You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by tb...@apache.org on 2006/12/12 16:24:14 UTC
svn commit: r486187 [45/49] - in /directory/trunks/triplesec: ./ admin-api/
admin-api/src/ admin-api/src/main/ admin-api/src/main/java/
admin-api/src/main/java/org/ admin-api/src/main/java/org/safehaus/
admin-api/src/main/java/org/safehaus/triplesec/ a...
Added: directory/trunks/triplesec/webapp-demo/src/main/webapp/WEB-INF/99demo.ldif
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-demo/src/main/webapp/WEB-INF/99demo.ldif?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-demo/src/main/webapp/WEB-INF/99demo.ldif (added)
+++ directory/trunks/triplesec/webapp-demo/src/main/webapp/WEB-INF/99demo.ldif Tue Dec 12 07:23:31 2006
@@ -0,0 +1,434 @@
+# ----------------------------------------------------------------------------
+# Sample Hauskeys Users
+# ----------------------------------------------------------------------------
+
+dn: uid=mplanck, ou=Users, dc=example,dc=com
+cn: Max Planck
+sn: Planck
+givenName: Max
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: extensibleObject
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: mplanck
+krb5PrincipalName: mplanck@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: mplanck@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 666
+apacheSamType: 7
+safehausUid: mplanck
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 27304238
+safehausSecret:: aaaabbbbccccdddd
+safehausFailuresInEpoch: 0
+safehausResynchCount: -1
+safehausTokenPin: 1234
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=aeinstein, ou=Users, dc=example,dc=com
+cn: Albert Einstein
+sn: Einstein
+givenName: Albert
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: extensibleObject
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: aeinstein
+krb5PrincipalName: aeinstein@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: aeinstein@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 666
+apacheSamType: 7
+safehausUid: aeinstein
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 8745127341
+safehausSecret:: eeeeffffgggghhhh
+safehausFailuresInEpoch: 0
+safehausResynchCount: -1
+safehausTokenPin: 1234
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=nbohr, ou=Users, dc=example,dc=com
+cn: Neils Bohr
+sn: Bohr
+givenName: Neils
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: extensibleObject
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: nbohr
+krb5PrincipalName: nbohr@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: nbohr@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 666
+apacheSamType: 7
+safehausUid: nbohr
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 8745127341
+safehausSecret:: iiiijjjjkkkkllll
+safehausFailuresInEpoch: 0
+safehausResynchCount: -1
+safehausTokenPin: 1234
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+# ----------------------------------------------------------------------------
+# Sample Local Users (not 2-factor)
+# ----------------------------------------------------------------------------
+
+dn: uid=mborn, ou=Users, dc=example,dc=com
+cn: Max Born
+sn: Born
+givenName: Max
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: mborn
+krb5PrincipalName: mborn@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: mborn@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 667
+safehausUid: mborn
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 917483720127847
+safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^*
+safehausFailuresInEpoch: 0
+safehausTokenPin: 1234
+safehausResynchCount: -1
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=wpauli, ou=Users, dc=example,dc=com
+cn: Wolfgang Pauli
+sn: Pauli
+givenName: Wolfgang
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: wpauli
+krb5PrincipalName: wpauli@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: wpauli@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 667
+safehausUid: wpauli
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 917483720127847
+safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^*
+safehausFailuresInEpoch: 0
+safehausTokenPin: 1234
+safehausResynchCount: -1
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=mcurie, ou=Users, dc=example,dc=com
+cn: Marie Curie
+sn: Curie
+givenName: Marie
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: mcurie
+krb5PrincipalName: mcurie@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: mcurie@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 667
+safehausUid: mcurie
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 917483720127847
+safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^*
+safehausFailuresInEpoch: 0
+safehausTokenPin: 1234
+safehausResynchCount: -1
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+# ----------------------------------------------------------------------------
+# Sample External Users (not 2-factor)
+# ----------------------------------------------------------------------------
+
+dn: uid=pdirac, ou=Users, dc=example,dc=com
+objectClass: top
+objectClass: uidObject
+objectClass: extensibleObject
+objectClass: referral
+uid: pdirac
+ref: ldap://ad.example.com/uid=pdirac, ou=Users, dc=example,dc=com
+
+dn: uid=efermi, ou=Users, dc=example,dc=com
+objectClass: top
+objectClass: uidObject
+objectClass: extensibleObject
+objectClass: referral
+uid: efermi
+ref: ldap://openldap.example.com/uid=efermi, ou=Users, dc=example,dc=com
+
+dn: uid=rfeynman, ou=Users, dc=example,dc=com
+objectClass: top
+objectClass: uidObject
+objectClass: extensibleObject
+objectClass: referral
+uid: rfeynman
+ref: ldap://apacheds.example.com/uid=rfeynman, ou=Users, dc=example,dc=com
+
+# ----------------------------------------------------------------------------
+# Sample Hosts
+# ----------------------------------------------------------------------------
+
+dn: uid=hostssh, ou=Users, dc=example,dc=com
+cn: SSH Service
+sn: Service
+givenName: SSH
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+ou: Users
+uid: hostssh
+krb5PrincipalName: host/www.example.com@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: admin@example.com
+userPassword: secret
+
+dn: uid=hostssh2, ou=Users, dc=example,dc=com
+cn: SSH Service
+sn: Service
+givenname: SSH
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+objectclass: krb5Principal
+objectclass: krb5KDCEntry
+ou: Users
+uid: hostssh
+krb5PrincipalName: host/kerberos.example.com@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: admin@example.com
+userPassword: secret
+
+# ----------------------------------------------------------------------------
+# Demo Application
+# ----------------------------------------------------------------------------
+
+dn: appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyApplication
+objectclass: top
+appname: demo
+description: Demo application.
