Refactoring and commenting XSL
This commit is contained in:
Luke Taylor
parent
3e4a29eae9
commit
a2bc398915
|
|
@ -5,20 +5,25 @@
|
|||
| $Id$
|
||||
-->
|
||||
|
||||
|
||||
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
|
||||
|
||||
<xsl:output doctype-public="-//SPRING//DTD BEAN//EN"
|
||||
doctype-system="http://www.springframework.org/dtd/spring-beans.dtd"
|
||||
indent="yes"/>
|
||||
|
||||
<!-- Variables for case conversions -->
|
||||
<xsl:variable name="lowercase" select="'abcdefghijklmnopqrstuvwxyz'"/>
|
||||
<xsl:variable name="uppercase" select="'ABCDEFGHIJKLMNOPQRSTUVWXYZ'"/>
|
||||
|
||||
<xsl:variable name="welcome-files" select="web-app/welcome-file-list/welcome-file"/>
|
||||
<!-- convert the auth-method content to upper case -->
|
||||
|
||||
<!-- Convert the auth-method content to upper case -->
|
||||
<xsl:variable name="auth-method" select="translate(string(web-app/login-config/auth-method), $lowercase, $uppercase)"/>
|
||||
|
||||
<!--
|
||||
| Find the security-role elements in the file and uses them to build a list of
|
||||
| all defined roles.
|
||||
-->
|
||||
<xsl:variable name="all-roles">
|
||||
<xsl:for-each select="web-app/security-role/role-name">
|
||||
<xsl:text>ROLE_</xsl:text>
|
||||
|
|
@ -27,7 +32,9 @@
|
|||
</xsl:for-each>
|
||||
</xsl:variable>
|
||||
|
||||
<!-- The list of filters for use in filterToBeanProxy -->
|
||||
<!--
|
||||
| The list of filters for use in filterToBeanProxy
|
||||
-->
|
||||
<xsl:variable name="filter-list">
|
||||
<xsl:text>/**=httpSessionContextIntegrationFilter</xsl:text>
|
||||
<xsl:choose>
|
||||
|
|
@ -44,8 +51,9 @@
|
|||
<xsl:text>,rememberMeProcessingFilter,anonymousProcessingFilter,securityEnforcementFilter</xsl:text>
|
||||
</xsl:variable>
|
||||
|
||||
|
||||
|
||||
<!--
|
||||
| The main template (where the processing work starts)
|
||||
-->
|
||||
<xsl:template match = "web-app">
|
||||
|
||||
<beans>
|
||||
|
|
@ -57,6 +65,10 @@
|
|||
</beans>
|
||||
</xsl:template>
|
||||
|
||||
<!--
|
||||
| Mainly static set of beans. The InMemoryDaoImpl instance is created with a single user
|
||||
| called "superuser" who has all the defined roles in the web.xml file.
|
||||
-->
|
||||
<xsl:template name="authentication-beans">
|
||||
<xsl:comment>======================== AUTHENTICATION =======================</xsl:comment>
|
||||
|
||||
|
|
@ -110,9 +122,26 @@
|
|||
</bean>
|
||||
</xsl:template>
|
||||
|
||||
<!-- login configuration -->
|
||||
<!--
|
||||
| Processes the login-config definition and inserts the SecurityEnforcementFilter with
|
||||
| the appropriate beans for either form or basic authentication.
|
||||
-->
|
||||
<xsl:template match="login-config">
|
||||
<xsl:call-template name="security-enforcement-filter"/>
|
||||
|
||||
<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
|
||||
<property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
|
||||
<property name="authenticationEntryPoint">
|
||||
<xsl:choose>
|
||||
<xsl:when test="$auth-method = 'FORM'">
|
||||
<ref local="authenticationProcessingFilterEntryPoint"/>
|
||||
</xsl:when>
|
||||
<xsl:when test="$auth-method = 'BASIC'">
|
||||
<ref local="basicProcessingFilterEntryPoint"/>
|
||||
</xsl:when>
|
||||
</xsl:choose>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<xsl:choose>
|
||||
<xsl:when test="$auth-method = 'FORM'">
|
||||
<xsl:call-template name="form-login"/>
|
||||
|
|
@ -132,23 +161,29 @@
|
|||
</xsl:template>
|
||||
|
||||
<!--
|
||||
| Inserts the security enforcement filter bean with the appropriate entry point
|
||||
| (depending on whether FORM or BASIC authentication is selected in web.xml).
|
||||
| Converts a form login configuration to an Acegi AuthenticationProcessingFilter and its entry point.
|
||||
| The content of the form-login-page element is used for the loginFormUrl property of the entry point
|
||||
| and the form-error-page is used for the authenticationFailureUrl property of the filter.
|
||||
|
|
||||
| The user must manually change the form Url to "j_acegi_security_check" in their login page.
