Author: vtence Date: Wed Dec 22 07:32:47 2004 New Revision: 123112 URL: http://svn.apache.org/viewcvs?view=rev&rev=123112 Log: First cut at example application. Demonstration of username-password authentication and role-based access control. Security information stored in XML files. Added: incubator/directory/janus/trunk/example/ incubator/directory/janus/trunk/example/project.xml (contents, props changed) incubator/directory/janus/trunk/example/src/ incubator/directory/janus/trunk/example/src/java/ incubator/directory/janus/trunk/example/src/java/org/ incubator/directory/janus/trunk/example/src/java/org/apache/ incubator/directory/janus/trunk/example/src/java/org/apache/janus/ incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/ incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/ incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/CanPurchasePredicateBuilder.java (contents, props changed) incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/EnhancedNanoWebVelocityServlet.java (contents, props changed) incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/Item.java (contents, props changed) incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/PurchasePermission.java (contents, props changed) incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/SecurityContext.java (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/ incubator/directory/janus/trunk/example/src/webapp/WEB-INF/ incubator/directory/janus/trunk/example/src/webapp/WEB-INF/nanocontainer.groovy (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/WEB-INF/permissions.xml (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/WEB-INF/roles.xml (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/WEB-INF/users.xml (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/WEB-INF/web.xml (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/catalog.vm (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/denied.vm (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/home.vm (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/index.vm (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/item_details.vm (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/login.vm (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/receipt.vm (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/security.groovy (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/shop.groovy (contents, props changed) incubator/directory/janus/trunk/example/src/webapp/try_again.vm (contents, props changed)
Added: incubator/directory/janus/trunk/example/project.xml Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/project.xml?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/project.xml Wed Dec 22 07:32:47 2004 @@ -0,0 +1,142 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<project> + <extend>${basedir}/../project.xml</extend> + + <name>Janus Demo Application</name> + <id>janus-example</id> + <package>org.apache.janus</package> + + <shortDescription>Janus Demo Application</shortDescription> + + <description> + Demonstration Application of the Janus Security Framework + </description> + + <dependencies> + <dependency> + <groupId>${pom.groupId}</groupId> + <artifactId>janus-api</artifactId> + <version>${pom.currentVersion}</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>${pom.groupId}</groupId> + <artifactId>janus-impl</artifactId> + <version>${pom.currentVersion}</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>${pom.groupId}</groupId> + <artifactId>janus-script</artifactId> + <version>${pom.currentVersion}</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>servletapi</groupId> + <artifactId>servletapi</artifactId> + <version>2.3</version> + </dependency> + <dependency> + <groupId>dom4j</groupId> + <artifactId>dom4j</artifactId> + <version>1.4</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>2.6.0</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>xml-apis</groupId> + <artifactId>xml-apis</artifactId> + <version>1.0.b2</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>picocontainer</groupId> + <artifactId>picocontainer</artifactId> + <version>1.1</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>nanocontainer</groupId> + <artifactId>nanocontainer</artifactId> + <version>1.0-SNAPSHOT</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>nanocontainer</groupId> + <artifactId>nanocontainer-nanowar</artifactId> + <version>1.0-SNAPSHOT</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>groovy</groupId> + <artifactId>groovy</artifactId> + <version>1.0-beta-8</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>asm</groupId> + <artifactId>asm</artifactId> + <version>1.5.2</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>asm</groupId> + <artifactId>asm-util</artifactId> + <version>1.5.2</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>velocity</groupId> + <artifactId>velocity</artifactId> + <version>1.4</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>velocity-tools</groupId> + <artifactId>velocity-tools-view</artifactId> + <version>1.0</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + <dependency> + <groupId>ognl</groupId> + <artifactId>ognl</artifactId> + <version>2.6.5</version> + <properties> + <war.bundle>true</war.bundle> + </properties> + </dependency> + </dependencies> +</project> \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/CanPurchasePredicateBuilder.java Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/CanPurchasePredicateBuilder.java?