+userpassword:: c2VjcmV0
+
+dn: ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: organizationalUnit
+objectclass: top
+ou: permissions
+
+dn: permname=bend,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: bend
+
+dn: permname=fold,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: fold
+
+dn: permname=mutilate,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: mutilate
+
+dn: permname=spindle,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: spindle
+
+dn: permname=twist,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: twist
+
+dn: ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: organizationalUnit
+objectclass: top
+ou: roles
+
+dn: rolename=superuser,ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyRole
+objectclass: top
+grants: bend
+grants: fold
+grants: mutilate
+grants: spindle
+grants: twist
+rolename: superuser
+
+dn: rolename=untrusted,ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyRole
+objectclass: top
+grants: bend
+rolename: untrusted
+
+dn: rolename=trusted,ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyRole
+objectclass: top
+grants: bend
+grants: fold
+grants: mutilate
+rolename: trusted
+
+dn: ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: organizationalUnit
+objectclass: top
+ou: profiles
+
+dn: profileid=nbohr,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+profileid: nbohr
+roles: trusted
+user: nbohr
+
+dn: profileid=nbohr-superuser,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+denials: fold
+profileid: nbohr-superuser
+roles: superuser
+user: nbohr
+
+dn: profileid=wpauli,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: twist
+profileid: wpauli
+roles: trusted
+user: wpauli
+
+dn: profileid=aeinstein,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: spindle
+profileid: aeinstein
+roles: trusted
+user: aeinstein
+
+dn: profileid=mcurie,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+profileid: mcurie
+roles: untrusted
+user: mcurie
+
+
+# ----------------------------------------------------------------------------
+# Demo Application Profiles For Ready Made Hauskeys Accounts
+#
+# Apache => apache
+# Citi401k => citi401k
+# Codehaus => codehaus
+# OfficeW2k => officew2k
+# BankOne => bankone
+# ----------------------------------------------------------------------------
+
+dn: profileid=apache,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+denials: fold
+profileid: apache
+roles: trusted
+user: apache
+
+dn: profileid=citi401k,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: twist
+profileid: citi401k
+roles: trusted
+user: citi401k
+
+dn: profileid=codehaus,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: spindle
+profileid: codehaus
+roles: trusted
+user: codehaus
+
+dn: profileid=officew2k,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+profileid: officew2k
+roles: untrusted
+user: officew2k
+
+dn: profileid=bankone,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+profileid: bankone
+roles: untrusted
+user: bankone
Added: directory/trunks/triplesec/webapp-demo/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-demo/src/main/webapp/WEB-INF/web.xml?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-demo/src/main/webapp/WEB-INF/web.xml (added)
+++ directory/trunks/triplesec/webapp-demo/src/main/webapp/WEB-INF/web.xml Tue Dec 12 07:23:31 2006
@@ -0,0 +1,101 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<!DOCTYPE web-app
+ PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+ "http://java.sun.com/dtd/web-app_2_3.dtd">
+
+<web-app>
+
+ <display-name>Triplesec Demonstration Application</display-name>
+
+ <context-param>
+ <param-name>contextConfigLocation</param-name>
+ <param-value>classpath:applicationContext.xml</param-value>
+ </context-param>
+
+ <listener>
+ <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+ </listener>
+
+ <servlet>
+ <servlet-name>TriplesecDemoApplication</servlet-name>
+ <servlet-class>wicket.protocol.http.WicketServlet</servlet-class>
+ <init-param>
+ <param-name>applicationFactoryClassName</param-name>
+ <param-value>wicket.spring.SpringWebApplicationFactory</param-value>
+ </init-param>
+
+ <init-param>
+ <param-name>realm</param-name>
+ <param-value>EXAMPLE.COM</param-value>
+ </init-param>
+
+ <!-- Init Parameters for LDAP connectivity -->
+
+ <init-param>
+ <param-name>ldapHost</param-name>
+ <param-value>localhost</param-value>
+ </init-param>
+
+ <init-param>
+ <param-name>ldapPort</param-name>
+ <param-value>10389</param-value>
+ </init-param>
+
+ <init-param>
+ <param-name>ldapBaseDn</param-name>
+ <param-value>dc=example,dc=com</param-value>
+ </init-param>
+
+ <init-param>
+ <param-name>demoAppLdapCredentials</param-name>
+ <param-value>secret</param-value>
+ </init-param>
+
+ <!-- Init Parameters for SMS Messaging -->
+
+ <init-param>
+ <param-name>smsUsername</param-name>
+ <param-value>hauskeys</param-value>
+ </init-param>
+
+ <init-param>
+ <param-name>smsPassword</param-name>
+ <param-value>*****</param-value>
+ </init-param>
+
+ <init-param>
+ <param-name>smsAccountName</param-name>
+ <param-value>demo</param-value>
+ </init-param>
+
+ <init-param>
+ <param-name>smsTransportUrl</param-name>
+ <param-value>http://www.nbroadcasting.com/customers/messages/Sender.asp</param-value>
+ </init-param>
+
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet-mapping>
+ <servlet-name>TriplesecDemoApplication</servlet-name>
+ <url-pattern>/demo/*</url-pattern>
+ </servlet-mapping>
+</web-app>
Added: directory/trunks/triplesec/webapp-demo/src/main/webapp/css/style.css
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-demo/src/main/webapp/css/style.css?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-demo/src/main/webapp/css/style.css (added)
+++ directory/trunks/triplesec/webapp-demo/src/main/webapp/css/style.css Tue Dec 12 07:23:31 2006
@@ -0,0 +1,205 @@
+body
+{
+ text-align:center;
+ font-family:arial, times,sans-serif;
+ font-size:12px;
+ color:#666666;
+ background-color:white;
+ width:800px;
+ margin-left:auto;
+ margin-right:auto;
+}
+
+h1
+{
+ margin-top:10px;
+ font-size:28px;
+ color:#FFBA27;
+ font-weight:normal;
+}
+
+
+h2
+{
+ font-size:20px;
+ color:#CCCCCC;
+ font-weight:normal;
+ margin-top:-18px;
+}
+
+h3
+{
+ font-size:14px;
+ color:#FFBA27;
+ font-weight:normal;
+ border: 1px solid #AAAAAA;
+ margin:0;
+ height:16px;
+ padding:5px 5px 5px 5px;
+ background:#F7F7F7;
+}
+
+#top
+{
+ text-align:left;
+ width:800px;
+ border-bottom: 1px solid #CCCCCC;
+}
+
+#container
+{
+ width:800px;
+}
+
+#sideMenu
+{
+ margin-top:15px;
+ border-right:1px solid #CCCCCC;
+ width:160px;
+ position:relative;
+ margin-right:18px;
+ text-align:left;
+ float:left;
+ padding:0;
+}
+
+#announcement
+{
+ margin-top:65px;
+ width:155px;
+ position:relative;
+ /*margin-left:-15px;*/
+ margin-left:0px;
+ margin-right:8px;
+ float:left;
+ padding:0px 0px 0px 0px;
+}
+
+img
+{
+ text-align:center;
+}
+
+a
+{
+ font-family:arial;
+ color:#FFBA27;
+ font-size:16px;
+ white-space : nowrap;
+ text-decoration:none;
+}
+
+a.inText
+{
+ color:#FFBA27;
+ font-size:12px;
+ white-space : nowrap;
+ text-decoration:none;
+}
+
+#panelcontent
+{
+ padding:9px 9px 9px 9px;
+ margin-top:-1px;
+ border:1px solid #AAAAAA;
+
+ margin-left:0px;
+
+ font-family:normal;
+ font-family:arial, times,sans-serif;
+ font-size:12px;
+
+ word-spacing:2px;
+ color:#AAaAAA;
+ line-height:1.4em;
+}
+
+a:hover
+{
+ text-decoration:underline;
+}
+
+#MainCopy
+{
+ margin:0;
+ /*margin-left:200px;*/
+ margin-top:15px;
+ margin-bottom:25px;
+}
+
+#content
+{
+ margin-top:15px;
+ width:590px;
+ text-align:left;
+ margin:0;
+ padding:0px 0px 0px 0px;
+ float: left;
+}
+
+p.assistiveText
+{
+ border:none;
+ padding:0;
+ display:block;
+ margin-top:0px;
+ margin-bottom:15px;
+}
+
+li.menu
+{
+ margin:0px 0px 0px 0px;
+ padding: 0px 0px 0px 0px;
+}
+
+ul.menu
+{
+ color:#AAAAAA;
+ list-style-type:none;
+ margin: 0px 0px 0px 0px;
+ padding: 0px 0px 0px 0px;
+}
+
+#footer
+{
+ margin-top:40px;
+ text-align:right;
+ width:800px;
+ border-top:1px solid #CCCCCC;
+ font-family:arial, times,sans-serif;
+ font-size:12px;
+ clear:both;
+ color:#AAaAAA;
+}
+
+label {
+ float: left;
+ width: 140px;
+ font-weight: bold;
+}
+
+input, textarea {
+ width: 180px;
+ margin-bottom: 5px;
+}
+
+textarea {
+ width: 250px;
+ height: 150px;
+}
+
+.boxes {
+ width: 1em;
+}
+
+.feedbackPanelERROR {
+ color: red;
+ list-style: circle;
+ font-weight: bold;
+}
+
+.feedbackPanelINFO {
+ color: green;
+ list-style: circle;
+ font-weight: bold;
+}
\ No newline at end of file
Added: directory/trunks/triplesec/webapp-demo/src/main/webapp/index.html
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-demo/src/main/webapp/index.html?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-demo/src/main/webapp/index.html (added)
+++ directory/trunks/triplesec/webapp-demo/src/main/webapp/index.html Tue Dec 12 07:23:31 2006
@@ -0,0 +1,8 @@
+<html>
+ <head>
+ <meta HTTP-EQUIV="REFRESH" content="0; url=demo">
+ </head>
+ <body>
+ <p>If you're not redirected to the <a href="demo">Demo Application</a></p> then select this link.
