root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 8 Packages Projects Releases Wiki Activity

SEC-239: New ACL module.

This commit is contained in:
Ben Alex 2006-11-17 02:29:28 +00:00
parent 44cae6b2ee
commit 3e3db43b37
9 changed files with 43 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
samples/contacts-tiger/src/main/webapp/common/WEB-INF/contacts-servlet.xml
View File

@ -29,12 +29,12 @@
<bean id="adminPermissionController" class="sample.contact.AdminPermissionController"> <bean id="adminPermissionController" class="sample.contact.AdminPermissionController">
<property name="contactManager"><ref bean="contactManager"/></property> <property name="contactManager"><ref bean="contactManager"/></property>
<property name="aclManager"><ref bean="aclManager"/></property> <property name="aclService"><ref bean="aclService"/></property>
</bean> </bean>
<bean id="deletePermissionController" class="sample.contact.DeletePermissionController"> <bean id="deletePermissionController" class="sample.contact.DeletePermissionController">
<property name="contactManager"><ref bean="contactManager"/></property> <property name="contactManager"><ref bean="contactManager"/></property>
<property name="aclManager"><ref bean="aclManager"/></property> <property name="aclService"><ref bean="aclService"/></property>
</bean> </bean>
<bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"> <bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">

17
samples/contacts-tiger/src/main/webapp/common/WEB-INF/jsp/adminPermission.jsp
View File

@ -1,4 +1,3 @@
<%@ page import="net.sf.acegisecurity.acl.basic.SimpleAclEntry" %>
<%@ include file="/WEB-INF/jsp/include.jsp" %> <%@ include file="/WEB-INF/jsp/include.jsp" %>
<html> <html>
@ -11,27 +10,17 @@
</code> </code>
<P> <P>
<table cellpadding=3 border=0> <table cellpadding=3 border=0>
<c:forEach var="acl" items="${model.acls}"> <c:forEach var="acl" items="${model.acl.entries}">
<c:if test="${acl.class.name eq 'net.sf.acegisecurity.acl.basic.SimpleAclEntry'}">
<tr> <tr>
<td> <td>
<code> <code>
<% <c:out value="${acl}"/>
SimpleAclEntry simpleAcl = ((SimpleAclEntry) pageContext.getAttribute("acl"));
String permissionBlock = simpleAcl.printPermissionsBlock();
%>
<%= permissionBlock %>
[<c:out value="${acl.mask}"/>]
<c:out value="${acl.recipient}"/>
</code> </code>
</td> </td>
<td> <td>
<!-- This application doesn't use ACL inheritance, so we can safely use <A HREF="<c:url value="deletePermission.htm"><c:param name="contactId" value="${model.contact.id}"/><c:param name="sid" value="${acl.sid.principal}"/><c:param name="permission" value="${acl.permission.mask}"/></c:url>">Del</A>
the model's contact and know it was directly assigned the ACL -->
<A HREF="<c:url value="deletePermission.htm"><c:param name="contactId" value="${model.contact.id}"/><c:param name="recipient" value="${acl.recipient}"/></c:url>">Del</A>
</td> </td>
</tr> </tr>
</c:if>
</c:forEach> </c:forEach>
</table> </table>
<p><a href="<c:url value="addPermission.htm"><c:param name="contactId" value="${model.contact.id}"/></c:url>">Add Permission</a> <a href="<c:url value="index.htm"/>">Manage</a> <p><a href="<c:url value="addPermission.htm"><c:param name="contactId" value="${model.contact.id}"/></c:url>">Add Permission</a> <a href="<c:url value="index.htm"/>">Manage</a>

6
samples/contacts-tiger/src/main/webapp/common/WEB-INF/jsp/deletePermission.jsp
View File

@ -1,4 +1,3 @@
<%@ page import="net.sf.acegisecurity.acl.basic.SimpleAclEntry" %>
<%@ include file="/WEB-INF/jsp/include.jsp" %> <%@ include file="/WEB-INF/jsp/include.jsp" %>
<html> <html>
@ -11,7 +10,10 @@
</code> </code>
<P> <P>
<code> <code>
<c:out value="${model.recipient}"/> <c:out value="${model.sid}"/>
</code>
<code>
<c:out value="${model.permission}"/>
</code> </code>
<p><a href="<c:url value="index.htm"/>">Manage</a> <p><a href="<c:url value="index.htm"/>">Manage</a>
</body> </body>

2
samples/contacts-tiger/src/main/webapp/common/WEB-INF/jsp/include.jsp
View File

