import java.io.IOException;
+import java.net.InetAddress;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+
import org.apache.ki.config.Configuration;
import org.apache.ki.config.ConfigurationException;
import org.apache.ki.mgt.SecurityManager;
import org.apache.ki.util.ClassUtils;
import org.apache.ki.util.LifecycleUtils;
-import org.apache.ki.util.ThreadContext;
-
import static org.apache.ki.util.StringUtils.clean;
-
-import org.ki.web.DefaultWebSecurityManager;
-import org.ki.web.WebUtils;
-import org.ki.web.config.IniWebConfiguration;
-import org.ki.web.config.WebConfiguration;
-
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.beans.PropertyDescriptor;
-import java.io.IOException;
-import java.net.InetAddress;
+import org.apache.ki.util.ThreadContext;
+import org.apache.ki.web.DefaultWebSecurityManager;
+import org.apache.ki.web.WebUtils;
+import org.apache.ki.web.config.IniWebConfiguration;
+import org.apache.ki.web.config.WebConfiguration;
/**
@@ -70,8 +73,8 @@
* # (and client-agnostic) session management. You can enable this by uncommenting the following line
* # and changing 'http' to 'jsecurity'
* #
- * #securityManager = {@link org.ki.web.DefaultWebSecurityManager org.jsecurity.web.DefaultWebSecurityManager}
- * #securityManager.{@link org.ki.web.DefaultWebSecurityManager#setSessionMode(String) sessionMode} = http
+ * #securityManager = {@link org.apache.ki.web.DefaultWebSecurityManager org.jsecurity.web.DefaultWebSecurityManager}
+ * #securityManager.{@link org.apache.ki.web.DefaultWebSecurityManager#setSessionMode(String) sessionMode} = http
* <p/>
* [filters]
* # This section defines the 'pool' of all Filters available to the url path definitions in the [urls] section below.
@@ -85,36 +88,36 @@
* # affect the user experience.
* #
* # Form-based Authentication filter:
- * #<a name="authc"></a>authc = {@link org.ki.web.filter.authc.FormAuthenticationFilter}
- * #authc.{@link org.ki.web.filter.authc.FormAuthenticationFilter#setLoginUrl(String) loginUrl} = /login.jsp
- * #authc.{@link org.ki.web.filter.authc.FormAuthenticationFilter#setUsernameParam(String) usernameParam} = username
- * #authc.{@link org.ki.web.filter.authc.FormAuthenticationFilter#setPasswordParam(String) passwordParam} = password
- * #authc.{@link org.ki.web.filter.authc.FormAuthenticationFilter#setRememberMeParam(String) rememberMeParam} = rememberMe
- * #authc.{@link org.ki.web.filter.authc.FormAuthenticationFilter#setSuccessUrl(String) successUrl} = /login.jsp
- * #authc.{@link org.ki.web.filter.authc.FormAuthenticationFilter#setFailureKeyAttribute(String) failureKeyAttribute} = {@link org.ki.web.filter.authc.FormAuthenticationFilter#DEFAULT_ERROR_KEY_ATTRIBUTE_NAME}
+ * #<a name="authc"></a>authc = {@link org.apache.ki.web.filter.authc.FormAuthenticationFilter}
+ * #authc.{@link org.apache.ki.web.filter.authc.FormAuthenticationFilter#setLoginUrl(String) loginUrl} = /login.jsp
+ * #authc.{@link org.apache.ki.web.filter.authc.FormAuthenticationFilter#setUsernameParam(String) usernameParam} = username
+ * #authc.{@link org.apache.ki.web.filter.authc.FormAuthenticationFilter#setPasswordParam(String) passwordParam} = password
+ * #authc.{@link org.apache.ki.web.filter.authc.FormAuthenticationFilter#setRememberMeParam(String) rememberMeParam} = rememberMe
+ * #authc.{@link org.apache.ki.web.filter.authc.FormAuthenticationFilter#setSuccessUrl(String) successUrl} = /login.jsp
+ * #authc.{@link org.apache.ki.web.filter.authc.FormAuthenticationFilter#setFailureKeyAttribute(String) failureKeyAttribute} = {@link org.apache.ki.web.filter.authc.FormAuthenticationFilter#DEFAULT_ERROR_KEY_ATTRIBUTE_NAME}
* #
* # Http BASIC Authentication filter:
- * #<a name="authcBasic"></a>authcBasic = {@link org.ki.web.filter.authc.BasicHttpAuthenticationFilter}
- * #authcBasic.{@link org.ki.web.filter.authc.BasicHttpAuthenticationFilter#setApplicationName(String) applicationName} = application
+ * #<a name="authcBasic"></a>authcBasic = {@link org.apache.ki.web.filter.authc.BasicHttpAuthenticationFilter}
+ * #authcBasic.{@link org.apache.ki.web.filter.authc.BasicHttpAuthenticationFilter#setApplicationName(String) applicationName} = application
* #
* # Roles filter: requires the requesting user to have one or more roles for the request to continue.
* # If they do not have the specified roles, they are redirected to the specified URL.
- * #<a name="roles"></a>roles = {@link org.ki.web.filter.authz.RolesAuthorizationFilter}
- * #roles.{@link org.ki.web.filter.authz.RolesAuthorizationFilter#setUnauthorizedUrl(String) unauthorizedUrl} =
+ * #<a name="roles"></a>roles = {@link org.apache.ki.web.filter.authz.RolesAuthorizationFilter}
+ * #roles.{@link org.apache.ki.web.filter.authz.RolesAuthorizationFilter#setUnauthorizedUrl(String) unauthorizedUrl} =
* # (note the above url is null by default, which will cause an HTTP 403 (Access Denied) response instead
* # of redirecting to a page. If you want to show a 'nice page' instead, you should specify that url.