+ </body>
+</html>
\ No newline at end of file
Added: directory/trunks/triplesec/webapp-demo/src/test/java/org/safehaus/demo/JdbcInvestmentsTest.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-demo/src/test/java/org/safehaus/demo/JdbcInvestmentsTest.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-demo/src/test/java/org/safehaus/demo/JdbcInvestmentsTest.java (added)
+++ directory/trunks/triplesec/webapp-demo/src/test/java/org/safehaus/demo/JdbcInvestmentsTest.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.safehaus.demo;
+
+import junit.framework.TestCase;
+import org.apache.derby.jdbc.EmbeddedDriver;
+import org.safehaus.triplesec.demo.dao.InvestmentsDao;
+import org.safehaus.triplesec.demo.dao.jdbc.JdbcInvestmentsDao;
+import org.safehaus.triplesec.demo.model.Investments;
+
+import java.sql.Connection;
+import java.sql.DriverManager;
+import java.sql.SQLException;
+
+
+public class JdbcInvestmentsTest extends TestCase
+{
+ Connection c;
+
+ public void setUp() throws Exception
+ {
+ DriverManager.registerDriver( new EmbeddedDriver() );
+ c = DriverManager.getConnection( "jdbc:derby:testdb;create=true" );
+ InvestmentsDao dao = new JdbcInvestmentsDao( c );
+
+ try
+ {
+ dao.clean();
+ }
+ catch ( SQLException sqle )
+ {
+ // swallow exception in case the table doesn't exist
+ // when attempting to drop it...
+ }
+ dao.build();
+ Investments investments = new Investments( "akarasulu" );
+ investments.set( 0, 1000 );
+ investments.set( 1, 1000 );
+ investments.set( 2, 1000 );
+ investments.set( 3, 1000 );
+ investments.set( 4, 1000 );
+ dao.insert( investments );
+ }
+
+ public void tearDown() throws Exception
+ {
+ InvestmentsDao dao = new JdbcInvestmentsDao( c );
+ dao.clean();
+ c.close();
+ c = null;
+ }
+
+ public void testInsertInvestment() throws Exception
+ {
+ Investments investments = new Investments( "testuser" );
+ investments.setBonds( 100 );
+
+ InvestmentsDao dao = new JdbcInvestmentsDao( c );
+ dao.insert( investments );
+
+ Investments inserted = dao.get( "testuser" );
+ assertNotNull( inserted );
+ assertEquals( inserted.getUid(), "testuser" );
+ assertEquals( inserted.getBonds(), 100 );
+ assertEquals( inserted.getEmergingMarkets(), 10000 );
+ assertEquals( inserted.getTbills(), 10000 );
+ assertEquals( inserted.getTechStocks(), 10000 );
+ assertEquals( inserted.getVolatileHighYield(), 10000 );
+ }
+
+ public void testDeleteInvestment() throws Exception
+ {
+ InvestmentsDao dao = new JdbcInvestmentsDao( c );
+ dao.delete( "akarasulu" );
+
+ Investments inserted = dao.get( "akarasulu" );
+ assertNull( inserted );
+ }
+
+ public void testUpdateInvestment() throws Exception
+ {
+ InvestmentsDao dao = new JdbcInvestmentsDao( c );
+ Investments investments = dao.get( "akarasulu" );
+ assertNotNull( investments );
+ investments.setBonds( 12345 );
+ investments.setVolatileHighYield( 54321 );
+ dao.update( investments );
+ investments = null;
+
+ investments = dao.get( "akarasulu" );
+ assertNotNull( investments );
+ assertEquals( 12345, investments.getBonds() );
+ assertEquals( 54321, investments.getVolatileHighYield() );
+ assertEquals( 1000, investments.getTechStocks() );
+ }
+
+ public void testGetInvestment() throws Exception
+ {
+ InvestmentsDao dao = new JdbcInvestmentsDao( c );
+ Investments investments = dao.get( "akarasulu" );
+ assertNotNull( investments );
+ assertEquals( investments.getUid(), "akarasulu" );
+ assertEquals( investments.getBonds(), 1000 );
+ assertEquals( investments.getEmergingMarkets(), 1000 );
+ assertEquals( investments.getTbills(), 1000 );
+ assertEquals( investments.getTechStocks(), 1000 );
+ assertEquals( investments.getVolatileHighYield(), 1000 );
+ }
+}
Added: directory/trunks/triplesec/webapp-demo/src/test/java/org/safehaus/triplesec/demo/RunDemoUI.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-demo/src/test/java/org/safehaus/triplesec/demo/RunDemoUI.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-demo/src/test/java/org/safehaus/triplesec/demo/RunDemoUI.java (added)
+++ directory/trunks/triplesec/webapp-demo/src/test/java/org/safehaus/triplesec/demo/RunDemoUI.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.safehaus.triplesec.demo;
+
+
+import org.safehaus.triplesec.integration.TriplesecIntegration;
+
+
+public class RunDemoUI extends TriplesecIntegration
+{
+ public RunDemoUI() throws Exception
+ {
+ super();
+ }
+
+
+ public void testRunForever() throws Exception
+ {
+ System.out.println( "Enter any character to end this test: " );
+ System.in.read();
+ }
+}
Added: directory/trunks/triplesec/webapp-demo/src/test/resources/log4j.properties
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-demo/src/test/resources/log4j.properties?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-demo/src/test/resources/log4j.properties (added)
+++ directory/trunks/triplesec/webapp-demo/src/test/resources/log4j.properties Tue Dec 12 07:23:31 2006
@@ -0,0 +1,11 @@
+# Set root logger level to DEBUG and its only appender to A1.
+log4j.rootLogger=INFO, A1
+
+# A1 is set to be a ConsoleAppender.
+log4j.appender.A1=org.apache.log4j.ConsoleAppender
+
+# A1 uses PatternLayout.
+log4j.appender.A1.layout=org.apache.log4j.PatternLayout
+log4j.appender.A1.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n
+
+
Added: directory/trunks/triplesec/webapp-demo/src/test/resources/server.ldif
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-demo/src/test/resources/server.ldif?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-demo/src/test/resources/server.ldif (added)
+++ directory/trunks/triplesec/webapp-demo/src/test/resources/server.ldif Tue Dec 12 07:23:31 2006
@@ -0,0 +1,595 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+#
+# EXAMPLE.COM is freely and reserved for testing according to this RFC:
+#
+# http://www.rfc-editor.org/rfc/rfc2606.txt
+#
+#
+
+#
+# This ACI allows brouse access to the root suffix and one level below that to anyone.
+# At this level there is nothing critical exposed. Everything that matters is one or
+# more levels below this.
+#
+
+dn: cn=browseRootAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { maximum 1 }
+prescriptiveACI: { identificationTag "browseRoot", precedence 100, authenticationLevel none, itemOrUserFirst userFirst: { userClasses { allUsers }, userPermissions { { protectedItems {entry}, grantsAndDenials { grantReturnDN, grantBrowse } } } } }
+
+dn: ou=Users, dc=example, dc=com
+objectclass: top
+objectclass: organizationalunit
+ou: Users
+
+#
+# This ACI allows users to modify a limited set of attributes in their own user
+# entry as well as read, compare those attributes. The user's entry must be
+# browseable and the DN must be returnable.
+#
+
+dn: cn=allowSelfModificationsAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { base "ou=users", maximum 1 }
+prescriptiveACI: { identificationTag "allowSelfModifications", precedence 14, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { thisEntry }, userPermissions { { protectedItems {entry}, grantsAndDenials { grantReturnDN, grantModify, grantBrowse, grantRead, grantDiscloseOnError } }, { protectedItems {allAttributeValues {userPassword, krb5Key, givenName, cn, commonName, surName, sn, objectClass }}, grantsAndDenials { grantModify, grantAdd, grantRemove, grantRead, grantDiscloseOnError, grantCompare } } } } }
+
+#
+# This ACI allows users to access a limited set of attributes in their own user
+# entry as well as compare those attributes. The user's entry must be browseable
+# and the DN must be returnable.
