Modified: roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/security.xml URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/security.xml?rev=593664&r1=593663&r2=593664&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/security.xml (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/security.xml Fri Nov 9 13:54:45 2007 @@ -29,6 +29,7 @@ PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor </value> + <!-- Replace "authenticationProcessingFilter,rememberMeProcessingFilter" with "casProcessingFilter" if you want to use Roller with CAS --> </property> </bean> @@ -61,6 +62,7 @@ <list> <ref local="daoAuthenticationProvider"/> <!-- Uncomment this for LDAP/SSO configuration <ref local="ldapAuthProvider"/> --> + <!-- Uncomment this for CAS/SSO configuration <ref local="casAuthenticationProvider"/> --> <ref local="anonymousAuthenticationProvider"/> <!-- rememberMeAuthenticationProvider added programmatically --> </list> @@ -69,60 +71,7 @@ <!-- Log failed authentication attempts to commons-logging --> <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/> - - <!-- BEGIN: Sample LDAP/RollerDB hybrid security configuration - - <bean id="initialDirContextFactory" class="org.acegisecurity.ldap.DefaultInitialDirContextFactory"> - <constructor-arg value="LDAP_URL"/> - <property name="managerDn"> - <value>cn=LDAP_USERNAME</value> - </property> - <property name="managerPassword"> - <value>LDAP_PASSWORD</value> - </property> - </bean> - - <bean id="ldapUserSearch" class="org.acegisecurity.ldap.search.FilterBasedLdapUserSearch"> - <constructor-arg index="0"> - <value></value> - </constructor-arg> - <constructor-arg index="1"> - <value>uid={0}</value> - </constructor-arg> - <constructor-arg index="2"> - <ref local="initialDirContextFactory" /> - </constructor-arg> - <property name="searchSubtree"> - <value>true</value> - </property> - </bean> - - <bean id="ldapAuthProvider" - class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider"> - <constructor-arg> - <bean class="org.acegisecurity.providers.ldap.authenticator.BindAuthenticator"> - <constructor-arg><ref local="initialDirContextFactory"/></constructor-arg> - <property name="userSearch"><ref bean="ldapUserSearch"/></property> - </bean> - </constructor-arg> - <constructor-arg><ref local="jdbcAuthoritiesPopulator"/></constructor-arg> - <property name="userCache" ref="userCache"/> - </bean> - - <bean id="jdbcAuthoritiesPopulator" class="org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator"> - <property name="dataSource"> - <bean class="org.springframework.jndi.JndiObjectFactoryBean"> - <property name="jndiName" value="java:comp/env/jdbc/rollerdb"/> - </bean> - </property> - <property name="authoritiesByUsernameQuery"> - <value>SELECT username,rolename FROM userrole WHERE username = ?</value> - </property> - <property name="defaultRole"><value>register</value></property> - </bean> - --> - <!-- END Sample LDAP/RollerDB hybrid security configuration --> - + <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="jdbcAuthenticationDao"/> <property name="userCache" ref="userCache"/> @@ -176,6 +125,7 @@ </bean> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> + <!-- Change the ref on this property to "casProcessingFilterEntryPoint" when using CAS --> <property name="authenticationEntryPoint" ref="authenticationProcessingFilterEntryPoint"/> </bean> @@ -220,4 +170,89 @@ </list> </property> </bean> + + <!-- ===================== LDAP AUTHENTICATION ==================== --> + <!