* #
* # Permissions filter: requires the requesting user to have one or more permissions for the request to
* # continue, and if they do not, redirects them to the specified URL.
- * #<a name="perms"></a>perms = {@link org.ki.web.filter.authz.PermissionsAuthorizationFilter}
- * #perms.{@link org.ki.web.filter.authz.PermissionsAuthorizationFilter#setUnauthorizedUrl(String) unauthorizedUrl} =
+ * #<a name="perms"></a>perms = {@link org.apache.ki.web.filter.authz.PermissionsAuthorizationFilter}
+ * #perms.{@link org.apache.ki.web.filter.authz.PermissionsAuthorizationFilter#setUnauthorizedUrl(String) unauthorizedUrl} =
* # (note the above url is null by default, which will cause an HTTP 403 (Access Denied) response instead
* # of redirecting to a page. If you want to show a 'nice page' instead, you should specify that url. Many
* # applications like to use the same url specified in roles.unauthorizedUrl above.
* #
* #
* # Define your own filters here. To properly handle url path matching (see the [urls] section below), your
- * # filter should extend the {@link org.ki.web.filter.PathMatchingFilter PathMatchingFilter} abstract class.
+ * # filter should extend the {@link org.apache.ki.web.filter.PathMatchingFilter PathMatchingFilter} abstract class.
* <p/>
* [urls]
* # This section defines url path mappings. Each mapping entry must be on a single line and conform to the
@@ -351,11 +354,11 @@
}
/**
- * Wraps the original HttpServletRequest in a {@link JSecurityHttpServletRequest}
+ * Wraps the original HttpServletRequest in a {@link KiHttpServletRequest}
* @since 1.0
*/
protected ServletRequest wrapServletRequest(HttpServletRequest orig) {
- return new JSecurityHttpServletRequest(orig, getServletContext(), isHttpSessions());
+ return new KiHttpServletRequest(orig, getServletContext(), isHttpSessions());
}
/** @since 1.0 */
@@ -370,7 +373,7 @@
}
/** @since 1.0 */
- protected ServletResponse wrapServletResponse(HttpServletResponse orig, JSecurityHttpServletRequest request) {
+ protected ServletResponse wrapServletResponse(HttpServletResponse orig, KiHttpServletRequest request) {
return new JSecurityHttpServletResponse(orig, getServletContext(), request);
}
@@ -378,11 +381,11 @@
protected ServletResponse prepareServletResponse(ServletRequest request, ServletResponse response,
FilterChain chain) {
ServletResponse toUse = response;
- if (isHttpSessions() && (request instanceof JSecurityHttpServletRequest) &&
+ if (isHttpSessions() && (request instanceof KiHttpServletRequest) &&
(response instanceof HttpServletResponse)) {
//the JSecurityHttpServletResponse exists to support URL rewriting for session ids. This is only needed if
//using JSecurity sessions (i.e. not simple HttpSession based sessions):
- toUse = wrapServletResponse((HttpServletResponse) response, (JSecurityHttpServletRequest) request);
+ toUse = wrapServletResponse((HttpServletResponse) response, (KiHttpServletRequest) request);
}
return toUse;
}
diff --git a/web/src/org/ki/web/servlet/JSecurityHttpServletResponse.java b/web/src/org/apache/ki/web/servlet/JSecurityHttpServletResponse.java
similarity index 97%
rename from web/src/org/ki/web/servlet/JSecurityHttpServletResponse.java
rename to web/src/org/apache/ki/web/servlet/JSecurityHttpServletResponse.java
index 0e5767b..bcd890b 100644
--- a/web/src/org/ki/web/servlet/JSecurityHttpServletResponse.java
+++ b/web/src/org/apache/ki/web/servlet/JSecurityHttpServletResponse.java
@@ -16,17 +16,17 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.servlet;
+package org.apache.ki.web.servlet;
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLEncoder;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
-import java.io.IOException;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.net.URLEncoder;
/**
* HttpServletResponse implementation to support URL Encoding of JSecurity Session IDs.