+#
+
+dn: cn=allowSelfAccessAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { base "ou=users", maximum 1 }
+prescriptiveACI: { identificationTag "allowSelfAccess", precedence 15, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { thisEntry }, userPermissions { { protectedItems {entry}, grantsAndDenials { grantReturnDN, grantBrowse, grantRead, grantDiscloseOnError } }, { protectedItems {allAttributeValues {uid, userPassword, givenName, cn, commonName, surName, sn, objectClass, creatorsName, modifiersName, createTimestamp, modifyTimestamp, krb5AccountDisabled, description, apacheSamType }}, grantsAndDenials { grantRead, grantDiscloseOnError, grantCompare } } } } }
+
+dn: ou=Groups, dc=example, dc=com
+objectclass: top
+objectclass: organizationalunit
+ou: Groups
+
+dn: cn=superUsers, ou=Groups, dc=example, dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: superUsers
+uniqueMember: uid=admin, ou=system
+
+dn: cn=userAdmins, ou=Groups, dc=example, dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: userAdmin
+uniqueMember: uid=admin, ou=system
+
+dn: cn=applicationAdmins, ou=Groups, dc=example, dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: applicationAdmin
+uniqueMember: uid=admin, ou=system
+
+dn: cn=groupAdmins, ou=Groups, dc=example, dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: groupAdmin
+uniqueMember: uid=admin, ou=system
+
+#
+# This ACI allows members of the superUsers group to have full modify and read access
+# to the entire realm as does the system administrator principal: uid=admin, ou=system.
+#
+# The only thing these users cannot do is modify the system partition. They are only
+# restricted to superUser rights within this realm partition
+#
+
+dn: cn=superUsersAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { }
+prescriptiveACI: { identificationTag "superUsersAci", precedence 20, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { userGroup { "cn=superUsers,ou=groups,dc=example,dc=com" } }, userPermissions { { protectedItems {entry, allUserAttributeTypesAndValues}, grantsAndDenials { grantRead, grantReturnDN, grantBrowse, grantDiscloseOnError, grantCompare, grantAdd, grantRename, grantRemove, grantModify, grantImport, grantExport } } } } }
+
+#
+# This ACI allows members of the userAdmin group to have full modify and read access
+# to user accounts besides their own. Hence they can administer users in the system.
+#
+
+dn: cn=userAdminsAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { base "ou=users", maximum 1 }
+prescriptiveACI: { identificationTag "userAdminsAci", precedence 16, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { userGroup { "cn=userAdmins,ou=groups,dc=example,dc=com" } }, userPermissions { { protectedItems {entry, allUserAttributeTypesAndValues}, grantsAndDenials { grantRead, grantReturnDN, grantBrowse, grantDiscloseOnError, grantCompare, grantAdd, grantRename, grantRemove, grantModify, grantImport, grantExport } } } } }
+
+
+#
+# This ACI allows members of the applicationAdmin group to have full modify and read access
+# to all applications in the realm. Adding users to this group is like a wild card for
+# application access.
+#
+
+dn: cn=applicationAdminsAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { base "ou=applications" }
+prescriptiveACI: { identificationTag "applicationAdminsAci", precedence 17, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { userGroup { "cn=applicationAdmins,ou=groups,dc=example,dc=com" } }, userPermissions { { protectedItems {entry, allUserAttributeTypesAndValues}, grantsAndDenials { grantRead, grantReturnDN, grantBrowse, grantDiscloseOnError, grantCompare, grantAdd, grantRename, grantRemove, grantModify, grantImport, grantExport } } } } }
+
+
+#
+# This ACI allows members of the groupAdmins group to have full modify and read access
+# to all groups in the realm other than the superUsers, userAdmins, groupAdmins, and the
+# applicationAdmins groups.
+#
+# The rational behind this is to prevent these users from changing their or other
+# users' access rights for the entire system by modifying their membership in these
+# groups. Making someone a groupAdmin should not open the door to their ability to
+# grant themselves or others system wide administrative abilities.
+#
+# Really the groupAdmins group is intended for users that have the ability to manage
+# group membership in specific application administration groups and that's all.
+# These types of admins should not have the right to promote others to system level
+# administrators or complete super users.
+#
+
+dn: cn=groupAdminsAci,dc=example,dc=com
+objectClass: top
+objectClass: subentry
+objectClass: accessControlSubentry
+subtreeSpecification: { base "ou=groups", specificExclusions { chopBefore: "cn=userAdmins", chopBefore: "cn=groupAdmins", chopBefore: "cn=applicationAdmins", chopBefore: "cn=superUsers" } }
+prescriptiveACI: { identificationTag "groupAdminsAci", precedence 18, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { userGroup { "cn=groupAdmins,ou=groups,dc=example,dc=com" } }, userPermissions { { protectedItems {entry, allUserAttributeTypesAndValues}, grantsAndDenials { grantRead, grantReturnDN, grantBrowse, grantDiscloseOnError, grantCompare, grantAdd, grantRename, grantRemove, grantModify, grantImport, grantExport } } } } }
+
+# ----------------------------------------------------------------------------
+# Required Kerberos Server User
+# ----------------------------------------------------------------------------
+
+dn: uid=krbtgt, ou=Users, dc=example,dc=com
+cn: Kerberos Server
+sn: Server
+givenName: Kerberos
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+ou: Users
+uid: krbtgt
+krb5PrincipalName: krbtgt/EXAMPLE.COM@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: admin@example.com
+userPassword: secret
+
+# ----------------------------------------------------------------------------
+# Sample Hauskeys Users
+# ----------------------------------------------------------------------------
+
+dn: uid=mplanck, ou=Users, dc=example,dc=com
+cn: Max Planck
+sn: Planck
+givenName: Max
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: extensibleObject
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: mplanck
+krb5PrincipalName: mplanck@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: mplanck@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 666
+apacheSamType: 7
+safehausUid: mplanck
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 27304238
+safehausSecret:: aaaabbbbccccdddd
+safehausFailuresInEpoch: 0
+safehausResynchCount: -1
+safehausTokenPin: 1234
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=aeinstein, ou=Users, dc=example,dc=com
+cn: Albert Einstein
+sn: Einstein
+givenName: Albert
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: extensibleObject
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: aeinstein
+krb5PrincipalName: aeinstein@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: aeinstein@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 666
+apacheSamType: 7
+safehausUid: aeinstein
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 8745127341
+safehausSecret:: eeeeffffgggghhhh
+safehausFailuresInEpoch: 0
+safehausResynchCount: -1
+safehausTokenPin: 1234
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=nbohr, ou=Users, dc=example,dc=com
+cn: Neils Bohr
+sn: Bohr
+givenName: Neils
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: extensibleObject
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: nbohr
+krb5PrincipalName: nbohr@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: nbohr@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 666
+apacheSamType: 7
+safehausUid: nbohr
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 8745127341
+safehausSecret:: iiiijjjjkkkkllll
+safehausFailuresInEpoch: 0
+safehausResynchCount: -1
+safehausTokenPin: 1234
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+# ----------------------------------------------------------------------------
+# Sample Local Users (not 2-factor)
+# ----------------------------------------------------------------------------
+
+dn: uid=mborn, ou=Users, dc=example,dc=com
+cn: Max Born
+sn: Born
+givenName: Max
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: mborn
+krb5PrincipalName: mborn@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: mborn@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 667
+safehausUid: mborn
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 917483720127847
+safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^*
+safehausFailuresInEpoch: 0
+safehausTokenPin: 1234
+safehausResynchCount: -1
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=wpauli, ou=Users, dc=example,dc=com
+cn: Wolfgang Pauli
+sn: Pauli
+givenName: Wolfgang
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: wpauli
+krb5PrincipalName: wpauli@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: wpauli@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 667
+safehausUid: wpauli
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 917483720127847
+safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^*
+safehausFailuresInEpoch: 0
+safehausTokenPin: 1234
+safehausResynchCount: -1
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+dn: uid=mcurie, ou=Users, dc=example,dc=com
+cn: Marie Curie
+sn: Curie
+givenName: Marie
+objectClass: top
+objectClass: uidObject
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+objectClass: krb5Principal
+objectClass: krb5KDCEntry
+objectClass: safehausProfile
+ou: Users
+uid: mcurie
+krb5PrincipalName: mcurie@EXAMPLE.COM
+krb5KeyVersionNumber: 0
+mail: mcurie@example.com
+telephoneNumber: +1 904 982 6882
+facsimileTelephoneNumber: +1 904 982 6883
+roomNumber: 667
+safehausUid: mcurie
+safehausRealm: EXAMPLE.COM
+safehausLabel: example realm
+safehausFactor: 917483720127847
+safehausSecret:: xcJqp45S80e8fahs&@rq1I98awg8)^*
+safehausFailuresInEpoch: 0
+safehausTokenPin: 1234
+safehausResynchCount: -1
+safehausInfo: test account
+safehausNotifyBy: sms
+userPassword: secret
+
+# ----------------------------------------------------------------------------
+# Sample External Users (not 2-factor)
+# ----------------------------------------------------------------------------
+
+dn: uid=pdirac, ou=Users, dc=example,dc=com
+objectClass: top
+objectClass: uidObject
+objectClass: extensibleObject
+objectClass: referral
+uid: pdirac
+ref: ldap://ad.example.com/uid=pdirac, ou=Users, dc=example,dc=com
+
+dn: uid=efermi, ou=Users, dc=example,dc=com
+objectClass: top
+objectClass: uidObject
+objectClass: extensibleObject
+objectClass: referral
+uid: efermi
+ref: ldap://openldap.example.com/uid=efermi, ou=Users, dc=example,dc=com
+
+dn: uid=rfeynman, ou=Users, dc=example,dc=com
+objectClass: top
+objectClass: uidObject
+objectClass: extensibleObject
+objectClass: referral
+uid: rfeynman
+ref: ldap://apacheds.example.com/uid=rfeynman, ou=Users, dc=example,dc=com
+
+# ----------------------------------------------------------------------------
+# Applications
+# ----------------------------------------------------------------------------
+
+dn: ou=Applications,dc=example,dc=com
+objectClass: top
+objectClass: organizationalunit
+ou: applications
+
+dn: appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyApplication
+objectclass: top
+appname: demo
+description: Demo application.
