Versions Compared

Old Version 14

changes.mady.by.user Unknown User (hcunico@gmail.com)

Saved on

compared with

New Version 15

changes.mady.by.user Unknown User (hcunico@gmail.com)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
xml
xml
borderStylesolid
titlegeronimo-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app
    xmlns="http://geronimo.apache.org/xml/ns/web"
    xmlns:sec="http://geronimo.apache.org/xml/ns/security"
    configId="org/apache/geronimo/ldap-secure-demo"
    parentId="org/apache/geronimo/ldap-secure">
    <context-root>/ldap-demo</context-root>
    <context-priority-classloader>false</context-priority-classloader>
    <security-realm-name>ldap-realm</security-realm-name>
    <security>
        <default-principal realm-name="ldap-realm">
            <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
        </default-principal>
        <role-mappings>
            <role role-name="content-administrator">
                <realm realm-name="ldap-realm">
                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
                </realm>
            </role>
            <role role-name="guest">
                <realm realm-name="ldap-realm">
                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="guest" designated-run-as="true"/>
                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="user1"/>
                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="user2"/>
                </realm>
            </role>
        </role-mappings>
    </security>
</web-app>

The web.xml deployment descriptor shown in the following example add security constraints based on the location of the files.

Code Block
xml
xml
borderStylesolid
titleweb.xml

<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
         version="2.4">

    <welcome-file-list>
        <welcome-file>index.html</welcome-file>
    </welcome-file-list>

    <security-constraint>
      <web-resource-collection>
        <web-resource-name>Admin Role</web-resource-name>
        <url-pattern>/protect/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
        <role-name>content-administrator</role-name>
      </auth-constraint>
    </security-constraint>
    
    <security-constraint>
      <web-resource-collection>
        <web-resource-name>No Access</web-resource-name>
        <url-pattern>/forbidden/*</url-pattern>
      </web-resource-collection>
      <auth-constraint/>
    </security-constraint>

    <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>MYREALM</realm-name>
      <form-login-config>
         <form-login-page>/auth/logon.html?param=test</form-login-page>
         <form-error-page>/auth/logonError.html?param=test</form-error-page>
      </form-login-config>
    </login-config>

  <security-role>
      <role-name>content-administrator</role-name>
  </security-role>

</web-app>

Package the sample application

...