@@ -52,9 +52,9 @@
private ServletContext context = null;
//the associated request
- private JSecurityHttpServletRequest request = null;
+ private KiHttpServletRequest request = null;
- public JSecurityHttpServletResponse(HttpServletResponse wrapped, ServletContext context, JSecurityHttpServletRequest request) {
+ public JSecurityHttpServletResponse(HttpServletResponse wrapped, ServletContext context, KiHttpServletRequest request) {
super(wrapped);
this.context = context;
this.request = request;
@@ -68,11 +68,11 @@
this.context = context;
}
- public JSecurityHttpServletRequest getRequest() {
+ public KiHttpServletRequest getRequest() {
return request;
}
- public void setRequest(JSecurityHttpServletRequest request) {
+ public void setRequest(KiHttpServletRequest request) {
this.request = request;
}
diff --git a/web/src/org/ki/web/servlet/JSecurityHttpSession.java b/web/src/org/apache/ki/web/servlet/JSecurityHttpSession.java
similarity index 92%
rename from web/src/org/ki/web/servlet/JSecurityHttpSession.java
rename to web/src/org/apache/ki/web/servlet/JSecurityHttpSession.java
index b404060..b8cc2aa 100644
--- a/web/src/org/ki/web/servlet/JSecurityHttpSession.java
+++ b/web/src/org/apache/ki/web/servlet/JSecurityHttpSession.java
@@ -16,15 +16,24 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.servlet;
+package org.apache.ki.web.servlet;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+import javax.servlet.ServletContext;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import javax.servlet.http.HttpSessionBindingEvent;
+import javax.servlet.http.HttpSessionBindingListener;
+import javax.servlet.http.HttpSessionContext;
import org.apache.ki.session.InvalidSessionException;
import org.apache.ki.session.Session;
-import org.ki.web.session.WebSession;
-
-import javax.servlet.ServletContext;
-import javax.servlet.http.*;
-import java.util.*;
+import org.apache.ki.web.session.WebSession;
/**
@@ -233,7 +242,7 @@
}
public boolean isNew() {
- Boolean value = (Boolean) currentRequest.getAttribute(JSecurityHttpServletRequest.REFERENCED_SESSION_IS_NEW);
+ Boolean value = (Boolean) currentRequest.getAttribute(KiHttpServletRequest.REFERENCED_SESSION_IS_NEW);
return value != null && value.equals(Boolean.TRUE);
}
}
diff --git a/web/src/org/ki/web/servlet/JSecurityHttpServletRequest.java b/web/src/org/apache/ki/web/servlet/KiHttpServletRequest.java
similarity index 88%
rename from web/src/org/ki/web/servlet/JSecurityHttpServletRequest.java
rename to web/src/org/apache/ki/web/servlet/KiHttpServletRequest.java
index 9f9f757..d8ed0bd 100644
--- a/web/src/org/ki/web/servlet/JSecurityHttpServletRequest.java
+++ b/web/src/org/apache/ki/web/servlet/KiHttpServletRequest.java
@@ -16,17 +16,17 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.servlet;
+package org.apache.ki.web.servlet;
-import org.apache.ki.SecurityUtils;
-import org.apache.ki.session.Session;
-import org.apache.ki.subject.Subject;
-
+import java.security.Principal;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpSession;
-import java.security.Principal;
+
+import org.apache.ki.SecurityUtils;
+import org.apache.ki.session.Session;
+import org.apache.ki.subject.Subject;
/**
@@ -36,32 +36,32 @@
* @since 0.2
*/
@SuppressWarnings({"deprecated", "deprecation"})
-public class JSecurityHttpServletRequest extends HttpServletRequestWrapper {
+public class KiHttpServletRequest extends HttpServletRequestWrapper {
//TODO - complete JavaDoc
//The following 7 constants support the JSecurity's implementation of the Servlet Specification
public static final String COOKIE_SESSION_ID_SOURCE = "cookie";
public static final String URL_SESSION_ID_SOURCE = "url";
- public static final String REFERENCED_SESSION_ID = JSecurityHttpServletRequest.class.getName() + "_REQUESTED_SESSION_ID";
- public static final String REFERENCED_SESSION_ID_IS_VALID = JSecurityHttpServletRequest.class.getName() + "_REQUESTED_SESSION_ID_VALID";
- public static final String REFERENCED_SESSION_IS_NEW = JSecurityHttpServletRequest.class.getName() + "_REFERENCED_SESSION_IS_NEW";
- public static final String REFERENCED_SESSION_ID_SOURCE = JSecurityHttpServletRequest.class.getName() + "REFERENCED_SESSION_ID_SOURCE";
+ public static final String REFERENCED_SESSION_ID = KiHttpServletRequest.class.getName() + "_REQUESTED_SESSION_ID";
+ public static final String REFERENCED_SESSION_ID_IS_VALID = KiHttpServletRequest.class.getName() + "_REQUESTED_SESSION_ID_VALID";
+ public static final String REFERENCED_SESSION_IS_NEW = KiHttpServletRequest.class.getName() + "_REFERENCED_SESSION_IS_NEW";
+ public static final String REFERENCED_SESSION_ID_SOURCE = KiHttpServletRequest.class.getName() + "REFERENCED_SESSION_ID_SOURCE";
public static final String SESSION_ID_NAME = JSecurityHttpSession.DEFAULT_SESSION_ID_NAME;
/**
* Key that may be used to alert that the request's referenced JSecurity Session has expired prior to
* request processing.