+userpassword:: c2VjcmV0
+
+dn: ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: organizationalUnit
+objectclass: top
+ou: permissions
+
+dn: permname=bend,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: bend
+
+dn: permname=fold,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: fold
+
+dn: permname=mutilate,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: mutilate
+
+dn: permname=spindle,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: spindle
+
+dn: permname=twist,ou=permissions,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyPermission
+objectclass: top
+permname: twist
+
+dn: ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: organizationalUnit
+objectclass: top
+ou: roles
+
+dn: rolename=superuser,ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyRole
+objectclass: top
+grants: bend
+grants: fold
+grants: mutilate
+grants: spindle
+grants: twist
+rolename: superuser
+
+dn: rolename=untrusted,ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyRole
+objectclass: top
+grants: bend
+rolename: untrusted
+
+dn: rolename=trusted,ou=roles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyRole
+objectclass: top
+grants: bend
+grants: fold
+grants: mutilate
+rolename: trusted
+
+dn: ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: organizationalUnit
+objectclass: top
+ou: profiles
+
+dn: profileid=nbohr,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+profileid: nbohr
+roles: trusted
+user: nbohr
+
+dn: profileid=nbohr-superuser,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+denials: fold
+profileid: nbohr-superuser
+roles: superuser
+user: nbohr
+
+dn: profileid=mborn,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: twist
+profileid: mborn
+roles: trusted
+user: mborn
+
+dn: profileid=aeinstein,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: twist
+profileid: aeinstein
+roles: trusted
+user: aeinstein
+
+dn: profileid=mcurie,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: spindle
+profileid: mcurie
+roles: trusted
+user: mcurie
+
+dn: profileid=wpauli,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+profileid: wpauli
+roles: untrusted
+user: wpauli
+
+
+# ----------------------------------------------------------------------------
+# Demo Application Profiles For Ready Made Hauskeys Accounts
+#
+# Apache => apache
+# Citi401k => citi401k
+# Codehaus => codehaus
+# OfficeW2k => officew2k
+# BankOne => bankone
+# ----------------------------------------------------------------------------
+
+dn: profileid=apache,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+denials: fold
+profileid: apache
+roles: trusted
+user: apache
+
+dn: profileid=citi401k,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: twist
+profileid: citi401k
+roles: trusted
+user: citi401k
+
+dn: profileid=codehaus,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+grants: spindle
+profileid: codehaus
+roles: superuser
+user: codehaus
+
+dn: profileid=officew2k,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+profileid: officew2k
+roles: untrusted
+user: officew2k
+
+dn: profileid=bankone,ou=profiles,appname=demo,ou=Applications,dc=example,dc=com
+objectclass: policyProfile
+objectclass: top
+profileid: bankone
+roles: untrusted
+user: bankone
+
Added: directory/trunks/triplesec/webapp-demo/src/test/resources/server.xml
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-demo/src/test/resources/server.xml?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-demo/src/test/resources/server.xml (added)
+++ directory/trunks/triplesec/webapp-demo/src/test/resources/server.xml Tue Dec 12 07:23:31 2006
@@ -0,0 +1,250 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
+ "http://www.springframework.org/dtd/spring-beans.dtd">
+
+<beans>
+ <bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
+ <property name="properties">
+ <props>
+ <prop key="java.naming.security.authentication">simple</prop>
+ <prop key="java.naming.security.principal">uid=admin,ou=system</prop>
+ <prop key="java.naming.security.credentials">secret</prop>
+ <prop key="java.naming.provider.url">dc=example,dc=com</prop>
+ <prop key="java.naming.factory.state">org.safehaus.triplesec.store.ProfileStateFactory</prop>
+ <prop key="java.naming.factory.object">org.safehaus.triplesec.store.ProfileObjectFactory</prop>
+
+ <prop key="kdc.primary.realm">EXAMPLE.COM</prop>
+ <prop key="kdc.principal">krbtgt/EXAMPLE.COM@EXAMPLE.COM</prop>
+ <prop key="kdc.encryption.types">des-cbc-md5 des3-cbc-sha1 des3-cbc-md5 des-cbc-md4 des-cbc-crc</prop>
+ <prop key="kdc.entryBaseDn">ou=users,dc=example,dc=com</prop>
+ <prop key="kdc.java.naming.security.credentials">secret</prop>
+
+ <prop key="changepw.entryBaseDn">ou=users,dc=example,dc=com</prop>
+ <prop key="changepw.java.naming.security.credentials">secret</prop>
+ <prop key="changepw.principal">kadmin/changepw@EXAMPLE.COM</prop>
+
+ <!-- All times are in minutes -->
+ <prop key="kdc.allowable.clockskew">5</prop>
+ <prop key="kdc.tgs.maximum.ticket.lifetime">1440</prop>
+ <prop key="kdc.tgs.maximum.renewable.lifetime">10080</prop>
+ <prop key="kdc.pa.enc.timestamp.required">true</prop>
+ <prop key="kdc.tgs.empty.addresses.allowed">true</prop>
+ <prop key="kdc.tgs.forwardable.allowed">true</prop>
+ <prop key="kdc.tgs.proxiable.allowed">true</prop>
+ <prop key="kdc.tgs.postdate.allowed">true</prop>
+ <prop key="kdc.tgs.renewable.allowed">true</prop>
+
+ <prop key="safehaus.entry.basedn">ou=Users,dc=example,dc=com</prop>
+ <prop key="safehaus.load.testdata">true</prop>
+ <prop key="kerberos.sam.type.7">org.safehaus.triplesec.verifier.hotp.DefaultHotpSamVerifier</prop>
+ </props>
+ </property>
+ </bean>
+
+ <bean id="configuration" class="org.safehaus.triplesec.configuration.MutableTriplesecStartupConfiguration">
+ <property name="workingDirectory"><value>partitions</value></property>
+ <property name="allowAnonymousAccess"><value>false</value></property>
+ <property name="accessControlEnabled"><value>true</value></property>
+ <property name="ldapPort"><value>10389</value></property>
+ <property name="enableKerberos"><value>true</value></property>
+ <property name="enableNtp"><value>false</value></property>
+ <property name="enableChangePassword"><value>true</value></property>
+
+ <!-- Uncomment below to have the server load entries on startup! -->
+ <!-- ldifDirectory property can point to a relative file, directory or -->
+ <!-- can point to an absolute path to either using the URL path -->
+ <!-- notation: i.e. file:///Users/jack/apacheds/ldifs -->
+
+ <!-- Entries will optionally be filtered using LdifLoadFilters in the -->
+ <!-- order specified. The included Krb5KdcEntryFilter will filter -->
+ <!-- kerberos principals creating keys for them using their -->
+ <!-- userPassword attribute if present. -->
+
+ <!-- If missing the Triplesec server will use LDIF files under the conf -->
+ <!-- directory where it has been installed. -->
+
+ <!--
+ <property name="ldifDirectory">
+ <value>example.ldif</value>
+ </property>
+ -->
+ <property name="ldifFilters">
+ <list>
+ <bean class="org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter"/>
+ </list>
+ </property>
+
+ <property name="activationConfiguration">
+ <bean class="org.safehaus.triplesec.configuration.ActivationConfiguration">
+ <property name="enableDecoyMidlet"><value>true</value></property>