-- BEGIN: Sample LDAP/RollerDB hybrid security configuration + <bean id="initialDirContextFactory" class="org.acegisecurity.ldap.DefaultInitialDirContextFactory"> + <constructor-arg value="LDAP_URL"/> + <property name="managerDn" value="LDAP_USERNAME"/> + <property name="managerPassword" value="LDAP_PASSWORD"/> + </bean> + + <bean id="ldapUserSearch" class="org.acegisecurity.ldap.search.FilterBasedLdapUserSearch"> + <constructor-arg index="0" value=""/> + <constructor-arg index="1" value="uid={0}"/> + <constructor-arg index="2" ref="initialDirContextFactory"/> + <property name="searchSubtree" value="true"/> + </bean> + + <bean id="ldapAuthProvider" class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider"> + <constructor-arg> + <bean class="org.acegisecurity.providers.ldap.authenticator.BindAuthenticator"> + <constructor-arg ref="initialDirContextFactory"/> + <property name="userSearch" ref="ldapUserSearch"/> + </bean> + </constructor-arg> + <constructor-arg ref="jdbcAuthoritiesPopulator"/> + <property name="userCache" ref="userCache"/> + </bean> + + <bean id="jdbcAuthoritiesPopulator" class="org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator"> + <property name="defaultRole" value="register"/> + </bean> + --> + <!-- END Sample LDAP/RollerDB hybrid security configuration --> + + <!-- ======================== CENTRAL AUTHENTICATION SERVICE (CAS) ======================= --> + <!-- BEGIN: Sample CAS/RollerDB hybrid security configuration + <bean id="casProcessingFilter" class="org.acegisecurity.ui.cas.CasProcessingFilter"> + <property name="authenticationManager" ref="authenticationManager"/> + <property name="authenticationFailureUrl" value="/roller-ui/login.rol?error=true"/> + <property name="defaultTargetUrl" value="/"/> + <property name="filterProcessesUrl" value="/roller_j_security_check"/> + </bean> + + <bean id="casProcessingFilterEntryPoint" class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint"> + <property name="loginUrl" value="https://localhost:8443/cas/login"/> + <property name="serviceProperties" ref="serviceProperties"/> + </bean> + + <bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider"> + <property name="casAuthoritiesPopulator"> + <bean class="org.apache.roller.weblogger.ui.core.security.RollerCasPopulator"> + <property name="userDetailsService" ref="jdbcAuthenticationDao"/> + </bean> + </property> + <property name="casProxyDecider" ref="casProxyDecider"/> + <property name="ticketValidator" ref="casProxyTicketValidator"/> + <property name="statelessTicketCache" ref="statelessTicketCache"/> + <property name="key" value="rollerlovesacegi"/> + </bean> + + <bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator"> + <property name="casValidate" value="https://localhost:8443/cas/proxyValidate"/> + <property name="proxyCallbackUrl" value="http://localhost:8080/roller/casProxy/receptor"/> + <property name="serviceProperties" ref="serviceProperties"/> + <property name="trustStore" value="/Library/Java/Home/lib/security/cacerts"/> + </bean> + + <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> + + <bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean"> + <property name="cacheManager" ref="cacheManager"/> + <property name="cacheName" value="ticketCache"/> + </bean> + + <bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache"> + <property name="cache" ref="ticketCacheBackend"/> + </bean> + + <bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets"/> + + <bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties"> + <property name="service" value="http://localhost:8080/roller/roller_j_security_check"/> + <property name="sendRenew" value="false"/> + </bean> + --> + <!-- END Sample CAS/RollerDB hybrid security configuration --> </beans>
Modified: roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-comments-atom.vm URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-comments-atom.vm?rev=593664&r1=593663&r2=593664&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-comments-atom.vm (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-comments-atom.vm Fri Nov 9 13:54:45 2007 @@ -27,8 +27,8 @@ #if($config.feedHistoryEnabled) #showFeedHistory($pager) #end - <updated>$utils.formatIso8601Date($model.weblog.lastModified)</updated> - <generator uri="http://rollerweblogger.org"; version="$config.rollerVersion ($config.rollerBuildTimestamp:$config.rollerBuildUser)">Apache Roller (incubating)</generator> + <updated>$utils.formatIso8601Date($pager.lastUpdated)</updated> + <generator uri="http://roller.apache.org"; version="$config.rollerVersion ($config.rollerBuildTimestamp:$config.rollerBuildUser)">Apache Roller Weblogger</generator> #showCommentsAtom10($pager.items) </feed> Modified: roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-comments-rss.vm URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-comments-rss.vm?rev=593664&r1=593663&r2=593664&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-comments-rss.vm (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-comments-rss.vm Fri Nov 9 13:54:45 2007 @@ -26,10 +26,10 @@ <atom:link rel="self" type="application/rss+xml" href="$url.feed.comments.rss($model.categoryPath, $model.excerpts)" /> <description>$utils.escapeXML($config.siteDescription)</description> <language>en-us</language> - <copyright>Copyright $utils.formatDate($model.weblog.lastModified, "yyyy")</copyright> - <lastBuildDate>$utils.formatRfc822Date($model.weblog.lastModified)</lastBuildDate> - <generator>Apache Roller (incubating) $config.rollerVersion ($config.rollerBuildTimestamp:$config.rollerBuildUser)</generator> - #set($comments = $site.getCommentsPager(-1, $config.feedSize).items ) - #showCommentsRSS20($comments) + #set($pager = $site.getCommentsPager(-1, $config.feedSize)) + <copyright>Copyright $utils.formatDate($pager.lastUpdated, "yyyy")</copyright> + <lastBuildDate>$utils.formatRfc822Date($pager.lastUpdated)</lastBuildDate> + <generator>Apache Roller Weblogger $config.rollerVersion ($config.rollerBuildTimestamp:$config.rollerBuildUser)</generator> + #showCommentsRSS20($pager.items) </channel> </rss> Modified: roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-entries-atom.vm URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-entries-atom.vm?rev=593664&r1=593663&r2=593664&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-entries-atom.vm (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-entries-atom.vm Fri Nov 9 13:54:45 2007 @@ -33,8 +33,8 @@ #if($config.feedHistoryEnabled) #showFeedHistory($pager) #end - <updated>$utils.formatIso8601Date($model.weblog.lastModified)</updated> - <generator uri="http://rollerweblogger.org"; version="$config.rollerVersion ($config.rollerBuildTimestamp:$config.rollerBuildUser)">Apache Roller (incubating)</generator> + <updated>$utils.formatIso8601Date($pager.lastUpdated)</updated> + <generator uri="http://roller.apache.org"; version="$config.rollerVersion ($config.rollerBuildTimestamp:$config.rollerBuildUser)">Apache Roller Weblogger</generator> #showEntriesAtom10($pager.items) </feed> Modified: roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-entries-rss.vm URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-entries-rss.vm?rev=593664&r1=593663&r2=593664&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-entries-rss.vm (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/velocity/templates/feeds/site-entries-rss.vm Fri Nov 9 13:54:45 2007 @@ -32,10 +32,10 @@ #end <description>$utils.escapeXML($config.siteDescription)</description> <language>en-us</language> - <copyright>Copyright $utils.formatDate($model.weblog.lastModified, "yyyy")</copyright> - <lastBuildDate>$utils.formatRfc822Date($model.weblog.lastModified)</lastBuildDate> - <generator>Apache Roller (incubating) $config.rollerVersion ($config.rollerBuildTimestamp:$config.rollerBuildUser)</generator> - #set($entries = $site.getWeblogEntriesPager(-1, $config.feedSize).items ) - #showEntriesRSS20($entries) + #set($pager = $site.getWeblogEntriesPager(-1, $config.feedSize)) + <copyright>Copyright $utils.formatDate($pager.lastUpdated, "yyyy")</copyright> + <lastBuildDate>$utils.formatRfc822Date($pager.lastUpdated)</lastBuildDate> + <generator>Apache Roller Weblogger $config.rollerVersion ($config.rollerBuildTimestamp:$config.rollerBuildUser)</generator> + #showEntriesRSS20($pager.items) </channel> </rss>