@ -1,5 +1,5 @@
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %> <%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="authz" uri="http://acegisecurity.sf.net/authz" %> <%@ taglib prefix="authz" uri="http://acegisecurity.org/authz" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core" %> <%@ taglib prefix="c" uri="http://java.sun.com/jstl/core" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jstl/fmt" %> <%@ taglib prefix="fmt" uri="http://java.sun.com/jstl/fmt" %>

12
samples/contacts-tiger/src/main/webapp/common/WEB-INF/jsp/index.jsp
View File

@ -3,7 +3,7 @@
<html> <html>
<head><title>Your Contacts</title></head> <head><title>Your Contacts</title></head>
<body> <body>
<h1><authz:authentication operation="principal"/>'s Contacts</h1> <h1><authz:authentication operation="username"/>'s Contacts</h1>
<P> <P>
<table cellpadding=3 border=0> <table cellpadding=3 border=0>
<tr><td><b>id</b></td><td><b>Name</b></td><td><b>Email</b></td></tr> <tr><td><b>id</b></td><td><b>Name</b></td><td><b>Email</b></td></tr>
@ -18,15 +18,15 @@
<td> <td>
<c:out value="${contact.email}"/> <c:out value="${contact.email}"/>
</td> </td>
<authz:acl domainObject="${contact}" hasPermission="16,1"> <authz:accesscontrollist domainObject="${contact}" hasPermission="8,16">
<td><A HREF="<c:url value="del.htm"><c:param name="contactId" value="${contact.id}"/></c:url>">Del</A></td> <td><A HREF="<c:url value="del.htm"><c:param name="contactId" value="${contact.id}"/></c:url>">Del</A></td>
</authz:acl> </authz:accesscontrollist>
<authz:acl domainObject="${contact}" hasPermission="1"> <authz:accesscontrollist domainObject="${contact}" hasPermission="16">
<td><A HREF="<c:url value="adminPermission.htm"><c:param name="contactId" value="${contact.id}"/></c:url>">Admin Permission</A></td> <td><A HREF="<c:url value="adminPermission.htm"><c:param name="contactId" value="${contact.id}"/></c:url>">Admin Permission</A></td>
</authz:acl> </authz:accesscontrollist>
</tr> </tr>
</c:forEach> </c:forEach>
</table> </table>
<p><a href="<c:url value="add.htm"/>">Add</a> <p><a href="<c:url value="../logoff.jsp"/>">Logoff</a> (also clears any remember-me cookie) <p><a href="<c:url value="add.htm"/>">Add</a> <p><a href="<c:url value="../j_acegi_logout"/>">Logoff</a> (also clears any remember-me cookie)
</body> </body>
</html> </html>

32
samples/contacts-tiger/src/main/webapp/filter/accessDenied.jsp
View File

@ -1,16 +1,16 @@
<%@ page import="org.acegisecurity.context.SecurityContextHolder" %> <%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
<%@ page import="org.acegisecurity.Authentication" %> <%@ page import="org.acegisecurity.Authentication" %>
<%@ page import="org.acegisecurity.ui.AccessDeniedHandlerImpl" %> <%@ page import="org.acegisecurity.ui.AccessDeniedHandlerImpl" %>
<h1>Sorry, access is denied</h1> <h1>Sorry, access is denied</h1>
<p> <p>
<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%> <%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
<p> <p>
<% Authentication auth = SecurityContextHolder.getContext().getAuthentication(); <% Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null) { %> if (auth != null) { %>
Authentication object as a String: <%= auth.toString() %><BR><BR> Authentication object as a String: <%= auth.toString() %><BR><BR>
<% } %> <% } %>

6
samples/contacts-tiger/src/main/webapp/filter/acegilogin.jsp
View File

@ -1,7 +1,7 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %> <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %> <%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %> <%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="net.sf.acegisecurity.AuthenticationException" %> <%@ page import="org.acegisecurity.AuthenticationException" %>
<html> <html>
<head> <head>

10
samples/contacts-tiger/src/main/webapp/filter/exitUser.jsp
View File

@ -1,10 +1,10 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %> <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<%@ page import="net.sf.acegisecurity.context.SecurityContextHolder" %> <%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
<%@ page import="net.sf.acegisecurity.Authentication" %> <%@ page import="org.acegisecurity.Authentication" %>
<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %> <%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %> <%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="net.sf.acegisecurity.AuthenticationException" %> <%@ page import="org.acegisecurity.AuthenticationException" %>
<html> <html>
<head> <head>

6
samples/contacts-tiger/src/main/webapp/filter/switchUser.jsp
View File

@ -1,7 +1,7 @@
<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %> <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %> <%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %> <%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="net.sf.acegisecurity.AuthenticationException" %> <%@ page import="org.acegisecurity.AuthenticationException" %>
<html> <html>
<head> <head>