+ <property name="otpLength"><value>6</value></property>
+ <property name="midletNameAttribute"><value>midletNameAttribute</value></property>
+ </bean>
+ </property>
+
+ <property name="smsConfiguration">
+ <bean class="org.safehaus.triplesec.configuration.SmsConfiguration">
+ <property name="smsUsername"><value>hauskeys</value></property>
+ <property name="smsPassword"><value>secret</value></property>
+ <property name="smsAccountName"><value>demo</value></property>
+ <property name="smsTransportUrl"><value>http://www.nbroadcasting.com/customers/messages/Sender.asp</value></property>
+ </bean>
+ </property>
+
+ <property name="smtpConfiguration">
+ <bean class="org.safehaus.triplesec.configuration.SmtpConfiguration">
+ <property name="smtpAuthenticate"><value>false</value></property>
+ <!-- uncomment and set above property if authentication is required by mail server
+ <property name="smtpUsername"><value>hauskeys</value></property>
+ <property name="smtpPassword"><value>secret</value></property>
+ -->
+ <property name="smtpHost"><value>localhost</value></property>
+ <property name="smtpSubject"><value>Triplesec Account Activated</value></property>
+ <property name="smtpFrom"><value>dev@safehaus.org</value></property>
+ </bean>
+ </property>
+
+ <property name="contextPartitionConfigurations">
+ <set>
+ <ref bean="examplePartitionConfiguration"/>
+ </set>
+ </property>
+ <property name="bootstrapSchemas">
+ <set>
+ <bean class="org.apache.directory.server.core.schema.bootstrap.CorbaSchema"/>
+ <bean class="org.apache.directory.server.core.schema.bootstrap.CoreSchema"/>
+ <bean class="org.apache.directory.server.core.schema.bootstrap.CosineSchema"/>
+ <bean class="org.apache.directory.server.core.schema.bootstrap.ApacheSchema"/>
+ <bean class="org.apache.directory.server.core.schema.bootstrap.CollectiveSchema"/>
+ <bean class="org.apache.directory.server.core.schema.bootstrap.InetorgpersonSchema"/>
+ <bean class="org.apache.directory.server.core.schema.bootstrap.JavaSchema"/>
+ <bean class="org.apache.directory.server.core.schema.bootstrap.Krb5kdcSchema"/>
+ <bean class="org.apache.directory.server.core.schema.bootstrap.SystemSchema"/>
+ <bean class="org.safehaus.triplesec.store.schema.SafehausSchema"/>
+ </set>
+ </property>
+
+ <property name="extendedOperationHandlers">
+ <list>
+ <bean class="org.apache.directory.server.ldap.support.extended.GracefulShutdownHandler"/>
+ <bean class="org.apache.directory.server.ldap.support.extended.LaunchDiagnosticUiHandler"/>
+ </list>
+ </property>
+
+ <property name="interceptorConfigurations">
+ <list>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>normalizationService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.normalization.NormalizationService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>authenticationService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.authn.AuthenticationService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>referralService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.referral.ReferralService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>authorizationService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.authz.AuthorizationService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>defaultAuthorizationService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.authz.DefaultAuthorizationService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>exceptionService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.exception.ExceptionService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>schemaService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.schema.SchemaService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>subentryService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.subtree.SubentryService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>operationalAttributeService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.operational.OperationalAttributeService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>collectiveAttributeService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.collective.CollectiveAttributeService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>eventService</value></property>
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.event.EventService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name"><value>policyProtectionService</value></property>
+ <property name="interceptor">
+ <bean class="org.safehaus.triplesec.store.interceptor.PolicyProtectionInterceptor" />
+ </property>
+ </bean>
+ </list>
+ </property>
+ </bean>
+
+ <bean id="examplePartitionConfiguration" class="org.apache.directory.server.core.configuration.MutablePartitionConfiguration">
+ <property name="name"><value>example</value></property>
+ <property name="suffix"><value>dc=example,dc=com</value></property>
+ <property name="indexedAttributes">
+ <set>
+ <value>objectClass</value>
+ <value>ou</value>
+ <value>dc</value>
+ <value>uid</value>
+ <value>profileId</value>
+ <value>roles</value>
+ <value>grants</value>
+ <value>denials</value>
+ <value>krb5PrincipalName</value>
+ </set>
+ </property>
+ <property name="contextEntry">
+ <value>
+ objectClass: top
+ objectClass: domain
+ objectClass: extensibleObject
+ dc: example
+ administrativeRole: accessControlSpecificArea
+ administrativeRole: collectiveAttributeSpecificArea
+ </value>
+ </property>
+ </bean>
+
+ <bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
+ <property name="customEditors">
+ <map>
+ <entry key="javax.naming.directory.Attributes">
+ <bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/>
+ </entry>
+ </map>
+ </property>
+ </bean>
+</beans>
Added: directory/trunks/triplesec/webapp-registration/pom.xml
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-registration/pom.xml?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-registration/pom.xml (added)
+++ directory/trunks/triplesec/webapp-registration/pom.xml Tue Dec 12 07:23:31 2006
@@ -0,0 +1,200 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<project>
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.safehaus.triplesec</groupId>
+ <artifactId>build</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+ <artifactId>triplesec-webapp-registration</artifactId>
+ <name>Triplesec Webapp for User Registration (Wicket Based)</name>
+ <packaging>war</packaging>
+ <build>
+ <finalName>tsec-registration</finalName>
+ <plugins>
+ <plugin>
+ <groupId>org.mortbay.jetty</groupId>
+ <artifactId>maven-jetty6-plugin</artifactId>
+ <configuration>
+ <scanIntervalSeconds>10</scanIntervalSeconds>
+ <systemProperties>
+ <systemProperty>
+ <name>org.apache.commons.logging.Log</name>
+ <value>org.apache.commons.logging.impl.SimpleLog</value>
+ </systemProperty>
+ </systemProperties>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <dependencies>
+ <dependency>
+ <groupId>wicket</groupId>
+ <artifactId>wicket</artifactId>
+ <version>1.2-beta2</version>
+ </dependency>
+ <!--
+ <dependency>
+ <groupId>wicket</groupId>
+ <artifactId>wicket-extensions</artifactId>
+ <version>1.2-beta2</version>
+ </dependency>
+ -->
+ <dependency>
+ <groupId>servletapi</groupId>
+ <artifactId>servletapi</artifactId>
+ <version>2.3</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ <version>1.2.11</version>
+ </dependency>
+ <dependency>