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/CanPurchasePredicateBuilder.java Wed Dec 22 07:32:47 2004 @@ -0,0 +1,35 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.janus.example.web; + +import org.apache.janus.script.xml.builder.AbstractElementBuilder; +import org.apache.janus.authorization.predicate.ImpliedPermissionPredicate; +import org.dom4j.Element; + +public class CanPurchasePredicateBuilder extends AbstractElementBuilder +{ + public boolean canBuild( Element e ) + { + return "buy".equals( e.getName() ); + } + + public Object buildFrom( Element e ) + { + float limit = Float.parseFloat( e.attributeValue( "limit" ) ); + return new ImpliedPermissionPredicate( new PurchasePermission( limit ) ); + } +} Added: incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/EnhancedNanoWebVelocityServlet.java Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/EnhancedNanoWebVelocityServlet.java?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/EnhancedNanoWebVelocityServlet.java Wed Dec 22 07:32:47 2004 @@ -0,0 +1,33 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.janus.example.web; + +import org.apache.velocity.Template; +import org.apache.velocity.context.Context; +import org.apache.velocity.tools.view.servlet.VelocityViewServlet; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +public class EnhancedNanoWebVelocityServlet extends VelocityViewServlet +{ + protected Template handleRequest( HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Context context ) throws Exception + { + context.put( "root", httpServletRequest.getContextPath() ); + return super.handleRequest( httpServletRequest, httpServletResponse, context ); + } +} Added: incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/Item.java Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/Item.java?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/Item.java Wed Dec 22 07:32:47 2004 @@ -0,0 +1,39 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.janus.example.web; + +public class Item +{ + private final String m_description; + private final float m_price; + + public Item( String description, float price ) + { + m_description = description; + m_price = price; + } + + public String getDescription() + { + return m_description; + } + + public float getPrice() + { + return m_price; + } +} Added: incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/PurchasePermission.java Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/PurchasePermission.java?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/PurchasePermission.java Wed Dec 22 07:32:47 2004 @@ -0,0 +1,44 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.janus.example.web; + +import org.apache.janus.authorization.BasicPermission; +import org.apache.janus.authorization.Permission; + +public class PurchasePermission extends BasicPermission +{ + private final float m_priceLimit; + + public PurchasePermission( float limit ) + { + super( "item" ); + m_priceLimit = limit; + } + + public float getPriceLimit() + { + return m_priceLimit; + } + + public boolean implies( Permission permission ) + { + if ( !( permission instanceof PurchasePermission ) ) return false; + + PurchasePermission other = ( PurchasePermission ) permission; + return m_priceLimit >= other.getPriceLimit(); + } +} Added: incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/SecurityContext.java Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/SecurityContext.java?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/java/org/apache/janus/example/web/SecurityContext.java Wed Dec 22 07:32:47 2004 @@ -0,0 +1,55 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.janus.example.web; + +import org.apache.janus.authentication.realm.UsernamePrincipal; + +import javax.security.auth.Subject; +import java.io.Serializable; +import java.util.Set; + +public class SecurityContext implements Serializable +{ + private Subject m_subject; + + public Subject getSubject() + { + return m_subject; + } + + public boolean authenticated() + { + return m_subject != null; + } + + public void login( Subject subject ) + { + m_subject = subject; + } + + public void logout() + { + m_subject = null; + } + + public String getUsername() + { + Set userPrincipals = (Set) m_subject.getPrincipals( UsernamePrincipal.class ); + UsernamePrincipal user = (UsernamePrincipal) userPrincipals.iterator().next(); + return user.getName(); + } +} Added: incubator/directory/janus/trunk/example/src/webapp/WEB-INF/nanocontainer.groovy Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/WEB-INF/nanocontainer.groovy?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/WEB-INF/nanocontainer.groovy Wed Dec 22 07:32:47 2004 @@ -0,0 +1,39 @@ +pico = new org.picocontainer.defaults.DefaultPicoContainer( parent ) + +if ( assemblyScope instanceof javax.servlet.ServletContext ) +{ + realm = new org.apache.janus.authentication.realm.MemoryRealm() + // A nasty groovy bug prevents us from using servlet context to get the file real path + // See http://jira.codehaus.org/browse/GROOVY-210 + users = new java.io.FileReader( "c:/tools/jakarta-tomcat-5.0.28/webapps/janus-example/WEB-INF/users.xml" ) + realmBuilder = org.apache.janus.script.xml.Dom4JRealmBuilder.fromReader( users ) + realmBuilder.buildRealm( realm ) + + authenticator = new org.apache.janus.authentication.DefaultAuthenticator( realm ) + + roleProvider = new org.apache.janus.authentication.attribute.AttributeProvider() + roles = new