*/
- public static final String EXPIRED_SESSION_KEY = JSecurityHttpServletRequest.class.getName() + "_EXPIRED_SESSION_KEY";
+ public static final String EXPIRED_SESSION_KEY = KiHttpServletRequest.class.getName() + "_EXPIRED_SESSION_KEY";
- public static final String IDENTITY_REMOVED_KEY = JSecurityHttpServletRequest.class.getName() + "_IDENTITY_REMOVED_KEY";
+ public static final String IDENTITY_REMOVED_KEY = KiHttpServletRequest.class.getName() + "_IDENTITY_REMOVED_KEY";
protected ServletContext servletContext = null;
protected HttpSession session = null;
protected boolean httpSessions = true;
- public JSecurityHttpServletRequest(HttpServletRequest wrapped, ServletContext servletContext,
+ public KiHttpServletRequest(HttpServletRequest wrapped, ServletContext servletContext,
boolean httpSessions) {
super(wrapped);
this.servletContext = servletContext;
diff --git a/web/src/org/ki/web/servlet/OncePerRequestFilter.java b/web/src/org/apache/ki/web/servlet/OncePerRequestFilter.java
similarity index 97%
rename from web/src/org/ki/web/servlet/OncePerRequestFilter.java
rename to web/src/org/apache/ki/web/servlet/OncePerRequestFilter.java
index 2098b1b..2f17814 100644
--- a/web/src/org/ki/web/servlet/OncePerRequestFilter.java
+++ b/web/src/org/apache/ki/web/servlet/OncePerRequestFilter.java
@@ -16,14 +16,20 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.servlet;
+package org.apache.ki.web.servlet;
+
+import java.io.IOException;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.ki.util.Nameable;
-import javax.servlet.*;
-import java.io.IOException;
+import org.apache.ki.util.Nameable;
/**
diff --git a/web/src/org/ki/web/servlet/ProxiedFilterChain.java b/web/src/org/apache/ki/web/servlet/ProxiedFilterChain.java
similarity index 90%
rename from web/src/org/ki/web/servlet/ProxiedFilterChain.java
rename to web/src/org/apache/ki/web/servlet/ProxiedFilterChain.java
index 15387cd..adb6d8b 100644
--- a/web/src/org/ki/web/servlet/ProxiedFilterChain.java
+++ b/web/src/org/apache/ki/web/servlet/ProxiedFilterChain.java
@@ -16,15 +16,19 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.servlet;
+package org.apache.ki.web.servlet;
+
+import java.io.IOException;
+import java.util.List;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import javax.servlet.*;
-import java.io.IOException;
-import java.util.List;
-
/**
* @author Les Hazlewood
* @since 0.9
diff --git a/web/src/org/ki/web/servlet/ServletContextSupport.java b/web/src/org/apache/ki/web/servlet/ServletContextSupport.java
similarity index 98%
rename from web/src/org/ki/web/servlet/ServletContextSupport.java
rename to web/src/org/apache/ki/web/servlet/ServletContextSupport.java
index eb01203..3a7704b 100644
--- a/web/src/org/ki/web/servlet/ServletContextSupport.java
+++ b/web/src/org/apache/ki/web/servlet/ServletContextSupport.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.servlet;
+package org.apache.ki.web.servlet;
import javax.servlet.ServletContext;
diff --git a/web/src/org/ki/web/session/DefaultWebSessionManager.java b/web/src/org/apache/ki/web/session/DefaultWebSessionManager.java
similarity index 92%
rename from web/src/org/ki/web/session/DefaultWebSessionManager.java
rename to web/src/org/apache/ki/web/session/DefaultWebSessionManager.java
index fdc392a..4d8fcc8 100644
--- a/web/src/org/ki/web/session/DefaultWebSessionManager.java
+++ b/web/src/org/apache/ki/web/session/DefaultWebSessionManager.java
@@ -16,28 +16,27 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.session;
+package org.apache.ki.web.session;
+
+import java.io.Serializable;
+import java.net.InetAddress;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+
import org.apache.ki.authz.AuthorizationException;
import org.apache.ki.authz.HostUnauthorizedException;
-import org.apache.ki.session.mgt.DefaultSessionManager;
-
import org.apache.ki.session.InvalidSessionException;
import org.apache.ki.session.Session;
-
-import org.ki.web.WebUtils;
-import org.ki.web.attr.CookieAttribute;
-import org.ki.web.attr.RequestParamAttribute;
-import org.ki.web.attr.WebAttribute;
-import org.ki.web.servlet.JSecurityHttpServletRequest;
-import org.ki.web.servlet.JSecurityHttpSession;
-
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import java.io.Serializable;
-import java.net.InetAddress;
+import org.apache.ki.session.mgt.DefaultSessionManager;
+import org.apache.ki.web.WebUtils;
+import org.apache.ki.web.attr.CookieAttribute;
+import org.apache.ki.web.attr.RequestParamAttribute;
+import org.apache.ki.web.attr.WebAttribute;
+import org.apache.ki.web.servlet.KiHttpServletRequest;
+import org.apache.ki.web.servlet.JSecurityHttpSession;
/**
@@ -206,13 +205,13 @@
WebAttribute<Serializable> cookieSessionIdAttribute = getSessionIdCookieAttribute();
Serializable id = cookieSessionIdAttribute.retrieveValue(request, response);
if (id != null) {
- request.setAttribute(JSecurityHttpServletRequest.REFERENCED_SESSION_ID_SOURCE,
- JSecurityHttpServletRequest.COOKIE_SESSION_ID_SOURCE);