+ <groupId>${pom.groupId}</groupId>
+ <artifactId>triplesec-integration</artifactId>
+ <version>${pom.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>${pom.groupId}</groupId>
+ <artifactId>triplesec-wicket-tools</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>${pom.groupId}</groupId>
+ <artifactId>triplesec-sms</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>${pom.groupId}</groupId>
+ <artifactId>triplesec-configuration</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>${pom.groupId}</groupId>
+ <artifactId>triplesec-admin-api</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>javax.activation</groupId>
+ <artifactId>activation</artifactId>
+ <version>1.1</version>
+ </dependency>
+ <dependency>
+ <groupId>javax.mail</groupId>
+ <artifactId>mail</artifactId>
+ <version>1.4</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>nlog4j</artifactId>
+ <version>1.2.25</version>
+ <scope>provided</scope>
+ </dependency>
+ </dependencies>
+
+ <profiles>
+ <profile>
+ <id>default</id>
+ <activation>
+ <activeByDefault>true</activeByDefault>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <excludes>
+ <!-- Do not run this test since it never exists -->
+ <exclude>**/RunRegistrationUI.java</exclude>
+ <!-- Avoid normal integration tests -->
+ <exclude>**/*ITest.java</exclude>
+ <exclude>**/*IntegrationTest.java</exclude>
+ </excludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ <profile>
+ <id>integration</id>
+ <activation>
+ <property><name>integration</name></property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <systemProperties>
+ <property>
+ <name>org.safehaus.triplesec.integration.resourcesDirectory</name>
+ <value>${basedir}/src/test/resources</value>
+ </property>
+ </systemProperties>
+ <excludes>
+ <!-- Do not run this test since it never exists -->
+ <exclude>**/RunRegistrationUI.java</exclude>
+ </excludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ <profile>
+ <id>ui</id>
+ <activation>
+ <property><name>ui</name></property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <systemProperties>
+ <property>
+ <name>org.safehaus.triplesec.integration.resourcesDirectory</name>
+ <value>${basedir}/src/test/resources</value>
+ </property>
+ <property>
+ <name>org.safehaus.triplesec.integration.webapps</name>
+ <value>registration</value>
+ </property>
+ <property>
+ <name>org.safehaus.triplesec.integration.webappWarBase.registration</name>
+ <value>${basedir}/target/tsec-registration.war</value>
+ </property>
+ </systemProperties>
+ <includes>
+ <include>**/RunRegistrationUI.java</include>
+ </includes>
+ <excludes>
+ <exclude>**/*Test.java</exclude>
+ </excludes>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+</project>
Added: directory/trunks/triplesec/webapp-registration/src/main/java/org/safehaus/triplesec/registration/model/RegistrationInfo.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-registration/src/main/java/org/safehaus/triplesec/registration/model/RegistrationInfo.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-registration/src/main/java/org/safehaus/triplesec/registration/model/RegistrationInfo.java (added)
+++ directory/trunks/triplesec/webapp-registration/src/main/java/org/safehaus/triplesec/registration/model/RegistrationInfo.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,292 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.safehaus.triplesec.registration.model;
+
+
+import java.io.Serializable;
+
+/**
+ * Model object for capturing the Triplesec configuration settings.
+ */
+public class RegistrationInfo implements Serializable
+{
+ private static final long serialVersionUID = -2672319798571167870L;
+
+ private String username;
+ private String password;
+ private String passwordConfirm;
+ private String firstName;
+ private String lastName;
+ private String email;
+
+ private String address1;
+ private String address2;
+ private String city;
+ private String stateProvRegion;
+ private String zipPostalCode;
+ private String country;
+
+ private String tokenPin;
+ private String tokenPinConfirm;
+ private String midletName;
+ private String mobile;
+ private String mobileCarrier;
+ private String deploymentMechanism;
+
+
+ public void setUsername( String username )
+ {
+ this.username = username;
+ }
+
+
+ public String getUsername()
+ {
+ return username;
+ }
+
+
+ public void setPassword( String password )
+ {
+ this.password = password;
+ }
+
+
+ public String getPassword()
+ {
+ return password;
+ }
+
+
+ public void setPasswordConfirm( String passwordConfirm )
+ {
+ this.passwordConfirm = passwordConfirm;
+ }
+
+
+ public String getPasswordConfirm()
+ {
+ return passwordConfirm;
+ }
+
+
+ public void setFirstName( String firstName )
+ {
+ this.firstName = firstName;
+ }
+
+
+ public String getFirstName()
+ {
+ return firstName;
+ }
+
+
+ public void setLastName( String lastName )
+ {
+ this.lastName = lastName;
+ }
+
+
+ public String getLastName()
+ {
+ return lastName;
+ }
+
+
+ public void setEmail( String email )
+ {
+ this.email = email;
+ }
+
+
+ public String getEmail()
+ {
+ return email;
+ }
+
+
+ public void setAddress1( String address1 )
+ {
+ this.address1 = address1;
+ }
+
+
+ public String getAddress1()
+ {
+ return address1;
+ }
+
+
+ public void setAddress2( String address2 )
+ {
+ this.address2 = address2;
+ }
+
+
+ public String getAddress2()
+ {
+ return address2;
+ }
+
+
+ public void setCity( String city )
+ {
+ this.city = city;
+ }
+
+
+ public String getCity()
+ {
+ return city;
+ }
+
+
+ public void setStateProvRegion( String stateProvRegion )
+ {
+ this.stateProvRegion = stateProvRegion;
+ }
+
+
+ public String getStateProvRegion()
+ {
+ return stateProvRegion;
+ }
+
+
+ public void setZipPostalCode( String zipPostalCode )
+ {
+ this.zipPostalCode = zipPostalCode;
+ }
+
+
+ public String getZipPostalCode()
+ {
+ return zipPostalCode;
+ }
+
+
+ public void setCountry( String country )
+ {
+ this.country = country;
+ }
+
+
+ public String getCountry()
+ {
+ return country;
+ }
+
+
+ public void setMidletName( String midletName )
+ {
+ this.midletName = midletName;
+ }
+
+
+ public String getMidletName()
+ {
+ return midletName;
+ }
+
+
+ public void setMobile( String mobile )
+ {
+ this.mobile = mobile;
+ }
+
+
+ public String getMobile()
+ {
+ return mobile;
+ }
+
+
+ public void setMobileCarrier( String mobileCarrier )
+ {
+ this.mobileCarrier = mobileCarrier;
+ }
+
+
+ public String getMobileCarrier()
+ {
+ return mobileCarrier;
+ }
+
+
+ public void setDeploymentMechanism( String deploymentMechanism )
+ {
+ this.deploymentMechanism = deploymentMechanism;
+ }
+
+
+ public String getDeploymentMechanism()
+ {
+ return deploymentMechanism;
+ }
+
+
+ public void setTokenPin( String tokenPin )
+ {
+ this.tokenPin = tokenPin;
+ }
+
+
+ public String getTokenPin()
+ {
+ return tokenPin;
+ }
+
+
+ public void setTokenPinConfirm( String tokenPinConfirm )
+ {
+ this.tokenPinConfirm = tokenPinConfirm;
+ }
+
+
+ public String getTokenPinConfirm()
+ {
+ return tokenPinConfirm;
+ }
+
+
+ public String toString() {
+ return "TriplesecRegistrationSettings{" +
+ "username='" + username + '\'' +
+ ", password='" + password + '\'' +
+ ", passwordConfirm='" + passwordConfirm + '\'' +
+ ", tokenPin='" + tokenPin + '\'' +
+ ", tokenPinConfirm='" + tokenPinConfirm + '\'' +
+ ", firstName='" + firstName + '\'' +
