svn commit: r965707 - /portals/site/applications/src/site/xdoc/webcontent/rproxy.xml

Mon, 19 Jul 2010 18:10:53 -0700 

Author: woonsan
Date: Tue Jul 20 01:09:46 2010
New Revision: 965707

URL: http://svn.apache.org/viewvc?rev=965707&view=rev
Log:
APA-42: Adding security checking option based on roles

Modified:
    portals/site/applications/src/site/xdoc/webcontent/rproxy.xml

Modified: portals/site/applications/src/site/xdoc/webcontent/rproxy.xml
URL: 
http://svn.apache.org/viewvc/portals/site/applications/src/site/xdoc/webcontent/rproxy.xml?rev=965707&r1=965706&r2=965707&view=diff
==============================================================================
--- portals/site/applications/src/site/xdoc/webcontent/rproxy.xml (original)
+++ portals/site/applications/src/site/xdoc/webcontent/rproxy.xml Tue Jul 20 
01:09:46 2010
@@ -441,6 +441,18 @@ proxy.reverse.pass.site1.response.cookie
             </td>
           </tr>
           <tr>
+            
<td>proxy.reverse.pass.reverseProxyRequestContextProviderClassName</td>
+            <td></td>
+            <td></td>
+            <td>
+              The request context information provider class name, which 
should implement 
org.apache.portals.applications.webcontent.proxy.ReverseProxyRequestContextProvider.
+              The reverse proxy service will use this provider to check if the 
user of the request is in the specific role when the reverse proxy path 
resource is secured and
+              so some specificed allowed roles are configured.
+              <br/>
+              If not configured, then the default implementation checks if the 
user is in the specified role via the provided HttpServletRequest object.
+            </td>
+          </tr>
+          <tr>
             <td>proxy.reverse.pass.&lt;pathname&gt;.local</td>
             <td></td>
             <td>
@@ -479,6 +491,26 @@ proxy.reverse.pass.site1.response.cookie
             </td>
           </tr>
           <tr>
+            <td>proxy.reverse.pass.&lt;pathname&gt;.roles.allow</td>
+            <td></td>
+            <td>
+              dev<br/>
+              or<br/>
+              account, engineering
+            </td>
+            <td>
+              &lt;pathname&gt; should be replaced by the real path name.
+              With this example, you may use 'apache' or 'portals' for 
&lt;pathname&gt;.
+              <br/>
+              When this property is set, the reverse proxy path resource is 
secured.
+              The request user should be in the specified roles to access this 
resource.
+              <br/>
+              By default, it is checked via 
javax.servlet.http.HttpServletRequest#isUserInRole(role).
+              However, you could provide a customized request context provider 
implementation with 
+              
<CODE>proxy.reverse.pass.reverseProxyRequestContextProviderClassName</CODE> 
property.
+            </td>
+          </tr>
+          <tr>
             <td>proxy.reverse.pass.&lt;pathname&gt;.rewriter.basic</td>
             <td></td>
             <td>

Reply via email to