|
||||
-->
|
||||
<xsl:template name="security-enforcement-filter">
|
||||
<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
|
||||
<property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
|
||||
<property name="authenticationEntryPoint">
|
||||
<xsl:choose>
|
||||
<xsl:when test="$auth-method = 'FORM'">
|
||||
<ref local="authenticationProcessingFilterEntryPoint"/>
|
||||
</xsl:when>
|
||||
<xsl:when test="$auth-method = 'BASIC'">
|
||||
<ref local="basicProcessingFilterEntryPoint"/>
|
||||
</xsl:when>
|
||||
</xsl:choose>
|
||||
</property>
|
||||
<xsl:template name="form-login">
|
||||
<xsl:message>Processing form login configuration</xsl:message>
|
||||
<xsl:message>Remember to switch your login form action from "j_security_check" to "j_acegi_security_check"</xsl:message>
|
||||
|
||||
<bean id="authenticationProcessingFilter" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
|
||||
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
|
||||
<property name="authenticationFailureUrl"><value><xsl:value-of select="form-login-config/form-error-page"/></value></property>
|
||||
<property name="defaultTargetUrl"><value></value></property>
|
||||
<property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
|
||||
<property name="rememberMeServices"><ref local="rememberMeServices"/></property>
|
||||
</bean>
|
||||
|
||||
<bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
|
||||
<property name="loginFormUrl"><value><xsl:value-of select="form-login-config/form-login-page"/></value></property>
|
||||
<property name="forceHttps"><value>false</value></property>
|
||||
</bean>
|
||||
|
||||
</xsl:template>
|
||||
|
||||
<!--
|
||||
|
|
@ -171,32 +206,6 @@
|
|||
|
||||
</xsl:template>
|
||||
|
||||
<!--
|
||||
Converts a form login configuration to an Acegi AuthenticationProcessingFilter and its entry point.
|
||||
The content of the form-login-page element is used for the loginFormUrl property of the entry point
|
||||
and the form-error-page is used for the authenticationFailureUrl property of the filter.
|
||||
|
||||
The user must manually change the form Url to "j_acegi_security_check"
|
||||
-->
|
||||
<xsl:template name="form-login">
|
||||
<xsl:message>Processing form login configuration</xsl:message>
|
||||
<xsl:message>Remember to switch your login form action from "j_security_check" to "j_acegi_security_check"</xsl:message>
|
||||
|
||||
<bean id="authenticationProcessingFilter" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
|
||||
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
|
||||
<property name="authenticationFailureUrl"><value><xsl:value-of select="form-login-config/form-error-page"/></value></property>
|
||||
<property name="defaultTargetUrl"><value></value></property>
|
||||
<property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
|
||||
<property name="rememberMeServices"><ref local="rememberMeServices"/></property>
|
||||
</bean>
|
||||
|
||||
<bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
|
||||
<property name="loginFormUrl"><value><xsl:value-of select="form-login-config/form-login-page"/></value></property>
|
||||
<property name="forceHttps"><value>false</value></property>
|
||||
</bean>
|
||||
|
||||
</xsl:template>
|
||||
|
||||
<xsl:template name="filter-invocation-interceptor">
|
||||
<bean id="httpRequestAccessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
|
||||
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
|
||||
|
|
@ -207,7 +216,7 @@
|
|||
</property>
|
||||
</bean>
|
||||
|
||||
<!-- An access decision voter that reads ROLE_* configuration settings -->
|
||||
<xsl:comment>An access decision voter that reads ROLE_* configuration settings</xsl:comment>
|
||||
<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
|
||||
|
||||
<xsl:text>
</xsl:text>
|
||||
|
|
@ -229,6 +238,15 @@
|
|||
</bean>
|
||||
</xsl:template>
|
||||
|
||||
<!--
|
||||
| Converts a security-constraint (a url-pattern and the associated role-name elements)
|
||||
| to the form
|
||||
| antUrlPattern=list of allowed roles
|
||||
| Roles are converted to upper case and have the "ROLE_" prefix appended.
|
||||
|
|
||||
| In the case of role-name='*', signifying "any authenticated role", the complete list of roles
|
||||
| defined in the web.xml file is used.
|
||||
-->
|
||||
<xsl:template match="security-constraint">
|
||||
<xsl:value-of select="web-resource-collection/url-pattern"/>
|
||||
<xsl:text>=</xsl:text>
|
||||
|
|
@ -247,12 +265,4 @@
|
|||
<xsl:text>
</xsl:text>
|
||||
</xsl:template>
|
||||
|
||||
<xsl:template name="list-roles">
|
||||
<xsl:for-each select="security-role/role-name">
|
||||
<xsl:text>ROLE_</xsl:text>
|
||||
<xsl:value-of select="translate(string(), $lowercase, $uppercase)"/>
|
||||
<xsl:if test="position() != last()">,</xsl:if>
|
||||
</xsl:for-each>
|
||||
</xsl:template>
|
||||
|
||||
</xsl:stylesheet>
|
||||
|
|
|
|||
Loading…
Reference in New Issue