+ ", lastName='" + lastName + '\'' +
+ ", email='" + email + '\'' +
+ ", address1='" + address1 + '\'' +
+ ", address2='" + address2 + '\'' +
+ ", city='" + city + '\'' +
+ ", stateProvRegion='" + stateProvRegion + '\'' +
+ ", zipPostalCode='" + zipPostalCode + '\'' +
+ ", country='" + country + '\'' +
+ ", midletName='" + midletName + '\'' +
+ ", mobile=" + mobile +
+ ", mobileCarrier=" + mobileCarrier +
+ ", deploymentMechanism=" + deploymentMechanism +
+ '}';
+ }
+}
Added: directory/trunks/triplesec/webapp-registration/src/main/java/org/safehaus/triplesec/registration/view/TriplesecRegistrationApplication.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/webapp-registration/src/main/java/org/safehaus/triplesec/registration/view/TriplesecRegistrationApplication.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/webapp-registration/src/main/java/org/safehaus/triplesec/registration/view/TriplesecRegistrationApplication.java (added)
+++ directory/trunks/triplesec/webapp-registration/src/main/java/org/safehaus/triplesec/registration/view/TriplesecRegistrationApplication.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,229 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.safehaus.triplesec.registration.view;
+
+
+import java.util.Properties;
+
+import javax.naming.Context;
+
+import wicket.protocol.http.WebApplication;
+
+import org.safehaus.triplesec.admin.TriplesecAdmin;
+import org.safehaus.triplesec.admin.dao.DaoFactory;
+import org.safehaus.triplesec.admin.dao.ldap.LdapDaoFactory;
+import org.safehaus.triplesec.configuration.SmsConfiguration;
+import org.safehaus.triplesec.configuration.SmtpConfiguration;
+import org.safehaus.triplesec.registration.view.pages.WizardPage;
+
+
+public class TriplesecRegistrationApplication extends WebApplication
+{
+ // Ldap init parameter names
+ private static final String LDAP_PORT = "ldapPort";
+ private static final String LDAP_BASE_DN = "ldapBaseDn";
+ private static final String LDAP_CREDENTIALS = "ldapCredentials";
+ private static final String LDAP_PRINCIPAL_DN = "ldapPrincipalDn";
+ private static final String LDAP_HOST = "ldapHost";
+
+ // Mail init parameters names
+ private static final String SMTP_PASSWORD_PARAM = "smtpPassword";
+ private static final String SMTP_USERNAME_PARAM = "smtpUsername";
+ private static final String SMTP_SUBJECT_PARAM = "smtpSubject";
+ private static final String SMTP_FROM_PARAM = "smtpFrom";
+ private static final String SMTP_HOST_PARAM = "smtpHost";
+
+ // SMS init parameters names
+ private static final String SMS_TRANSPORT_URL_PARAM = "smsTransportUrl";
+ private static final String SMS_PASSWORD_PARAM = "smsPassword";
+ private static final String SMS_USERNAME_PARAM = "smsUsername";
+ private static final String SMS_ACCOUNT_PARAM = "smsAccountName";
+
+ // General init parameters names
+ private static final String REDIRECT_URL_PARAM = "redirectUrl";
+
+ private String realm;
+ private String presentationBaseUrl;
+ private String redirectUrl;
+ private SmsConfiguration smsConfig;
+ private SmtpConfiguration smtpConfig;
+ private TriplesecAdmin admin;
+
+
+ public Class getHomePage()
+ {
+ return WizardPage.class;
+ }
+
+
+ protected void init()
+ {
+ getMarkupSettings().setStripWicketTags( true );
+
+ realm = getWicketServlet().getInitParameter( "realm" );
+ presentationBaseUrl = getWicketServlet().getInitParameter( "presentationBaseUrl" );
+ redirectUrl = getWicketServlet().getInitParameter( REDIRECT_URL_PARAM );
+
+ initSmsConfiguration();
+ initSmtpConfiguration();
+ initAdminApi();
+ }
+
+
+ private void initAdminApi()
+ {
+ // -------------------------------------------------------------------
+ // Get LDAP connection init parameters
+ // -------------------------------------------------------------------
+
+ String ldapHost = getWicketServlet().getInitParameter( LDAP_HOST );
+ String ldapPrincipalDn = getWicketServlet().getInitParameter( LDAP_PRINCIPAL_DN );
+ String ldapCredentials = getWicketServlet().getInitParameter( LDAP_CREDENTIALS );
+ String ldapBaseDn = getWicketServlet().getInitParameter( LDAP_BASE_DN );
+ int ldapPort = Integer.parseInt( getWicketServlet().getInitParameter( LDAP_PORT ) );
+
+ // -------------------------------------------------------------------
+ // Assemble connection properties for Admin API
+ // -------------------------------------------------------------------
+
+ Properties env = new Properties();
+ env.put( DaoFactory.IMPLEMENTATION_CLASS, LdapDaoFactory.class.getName() );
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+ StringBuffer buf = new StringBuffer();
+
+ buf.append( "ldap" );
+ buf.append( "://" ).append( ldapHost ).append( ":" ).append( ldapPort );
+ buf.append( "/" ).append( ldapBaseDn );
+ env.put( Context.PROVIDER_URL, buf.toString() );
+ env.put( Context.SECURITY_PRINCIPAL, ldapPrincipalDn );
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+ env.put( Context.SECURITY_CREDENTIALS, ldapCredentials );
+
+ try
+ {
+ admin = new TriplesecAdmin( env );
+ }
+ catch ( Throwable t )
+ {
+ getWicketServlet().log( "Failed to connect to triplesec server", t );
+ }
+ }
+
+
+ /**
+ * Intializes the SMS settings from web.xml needed to send messages.
+ */
+ private void initSmsConfiguration()
+ {
+ smsConfig = new SmsConfiguration();
+ smsConfig.setSmsAccountName( getWicketServlet().getInitParameter( SMS_ACCOUNT_PARAM ) );
+ smsConfig.setSmsUsername( getWicketServlet().getInitParameter( SMS_USERNAME_PARAM ) );
+ smsConfig.setSmsPassword( getWicketServlet().getInitParameter( SMS_PASSWORD_PARAM ) );
+ smsConfig.setSmsTransportUrl( getWicketServlet().getInitParameter( SMS_TRANSPORT_URL_PARAM ) );
+ }
+
+
+ /**
+ * Initializes the mail server settings from web.xml to send messages.
+ */
+ private void initSmtpConfiguration()
+ {
+ smtpConfig = new SmtpConfiguration();
+ smtpConfig.setSmtpHost( getWicketServlet().getInitParameter( SMTP_HOST_PARAM ) );
+ smtpConfig.setSmtpFrom( getWicketServlet().getInitParameter( SMTP_FROM_PARAM ) );
+ smtpConfig.setSmtpSubject( getWicketServlet().getInitParameter( SMTP_SUBJECT_PARAM ) );
+ if ( getWicketServlet().getInitParameter( SMTP_USERNAME_PARAM ) == null )
+ {
+ smtpConfig.setSmtpAuthenticate( false );
+ }
+ else
+ {
+ smtpConfig.setSmtpAuthenticate( true );
+ smtpConfig.setSmtpUsername( getWicketServlet().getInitParameter( SMTP_USERNAME_PARAM ) );
+ smtpConfig.setSmtpPassword( getWicketServlet().getInitParameter( SMTP_PASSWORD_PARAM ) );
+ }
+ }
+
+
+ public void setRealm( String realm )
+ {
+ this.realm = realm;
+ }
+
+
+ public String getRealm()
+ {
+ return realm;
+ }
+
+
+ public String getRedirectUrl()
+ {
+ return redirectUrl;
+ }
+
+
+ public void setPresentationBaseUrl( String presentationBaseUrl )
+ {
+ this.presentationBaseUrl = presentationBaseUrl;
+ }
+
+
+ public String getPresentationBaseUrl()
+ {
+ return presentationBaseUrl;
+ }
+
+
+ public void setAdmin( TriplesecAdmin admin )
+ {
+ this.admin = admin;
+ }
+
+
+ public TriplesecAdmin getAdmin()
+ {
+ return admin;
+ }
+
+
+ public void setSmsConfig( SmsConfiguration smsConfig )
+ {
+ this.smsConfig = smsConfig;
+ }
+
+
+ public SmsConfiguration getSmsConfig()
+ {
+ return smsConfig;
+ }
+
+
+ public void setSmtpConfig( SmtpConfiguration smtpConfig )
+ {
+ this.smtpConfig = smtpConfig;
+ }
+
+
+ public SmtpConfiguration getSmtpConfig()
+ {
+ return smtpConfig;
+ }
+}