+ request.setAttribute(KiHttpServletRequest.REFERENCED_SESSION_ID_SOURCE,
+ KiHttpServletRequest.COOKIE_SESSION_ID_SOURCE);
} else {
id = getSessionIdRequestParamAttribute().retrieveValue(request, response);
if (id != null) {
- request.setAttribute(JSecurityHttpServletRequest.REFERENCED_SESSION_ID_SOURCE,
- JSecurityHttpServletRequest.URL_SESSION_ID_SOURCE);
+ request.setAttribute(KiHttpServletRequest.REFERENCED_SESSION_ID_SOURCE,
+ KiHttpServletRequest.URL_SESSION_ID_SOURCE);
}
}
return id;
@@ -227,8 +226,8 @@
protected Serializable start(ServletRequest request, ServletResponse response, InetAddress inetAddress) {
Serializable sessionId = super.start(inetAddress);
storeSessionId(sessionId, request, response);
- request.removeAttribute(JSecurityHttpServletRequest.REFERENCED_SESSION_ID_SOURCE);
- request.setAttribute(JSecurityHttpServletRequest.REFERENCED_SESSION_IS_NEW, Boolean.TRUE);
+ request.removeAttribute(KiHttpServletRequest.REFERENCED_SESSION_ID_SOURCE);
+ request.setAttribute(KiHttpServletRequest.REFERENCED_SESSION_IS_NEW, Boolean.TRUE);
return sessionId;
}
@@ -282,7 +281,7 @@
Serializable sessionId = retrieveSessionId(request, response);
if (sessionId != null) {
- request.setAttribute(JSecurityHttpServletRequest.REFERENCED_SESSION_ID, sessionId);
+ request.setAttribute(KiHttpServletRequest.REFERENCED_SESSION_ID, sessionId);
session = super.retrieveSession(sessionId);
if (isValidateRequestOrigin()) {
if (log.isDebugEnabled()) {
@@ -291,7 +290,7 @@
validateSessionOrigin(request, session);
}
if (session != null) {
- request.setAttribute(JSecurityHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);
+ request.setAttribute(KiHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);
}
} else {
if (log.isTraceEnabled()) {
diff --git a/web/src/org/ki/web/session/ServletContainerSessionManager.java b/web/src/org/apache/ki/web/session/ServletContainerSessionManager.java
similarity index 98%
rename from web/src/org/ki/web/session/ServletContainerSessionManager.java
rename to web/src/org/apache/ki/web/session/ServletContainerSessionManager.java
index 6b59534..156f28f 100644
--- a/web/src/org/ki/web/session/ServletContainerSessionManager.java
+++ b/web/src/org/apache/ki/web/session/ServletContainerSessionManager.java
@@ -16,23 +16,21 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.session;
+package org.apache.ki.web.session;
-import org.apache.ki.authz.AuthorizationException;
-import org.apache.ki.authz.HostUnauthorizedException;
-import org.apache.ki.session.mgt.AbstractSessionManager;
-import org.apache.ki.session.Session;
-
-import org.apache.ki.session.InvalidSessionException;
-
-import org.ki.web.WebUtils;
-
+import java.io.Serializable;
+import java.net.InetAddress;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
-import java.io.Serializable;
-import java.net.InetAddress;
+
+import org.apache.ki.authz.AuthorizationException;
+import org.apache.ki.authz.HostUnauthorizedException;
+import org.apache.ki.session.InvalidSessionException;
+import org.apache.ki.session.Session;
+import org.apache.ki.session.mgt.AbstractSessionManager;
+import org.apache.ki.web.WebUtils;
/**
diff --git a/web/src/org/ki/web/session/WebSession.java b/web/src/org/apache/ki/web/session/WebSession.java
similarity index 98%
rename from web/src/org/ki/web/session/WebSession.java
rename to web/src/org/apache/ki/web/session/WebSession.java
index 6b19ec5..bd7dd9f 100644
--- a/web/src/org/ki/web/session/WebSession.java
+++ b/web/src/org/apache/ki/web/session/WebSession.java
@@ -16,20 +16,19 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.session;
+package org.apache.ki.web.session;
-import org.apache.ki.session.InvalidSessionException;
-import org.apache.ki.session.Session;
-
-import org.ki.web.servlet.JSecurityHttpSession;
-
-import javax.servlet.http.HttpSession;
import java.io.Serializable;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
+import javax.servlet.http.HttpSession;
+
+import org.apache.ki.session.InvalidSessionException;
+import org.apache.ki.session.Session;
+import org.apache.ki.web.servlet.JSecurityHttpSession;
/**
* TODO class JavaDoc
diff --git a/web/src/org/ki/web/session/WebSessionManager.java b/web/src/org/apache/ki/web/session/WebSessionManager.java
similarity index 97%
rename from web/src/org/ki/web/session/WebSessionManager.java
rename to web/src/org/apache/ki/web/session/WebSessionManager.java
index 4019c0a..a032f27 100644
--- a/web/src/org/ki/web/session/WebSessionManager.java
+++ b/web/src/org/apache/ki/web/session/WebSessionManager.java
@@ -16,14 +16,14 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.session;
-
-import org.apache.ki.session.Session;
-import org.apache.ki.session.mgt.SessionManager;
+package org.apache.ki.web.session;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import org.apache.ki.session.Session;
+import org.apache.ki.session.mgt.SessionManager;
+
/**
* A <code>WebSessionManager</code> is a <code>SessionManager</code> that has the ability to obtain