java.io.FileReader( "c:/tools/jakarta-tomcat-5.0.28/webapps/janus-example/WEB-INF/roles.xml" ) + roleBuilder = org.apache.janus.script.xml.Dom4JRoleBuilder.fromReader( roles ) + roleBuilder.buildProvider( roleProvider ) + + authenticator.addInformationProvider( roleProvider ) + pico.registerComponentInstance( org.apache.janus.authentication.Authenticator, authenticator ) + + policy = new org.apache.janus.authorization.Policy( new org.apache.janus.authorization.effect.PermitOverridesEffect() ) + permissions = new java.io.FileReader( "c:/tools/jakarta-tomcat-5.0.28/webapps/janus-example/WEB-INF/permissions.xml" ) + policyBuilder = org.apache.janus.script.xml.Dom4JRuleSetBuilder.fromReader( permissions ) + policyBuilder.registerBuilder( new org.apache.janus.example.web.CanPurchasePredicateBuilder() ) + policyBuilder.buildRuleSet( policy ) + + authorizer = new org.apache.janus.authorization.DefaultAuthorizer( policy ); + authorizer.denyOn( org.apache.janus.authorization.effect.Effects.NOT_APPLICABLE ); + pico.registerComponentInstance( org.apache.janus.authorization.Authorizer, authorizer ) +} +else if ( assemblyScope instanceof javax.servlet.http.HttpSession ) +{ + // Session level components + pico.registerComponentImplementation( org.apache.janus.example.web.SecurityContext ) +} +else if ( assemblyScope instanceof javax.servlet.ServletRequest ) +{ +} Added: incubator/directory/janus/trunk/example/src/webapp/WEB-INF/permissions.xml Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/WEB-INF/permissions.xml?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/WEB-INF/permissions.xml Wed Dec 22 07:32:47 2004 @@ -0,0 +1,19 @@ +<?xml version="1.0"?> +<policy> + <grant> + <subjects> + <role>buyer</role> + </subjects> + <permissions> + <buy limit="25"/> + </permissions> + </grant> + <grant> + <subjects> + <role>vip</role> + </subjects> + <permissions> + <buy limit="100"/> + </permissions> + </grant> +</policy> \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/webapp/WEB-INF/roles.xml Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/WEB-INF/roles.xml?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/WEB-INF/roles.xml Wed Dec 22 07:32:47 2004 @@ -0,0 +1,6 @@ +<?xml version="1.0"?> +<roles> + <user username="vincent" role="vip"/> + <user username="alex" role="buyer"/> + <role rolename="vip" role="buyer"/> +</roles> \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/webapp/WEB-INF/users.xml Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/WEB-INF/users.xml?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/WEB-INF/users.xml Wed Dec 22 07:32:47 2004 @@ -0,0 +1,6 @@ +<?xml version="1.0"?> +<realm> + <user username="anonymous" password=""/> + <user username="vincent" password="foo"/> + <user username="alex" password="bar"/> +</realm> \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/webapp/WEB-INF/web.xml Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/WEB-INF/web.xml?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/WEB-INF/web.xml Wed Dec 22 07:32:47 2004 @@ -0,0 +1,58 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd";> +<web-app> + <display-name>Janus Demo</display-name> + + <context-param> + <param-name>nanocontainer.groovy</param-name> + <param-value>/WEB-INF/nanocontainer.groovy</param-value> + </context-param> + + <listener> + <listener-class>org.nanocontainer.nanowar.ServletContainerListener</listener-class> + </listener> + + <servlet> + <servlet-name>NanoWeb</servlet-name> + <servlet-class>org.nanocontainer.nanowar.nanoweb.NanoWebServlet</servlet-class> + <init-param> + <param-name>viewtypes</param-name> + <param-value>.jsp,.vm</param-value> + </init-param> + <load-on-startup>1</load-on-startup> + </servlet> + + <servlet> + <servlet-name>NanoVelocity</servlet-name> + <servlet-class>org.apache.janus.example.web.EnhancedNanoWebVelocityServlet</servlet-class> + <!-- + <init-param> + <param-name>org.apache.velocity.toolbox</param-name> + <param-value>/WEB-INF/velocity.xml</param-value> + </init-param> + --> + <load-on-startup>1</load-on-startup> + </servlet> + + <!-- For actions --> + <servlet-mapping> + <servlet-name>NanoWeb</servlet-name> + <url-pattern>*.nano</url-pattern> + </servlet-mapping> + <servlet-mapping> + <servlet-name>NanoWeb</servlet-name> + <url-pattern>*.groovy + </url-pattern> + </servlet-mapping> + + <!-- For views (forwarded to by NanoWeb after action execution) --> + <servlet-mapping> + <servlet-name>NanoVelocity</servlet-name> + <url-pattern>*.vm</url-pattern> + </servlet-mapping> + + <welcome-file-list> + <welcome-file>index.vm</welcome-file> + </welcome-file-list> +</web-app> \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/webapp/catalog.vm Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/catalog.vm?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/catalog.vm Wed Dec 22 07:32:47 2004 @@ -0,0 +1,18 @@ +<html> + <head> + <title>Janus Demo Application</title> + </head> + + <body> + Today In Stock: + + <ul> + #foreach( $key in $action.catalog.keySet() ) + <li><a href="view.groovy?key=$key">$key</a></li> + #end + </ul> + + <br> + <a href="exit.groovy">Exit Shop</a> + </body> +</html> Added: incubator/directory/janus/trunk/example/src/webapp/denied.vm Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/denied.vm?