You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@rave.apache.org by ja...@apache.org on 2012/03/09 11:43:02 UTC

svn commit: r1298784 - in /incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF: applicationContext-security.xml web.xml

Author: jasha
Date: Fri Mar  9 10:43:02 2012
New Revision: 1298784

URL: http://svn.apache.org/viewvc?rev=1298784&view=rev
Log:
Login page is now handled by a controller instead of directly going to a JSP (related to RAVE-411)

Modified:
    incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF/applicationContext-security.xml
    incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF/web.xml

Modified: incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF/applicationContext-security.xml
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF/applicationContext-security.xml?rev=1298784&r1=1298783&r2=1298784&view=diff
==============================================================================
--- incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF/applicationContext-security.xml (original)
+++ incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF/applicationContext-security.xml Fri Mar  9 10:43:02 2012
@@ -27,22 +27,25 @@
        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
           http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
 
-   <security:http pattern="/login.jsp*" security="none"/>
    <security:http auto-config="true" use-expressions="true" disable-url-rewriting="true">
-    <security:intercept-url pattern="/newaccount.jsp*" access="permitAll"/>
-    <security:intercept-url pattern="/app/newaccount*" access="permitAll"/>
-    <security:intercept-url pattern="/css/**" access="permitAll"/>
-    <security:intercept-url pattern="/images/**" access="permitAll"/>
-    <security:intercept-url pattern="/script/**" access="permitAll"/>
-    <security:intercept-url pattern="/app/admin/**" access="hasRole('ROLE_ADMIN')"/>
-    <!-- all urls must be authenticated -->
+     <security:intercept-url pattern="/login" access="permitAll"/>
+     <security:intercept-url pattern="/newaccount.jsp*" access="permitAll"/>
+     <security:intercept-url pattern="/app/newaccount*" access="permitAll"/>
+     <security:intercept-url pattern="/app/newpassword/**" access="permitAll"/>
+     <security:intercept-url pattern="/app/retrieveusername/**" access="permitAll"/>
+     <security:intercept-url pattern="/app/changepassword/**" access="permitAll"/>
+     <security:intercept-url pattern="/app/messagebundle/*.js" access="permitAll"/>
+     <security:intercept-url pattern="/css/**" access="permitAll"/>
+     <security:intercept-url pattern="/images/**" access="permitAll"/>
+     <security:intercept-url pattern="/script/**" access="permitAll"/>
+     <security:intercept-url pattern="/app/admin/**" access="hasRole('ROLE_ADMIN')"/>    <!-- all urls must be authenticated -->
     <security:intercept-url pattern="/**" access="hasAnyRole('ROLE_USER','ROLE_ADMIN')"/>
 
 
     <!-- Set the user service ref here to the implementation you want to use.  The name is
        defined in the @Service annotation of the corresponding service source code.
     -->
-    <security:openid-login user-service-ref="customUserService" authentication-failure-url="/login.jsp?authfail=openid">
+    <security:openid-login user-service-ref="customUserService" authentication-failure-url="/login?authfail=openid">
       <security:attribute-exchange>
         <!-- Supported by MyOpenID.com -->
         <security:openid-attribute name="firstName" type="http://schema.openid.net/namePerson/first"/>
@@ -50,7 +53,7 @@
         <security:openid-attribute name="email" type="http://schema.openid.net/contact/email" required="true"/>
       </security:attribute-exchange>
     </security:openid-login>
-    <security:form-login login-page="/login.jsp" authentication-failure-url="/login.jsp?authfail=form"/>
+     <security:form-login login-page="/login" default-target-url="/" authentication-failure-url="/login?authfail=form" />
     <security:logout/>
   </security:http>
 

Modified: incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF/web.xml?rev=1298784&r1=1298783&r2=1298784&view=diff
==============================================================================
--- incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF/web.xml (original)
+++ incubator/rave/sandbox/rave-extensions/rave-vanilla-extension/rave-vanilla-extension-portal/src/main/webapp/WEB-INF/web.xml Fri Mar  9 10:43:02 2012
@@ -62,10 +62,17 @@
         <servlet-name>dispatcher</servlet-name>
         <url-pattern>/index.html</url-pattern>
     </servlet-mapping>
+    <servlet-mapping>
+        <servlet-name>dispatcher</servlet-name>
+        <url-pattern>/login</url-pattern>
+    </servlet-mapping>
 
     <welcome-file-list>
         <welcome-file>index.html</welcome-file>
     </welcome-file-list>
 
-
+    <error-page>
+        <exception-type>java.lang.Throwable</exception-type>
+        <location>/WEB-INF/jsp/views/error.jsp</location>
+    </error-page>
 </web-app>