diff --git a/web/src/org/ki/web/tags/AuthenticatedTag.java b/web/src/org/apache/ki/web/tags/AuthenticatedTag.java
similarity index 98%
rename from web/src/org/ki/web/tags/AuthenticatedTag.java
rename to web/src/org/apache/ki/web/tags/AuthenticatedTag.java
index 05c7652..5749f5f 100644
--- a/web/src/org/ki/web/tags/AuthenticatedTag.java
+++ b/web/src/org/apache/ki/web/tags/AuthenticatedTag.java
@@ -16,13 +16,14 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
+
+import javax.servlet.jsp.JspException;
+import javax.servlet.jsp.tagext.TagSupport;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import javax.servlet.jsp.JspException;
-import javax.servlet.jsp.tagext.TagSupport;
/**
* JSP tag that renders the tag body only if the current user has executed a <b>successful</b> authentication attempt
diff --git a/web/src/org/ki/web/tags/GuestTag.java b/web/src/org/apache/ki/web/tags/GuestTag.java
similarity index 98%
rename from web/src/org/ki/web/tags/GuestTag.java
rename to web/src/org/apache/ki/web/tags/GuestTag.java
index bcf81fe..af7889e 100644
--- a/web/src/org/ki/web/tags/GuestTag.java
+++ b/web/src/org/apache/ki/web/tags/GuestTag.java
@@ -16,13 +16,14 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
+
+import javax.servlet.jsp.JspException;
+import javax.servlet.jsp.tagext.TagSupport;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import javax.servlet.jsp.JspException;
-import javax.servlet.jsp.tagext.TagSupport;
/**
* JSP tag that renders the tag body if the current user <em>is not</em> known to the system, either because they
diff --git a/web/src/org/ki/web/tags/HasAnyRolesTag.java b/web/src/org/apache/ki/web/tags/HasAnyRolesTag.java
similarity index 97%
rename from web/src/org/ki/web/tags/HasAnyRolesTag.java
rename to web/src/org/apache/ki/web/tags/HasAnyRolesTag.java
index 0088110..9cbb98f 100644
--- a/web/src/org/ki/web/tags/HasAnyRolesTag.java
+++ b/web/src/org/apache/ki/web/tags/HasAnyRolesTag.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
import org.apache.ki.subject.Subject;
diff --git a/web/src/org/ki/web/tags/HasPermissionTag.java b/web/src/org/apache/ki/web/tags/HasPermissionTag.java
similarity index 96%
rename from web/src/org/ki/web/tags/HasPermissionTag.java
rename to web/src/org/apache/ki/web/tags/HasPermissionTag.java
index 9e632c0..3e92890 100644
--- a/web/src/org/ki/web/tags/HasPermissionTag.java
+++ b/web/src/org/apache/ki/web/tags/HasPermissionTag.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
/**
* @author Les Hazlewood
diff --git a/web/src/org/ki/web/tags/HasRoleTag.java b/web/src/org/apache/ki/web/tags/HasRoleTag.java
similarity index 96%
rename from web/src/org/ki/web/tags/HasRoleTag.java
rename to web/src/org/apache/ki/web/tags/HasRoleTag.java
index 418e9ac..76c253b 100644
--- a/web/src/org/ki/web/tags/HasRoleTag.java
+++ b/web/src/org/apache/ki/web/tags/HasRoleTag.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
/**
* @author Les Hazlewood
diff --git a/web/src/org/ki/web/tags/LacksPermissionTag.java b/web/src/org/apache/ki/web/tags/LacksPermissionTag.java
similarity index 96%
rename from web/src/org/ki/web/tags/LacksPermissionTag.java
rename to web/src/org/apache/ki/web/tags/LacksPermissionTag.java
index 6af74d9..2d2a068 100644
--- a/web/src/org/ki/web/tags/LacksPermissionTag.java
+++ b/web/src/org/apache/ki/web/tags/LacksPermissionTag.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
/**
* @author Les Hazlewood
diff --git a/web/src/org/ki/web/tags/LacksRoleTag.java b/web/src/org/apache/ki/web/tags/LacksRoleTag.java
similarity index 96%
rename from web/src/org/ki/web/tags/LacksRoleTag.java
rename to web/src/org/apache/ki/web/tags/LacksRoleTag.java
index 2df0d86..6bf8ccf 100644
--- a/web/src/org/ki/web/tags/LacksRoleTag.java
+++ b/web/src/org/apache/ki/web/tags/LacksRoleTag.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
/**
* @author Les Hazlewood
diff --git a/web/src/org/ki/web/tags/NotAuthenticatedTag.java b/web/src/org/apache/ki/web/tags/NotAuthenticatedTag.java
similarity index 93%
rename from web/src/org/ki/web/tags/NotAuthenticatedTag.java
rename to web/src/org/apache/ki/web/tags/NotAuthenticatedTag.java
index 5bf6a3c..4637e7f 100644
--- a/web/src/org/ki/web/tags/NotAuthenticatedTag.java
+++ b/web/src/org/apache/ki/web/tags/NotAuthenticatedTag.java
@@ -16,19 +16,20 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
+
+import javax.servlet.jsp.JspException;
+import javax.servlet.jsp.tagext.TagSupport;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import javax.servlet.jsp.JspException;
-import javax.servlet.jsp.tagext.TagSupport;
/**
* JSP tag that renders the tag body only if the current user has <em>not</em> executed a successful authentication
* attempt <em>during their current session</em>.
*
- * <p>The logically opposite tag of this one is the {@link AuthenticatedTag}.
+ * <p>The logically opposite tag of this one is the {@link org.apache.ki.web.tags.AuthenticatedTag}.