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/denied.vm Wed Dec 22 07:32:47 2004 @@ -0,0 +1,8 @@ +<html> + <head> + <title>Janus Demo Application</title> + </head> + <body> + This is too expensive for you $action.username! <a href="list.groovy">Choose something cheaper</a> + </body> +</html> \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/webapp/home.vm Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/home.vm?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/home.vm Wed Dec 22 07:32:47 2004 @@ -0,0 +1,13 @@ +<html> + <head> + <title>Janus Demo Application</title> + </head> + <body> + Welcome! + + <p> + <a href="$root/shop/list.groovy">Shop online</a> + <p> + <a href="$root/security/logout.groovy">Logout</a> + </body> +</html> \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/webapp/index.vm Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/index.vm?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/index.vm Wed Dec 22 07:32:47 2004 @@ -0,0 +1,8 @@ +<html> + <head> + <title>Janus Demo Application</title> + </head> + <body> + <a href="$root/security/login.groovy">Login</a> + </body> +</html> Added: incubator/directory/janus/trunk/example/src/webapp/item_details.vm Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/item_details.vm?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/item_details.vm Wed Dec 22 07:32:47 2004 @@ -0,0 +1,13 @@ +<html> + <head> + <title>Janus Demo Application</title> + </head> + + <body> + <form method="POST" action="buy.groovy?key=$action.key"> + $action.item.description: $action.item.price + <br> + <input type="submit" value="Buy"> + </form> + </body> +</html> Added: incubator/directory/janus/trunk/example/src/webapp/login.vm Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/login.vm?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/login.vm Wed Dec 22 07:32:47 2004 @@ -0,0 +1,14 @@ +<html> + <head> + <title>Janus Demo Application</title> + </head> + <body> + <form method="POST" action="authenticate.groovy"> + Username: <input type="text" name="username" size="20"> + <br> + Password: <input type="password" name="password" size="20"> + <br> + <input type="submit" value="Login"> + </form> + </body> +</html> \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/webapp/receipt.vm Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/receipt.vm?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/receipt.vm Wed Dec 22 07:32:47 2004 @@ -0,0 +1,8 @@ +<html> + <head> + <title>Janus Demo Application</title> + </head> + <body> + Thanks $action.username for shopping with us. <a href="list.groovy">Buy something else</a> + </body> +</html> \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/webapp/security.groovy Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/security.groovy?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/security.groovy Wed Dec 22 07:32:47 2004 @@ -0,0 +1,39 @@ +import javax.security.auth.Subject + +import org.apache.janus.authentication.Authenticator +import org.apache.janus.authentication.CredentialSet +import org.apache.janus.authentication.realm.UsernameCredential +import org.apache.janus.authentication.realm.PasswordCredential +import org.apache.janus.example.web.SecurityContext + +class Security { + + authenticator + username + password + context + + Security( Authenticator authenticator, SecurityContext context ) { + this.authenticator = authenticator + this.context = context + } + + login() { + return "login" + } + + authenticate() { + creds = new CredentialSet() + creds.add( new UsernameCredential( username ) ) + creds.add( new PasswordCredential( password ) ) + subject = authenticator.authenticate( creds ) + if ( subject == null ) return "try_again" + + context.login( subject ) + return "home" + } + + logout() { + return "index" + } +} \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/webapp/shop.groovy Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/shop.groovy?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/shop.groovy Wed Dec 22 07:32:47 2004 @@ -0,0 +1,49 @@ +import org.apache.janus.example.web.Item +import org.apache.janus.example.web.PurchasePermission +import org.apache.janus.authorization.Authorizer +import org.apache.janus.example.web.SecurityContext + +class Shop { + + authorizer + context + catalog + key + item + username + + Shop( Authorizer authorizer, SecurityContext context ) { + this.authorizer = authorizer + this.context = context + catalog = new java.util.HashMap() + catalog.put( "book", new Item("The Pickaxe book, Second Edition", 50 ) ) + catalog.put( "mug", new Item( "Purple Java Mug", 10 ) ) + } + + list() { + return "catalog" + } + + view() { + item = lookup( key ) + return "item_details" + } + + buy() { + item = lookup( key ) + purchase = new PurchasePermission( item.getPrice() ) + me = context.getSubject() + username = context.getUsername() + if ( !authorizer.authorize( me, purchase ) ) return "denied" + + return "receipt" + } + + exit() { + return "home" + } + + lookup( key ) { + return catalog.get( key ) + } +} \ No newline at end of file Added: incubator/directory/janus/trunk/example/src/webapp/try_again.vm Url: http://svn.apache.org/viewcvs/incubator/directory/janus/trunk/example/src/webapp/try_again.vm?view=auto&rev=123112 ============================================================================== --- (empty file) +++ incubator/directory/janus/trunk/example/src/webapp/try_again.vm Wed Dec 22 07:32:47 2004 @@ -0,0 +1,8 @@ +<html> + <head> + <title>Janus Demo Application</title> + </head> + <body> + Are you sure you're $action.username? <a href="authenticate.groovy">Try again</a> + </body> +</html> \ No newline at end of file