*
* @author Jeremy Haile
* @since 0.2
diff --git a/web/src/org/ki/web/tags/PermissionTag.java b/web/src/org/apache/ki/web/tags/PermissionTag.java
similarity index 98%
rename from web/src/org/ki/web/tags/PermissionTag.java
rename to web/src/org/apache/ki/web/tags/PermissionTag.java
index 37b62b7..dadfbd7 100644
--- a/web/src/org/ki/web/tags/PermissionTag.java
+++ b/web/src/org/apache/ki/web/tags/PermissionTag.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
diff --git a/web/src/org/ki/web/tags/PrincipalTag.java b/web/src/org/apache/ki/web/tags/PrincipalTag.java
similarity index 99%
rename from web/src/org/ki/web/tags/PrincipalTag.java
rename to web/src/org/apache/ki/web/tags/PrincipalTag.java
index b14a01d..4043129 100644
--- a/web/src/org/ki/web/tags/PrincipalTag.java
+++ b/web/src/org/apache/ki/web/tags/PrincipalTag.java
@@ -16,17 +16,17 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import javax.servlet.jsp.JspException;
-import javax.servlet.jsp.JspTagException;
import java.beans.BeanInfo;
import java.beans.Introspector;
import java.beans.PropertyDescriptor;
import java.io.IOException;
+import javax.servlet.jsp.JspException;
+import javax.servlet.jsp.JspTagException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
/**
* <p>Tag used to print out the String value of a user's default principal,
diff --git a/web/src/org/ki/web/tags/RoleTag.java b/web/src/org/apache/ki/web/tags/RoleTag.java
similarity index 97%
rename from web/src/org/ki/web/tags/RoleTag.java
rename to web/src/org/apache/ki/web/tags/RoleTag.java
index af549fd..16c99f1 100644
--- a/web/src/org/ki/web/tags/RoleTag.java
+++ b/web/src/org/apache/ki/web/tags/RoleTag.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
diff --git a/web/src/org/ki/web/tags/SecureTag.java b/web/src/org/apache/ki/web/tags/SecureTag.java
similarity index 97%
rename from web/src/org/ki/web/tags/SecureTag.java
rename to web/src/org/apache/ki/web/tags/SecureTag.java
index 7a0b58a..a95437e 100644
--- a/web/src/org/ki/web/tags/SecureTag.java
+++ b/web/src/org/apache/ki/web/tags/SecureTag.java
@@ -16,16 +16,17 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.ki.SecurityUtils;
-import org.apache.ki.subject.Subject;
+package org.apache.ki.web.tags;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.apache.ki.SecurityUtils;
+import org.apache.ki.subject.Subject;
+
/**
* @author Les Hazlewood
* @since 0.1
diff --git a/web/src/org/ki/web/tags/UserTag.java b/web/src/org/apache/ki/web/tags/UserTag.java
similarity index 90%
rename from web/src/org/ki/web/tags/UserTag.java
rename to web/src/org/apache/ki/web/tags/UserTag.java
index a30a6d1..c7399fd 100644
--- a/web/src/org/ki/web/tags/UserTag.java
+++ b/web/src/org/apache/ki/web/tags/UserTag.java
@@ -16,13 +16,13 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.ki.web.tags;
+package org.apache.ki.web.tags;
+
+import javax.servlet.jsp.JspException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import javax.servlet.jsp.JspException;
-import javax.servlet.jsp.tagext.TagSupport;
/**
* JSP tag that renders the tag body if the current user known to the system, either from a successful login attempt
@@ -34,7 +34,7 @@
* guarantees that the current user has logged in <em>during their current session</em>, proving they really are
* who they say they are.
*
- * <p>The logically opposite tag of this one is the {@link GuestTag}.
+ * <p>The logically opposite tag of this one is the {@link org.apache.ki.web.tags.GuestTag}.
*
* @author Les Hazlewood
* @since 0.9
@@ -51,13 +51,13 @@
log.trace("Subject has known identity (aka 'principal'). " +
"Tag body will be evaluated.");
}
- return TagSupport.EVAL_BODY_INCLUDE;
+ return EVAL_BODY_INCLUDE;
} else {
if (log.isTraceEnabled()) {
log.trace("Subject does not exist or have a known identity (aka 'principal'). " +
"Tag body will not be evaluated.");
}
- return TagSupport.SKIP_BODY;
+ return SKIP_BODY;
}
}
diff --git a/web/src/org/ki/web/tags/jsecurity.tld b/web/src/org/apache/ki/web/tags/jsecurity.tld
similarity index 88%
rename from web/src/org/ki/web/tags/jsecurity.tld
rename to web/src/org/apache/ki/web/tags/jsecurity.tld
index a95ccb7..d963df5 100644
--- a/web/src/org/ki/web/tags/jsecurity.tld
+++ b/web/src/org/apache/ki/web/tags/jsecurity.tld
@@ -34,7 +34,7 @@
<tag>
<name>hasPermission</name>
- <tag-class>org.ki.web.tags.HasPermissionTag</tag-class>
+ <tag-class>org.apache.ki.web.tags.HasPermissionTag</tag-class>
<body-content>JSP</body-content>
<description>Displays body content only if the current Subject (user)
'has' (implies) the specified permission (i.e the user has the specified ability).
@@ -48,7 +48,7 @@
<tag>
<name>lacksPermission</name>
- <tag-class>org.ki.web.tags.LacksPermissionTag</tag-class>
+ <tag-class>org.apache.ki.web.tags.LacksPermissionTag</tag-class>
<body-content>JSP</body-content>
<description>Displays body content only if the current Subject (user) does
NOT have (not imply) the specified permission (i.e. the user lacks the specified ability)
@@ -62,7 +62,7 @@
<tag>
<name>hasRole</name>
- <tag-class>org.ki.web.tags.HasRoleTag</tag-class>
+ <tag-class>org.apache.ki.web.tags.HasRoleTag</tag-class>
<body-content>JSP</body-content>
<description>Displays body content only if the current user has the specified role.</description>
<attribute>
@@ -75,7 +75,7 @@
<tag>
<name>hasAnyRoles</name>
- <tag-class>org.ki.web.tags.HasAnyRolesTag</tag-class>
+ <tag-class>org.apache.ki.web.tags.HasAnyRolesTag</tag-class>
<body-content>JSP</body-content>
<description>Displays body content only if the current user has one of the specified roles from a
comma-separated list of role names.
@@ -89,7 +89,7 @@
<tag>
<name>lacksRole</name>
- <tag-class>org.ki.web.tags.LacksRoleTag</tag-class>
+ <tag-class>org.apache.ki.web.tags.LacksRoleTag</tag-class>
<body-content>JSP</body-content>
<description>Displays body content only if the current user does NOT have the specified role
(i.e. they explicitly lack the specified role)
@@ -103,7 +103,7 @@
<tag>
<name>authenticated</name>
- <tag-class>org.ki.web.tags.AuthenticatedTag</tag-class>
+ <tag-class>org.apache.ki.web.tags.AuthenticatedTag</tag-class>
<body-content>JSP</body-content>
<description>Displays body content only if the current user has successfully authenticated
_during their current session_. It is more restrictive than the 'user' tag.
@@ -113,7 +113,7 @@
<tag>
<name>notAuthenticated</name>
- <tag-class>org.ki.web.tags.NotAuthenticatedTag</tag-class>
+ <tag-class>org.apache.ki.web.tags.NotAuthenticatedTag</tag-class>
<body-content>JSP</body-content>
<description>Displays body content only if the current user has NOT succesfully authenticated
_during their current session_. It is logically opposite to the 'authenticated' tag.
@@ -122,7 +122,7 @@
<tag>
<name>user</name>
- <tag-class>org.ki.web.tags.UserTag</tag-class>
+ <tag-class>org.apache.ki.web.tags.UserTag</tag-class>
<body-content>JSP</body-content>
<description>Displays body content only if the current Subject has a known identity, either
from a previous login or from 'RememberMe' services. Note that this is semantically different
@@ -133,7 +133,7 @@
<tag>
<name>guest</name>
- <tag-class>org.ki.web.tags.GuestTag</tag-class>
+ <tag-class>org.apache.ki.web.tags.GuestTag</tag-class>
<body-content>JSP</body-content>
<description>Displays body content only if the current Subject IS NOT known to the system, either
because they have not logged in or they have no corresponding 'RememberMe' identity. It is logically
@@ -143,7 +143,7 @@
<tag>
<name>principal</name>
- <tag-class>org.ki.web.tags.PrincipalTag</tag-class>
+ <tag-class>org.apache.ki.web.tags.PrincipalTag</tag-class>
<body-content>JSP</body-content>
<description>Displays the user's principal or a property of the user's principal.</description>
<attribute>
diff --git a/web/src/org/ki/web/attr/package-info.java b/web/src/org/ki/web/attr/package-info.java
index 663c627..913b117 100644
--- a/web/src/org/ki/web/attr/package-info.java
+++ b/web/src/org/ki/web/attr/package-info.java
@@ -17,7 +17,7 @@
* under the License.
*/
/**
- * Supporting implementation of JSecurity's concept of a {@link org.ki.web.attr.WebAttribute WebAttribute}, a
+ * Supporting implementation of JSecurity's concept of a {@link org.apache.ki.web.attr.WebAttribute WebAttribute}, a
* component that can save and recall an object beyond transient requests.
*/
package org.ki.web.attr;
\ No newline at end of file
diff --git a/web/test/org/ki/web/DefaultWebSecurityManagerTest.java b/web/test/org/ki/web/DefaultWebSecurityManagerTest.java
index 99231ab..93045ab 100644
--- a/web/test/org/ki/web/DefaultWebSecurityManagerTest.java
+++ b/web/test/org/ki/web/DefaultWebSecurityManagerTest.java
@@ -18,11 +18,13 @@
*/
package org.ki.web;
-import org.apache.ki.util.ThreadContext;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
+import org.apache.ki.util.ThreadContext;
+import org.apache.ki.web.DefaultWebSecurityManager;
+
/**
* @author Les Hazlewood
* @since 0.9
diff --git a/web/test/org/ki/web/WebRememberMeManagerTest.java b/web/test/org/ki/web/WebRememberMeManagerTest.java
index 88d58b6..e20af89 100644
--- a/web/test/org/ki/web/WebRememberMeManagerTest.java
+++ b/web/test/org/ki/web/WebRememberMeManagerTest.java
@@ -18,20 +18,21 @@
*/
package org.ki.web;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
import static org.easymock.EasyMock.*;
+import static org.junit.Assert.assertTrue;
+import org.junit.Test;
+
import org.apache.ki.authc.AuthenticationInfo;
import org.apache.ki.authc.SimpleAuthenticationInfo;
import org.apache.ki.authc.UsernamePasswordToken;
import org.apache.ki.subject.PrincipalCollection;
-
import org.apache.ki.subject.SimplePrincipalCollection;
-
-import static org.junit.Assert.assertTrue;
-import org.junit.Test;
-
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import org.apache.ki.web.WebRememberMeManager;
+import org.apache.ki.web.WebUtils;
/**
* TODO - class javadoc
diff --git a/web/test/org/ki/web/attr/CookieAttributeTest.java b/web/test/org/ki/web/attr/CookieAttributeTest.java
index a055092..24b3ce8 100644
--- a/web/test/org/ki/web/attr/CookieAttributeTest.java
+++ b/web/test/org/ki/web/attr/CookieAttributeTest.java
@@ -18,15 +18,18 @@
*/
package org.ki.web.attr;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
import junit.framework.TestCase;
import static org.easymock.EasyMock.*;
import org.easymock.IArgumentMatcher;
import org.junit.Before;
import org.junit.Test;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import org.apache.ki.web.attr.CookieAttribute;
+
/**
* @author Les Hazlewood
diff --git a/web/test/org/ki/web/servlet/JSecurityFilterTest.java b/web/test/org/ki/web/servlet/JSecurityFilterTest.java
index 44e0a94..6156817 100644
--- a/web/test/org/ki/web/servlet/JSecurityFilterTest.java
+++ b/web/test/org/ki/web/servlet/JSecurityFilterTest.java
@@ -18,11 +18,14 @@
*/
package org.ki.web.servlet;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletContext;
+
import static org.easymock.EasyMock.*;
import org.junit.Test;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletContext;
+import org.apache.ki.web.servlet.JSecurityFilter;
+
/**
* @author Les Hazlewood
