]> source.dussan.org Git - archiva.git/blob
projects / archiva.git / blob
? search:


4a5c9ec8c70245780ea084c86c6d059f85ac2112
[archiva.git] /
1 <?xml version="1.0" ?>
2 <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
3     "http://struts.apache.org/dtds/struts-2.0.dtd"> 
4
5 <!-- ==================================================================
6      Plexus Security Tools
7
8      This should contain the /security namespaced action configurations.
9
10      These configurations will likely not need changing.
11
12      These configurations point to the overlaid jsp files.
13      ==================================================================  -->
14
15 <struts>
16   <!-- ==================================================================
17        Security Tools for Users
18
19        All Users should be able to access and use the actions contained
20        within this package.
21        ==================================================================  -->
22
23   <package name="security" extends="struts-default" namespace="/security">
24     <result-types>
25       <result-type name="security-external" class="securityExternalResult" />
26     </result-types>
27
28     <interceptors>
29       <interceptor name="redbackForceAdminUser" class="redbackForceAdminUserInterceptor"/>
30       <interceptor name="redbackEnvCheck" class="redbackEnvironmentCheckInterceptor"/>
31       <interceptor name="redbackAutoLogin" class="redbackAutoLoginInterceptor"/>
32       <interceptor name="redbackPolicyEnforcement" class="redbackPolicyEnforcementInterceptor"/>
33       <interceptor name="redbackSecureActions" class="redbackSecureActionInterceptor"/>
34
35       <!--
36       Stacks are order dependent and fail silently by not running the referenced stack.
37       Make sure that redbackCommonStack remains above is usages.
38       -->
39       <interceptor-stack name="redbackCommonStack">
40          <interceptor-ref name="redbackEnvCheck"/>
41          <interceptor-ref name="redbackForceAdminUser"/>
42          <interceptor-ref name="redbackAutoLogin"/>
43          <interceptor-ref name="redbackPolicyEnforcement"/>
44          <interceptor-ref name="redbackSecureActions">
45            <param name="enableReferrerCheck">true</param>
46          </interceptor-ref>
47       </interceptor-stack>
48
49       <interceptor-stack name="securedStack">
50         <interceptor-ref name="defaultStack"/>
51         <interceptor-ref name="redbackCommonStack"/>
52         <interceptor-ref name="tokenSession">
53           <param name="excludeMethods">*</param>  
54         </interceptor-ref>
55       </interceptor-stack>
56       
57       <interceptor-stack name="securedPrepareParamsStack">
58         <interceptor-ref name="paramsPrepareParamsStack"/>
59         <interceptor-ref name="redbackCommonStack"/>
60       </interceptor-stack>
61
62     </interceptors>
63
64     <default-interceptor-ref name="securedStack"/>
65
66     <global-results>
67       <result name="security-admin-user-needed" type="redirectAction">
68         <param name="actionName">addadmin</param>
69         <param name="namespace">/security</param>
70       </result>
71       <result name="requires-authentication">/WEB-INF/jsp/redback/requiresAuthentication.jsp</result>
72       <result name="requires-authorization">/WEB-INF/jsp/redback/accessDenied.jsp</result>
73       <result name="security-must-change-password" type="redirectAction">
74         <param name="actionName">password</param>
75         <param name="namespace">/security</param>        
76       </result>
77       <result name="security-resend-validation-email" type="redirectAction">
78         <param name="actionName">userlist</param>
79         <param name="namespace">/security</param>        
80       </result>
81       <result name="invalid.token">/WEB-INF/jsp/redback/invalidToken.jsp</result>
82     </global-results>
83
84     <action name="login" class="redback-login" method="show">
85       <result name="input">/WEB-INF/jsp/redback/login.jsp</result>
86       <result name="error">/WEB-INF/jsp/redback/login.jsp</result>
87       <result name="security-login-success" type="security-external">
88         <param name="externalResult">security-login-success</param>
89       </result>
90       <result name="cancel" type="security-external">
91         <param name="externalResult">security-login-cancel</param>
92       </result>
93       <result name="security-login-locked" type="security-external">
94         <param name="externalResult">security-login-locked</param>
95       </result>
96     </action>
97
98     <action name="logout" class="redback-logout" method="logout">
99       <result name="security-logout" type="security-external">
100         <param name="externalResult">security-logout</param>
101       </result>
102     </action>
103
104     <action name="register" class="redback-register" method="show">
105       <result name="input">/WEB-INF/jsp/redback/register.jsp</result>
106       <result name="error">/WEB-INF/jsp/redback/register.jsp</result>
107       <result name="validation-note">/WEB-INF/jsp/redback/validationNotification.jsp</result>
108       <result name="security-register-success" type="security-external">
109         <param name="externalResult">security-register-success</param>
110       </result>
111       <result name="cancel" type="security-external">
112         <param name="externalResult">security-register-cancel</param>
113       </result>
114     </action>
115
116     <action name="account" class="redback-account" method="show">
117       <result name="input">/WEB-INF/jsp/redback/account.jsp</result>
118       <result name="error">/WEB-INF/jsp/redback/account.jsp</result>
119       <result name="security-account-success" type="security-external">
120         <param name="externalResult">security-account-success</param>
121       </result>
122       <result name="cancel" type="security-external">
123         <param name="externalResult">security-account-cancel</param>
124       </result>
125     </action>
126
127     <action name="password" class="redback-password" method="show">
128       <result name="input">/WEB-INF/jsp/redback/password.jsp</result>
129       <result name="error">/WEB-INF/jsp/redback/password.jsp</result>
130       <result name="security-login-success" type="security-external">
131         <param name="externalResult">security-login-success</param>
132       </result>
133       <result name="security-register-success" type="security-external">
134         <param name="externalResult">security-register-success</param>
135       </result>      
136       <result name="success" type="redirect">${targetUrl}</result>
137       <result name="cancel" type="redirectAction">
138         <param name="actionName">logout</param>
139         <param name="namespace">/security</param>
140       </result>
141       <result name="security-change-password-success">/WEB-INF/jsp/redback/changePasswordSuccess.jsp</result>
142     </action>
143
144     <action name="passwordReset" class="redback-password-reset" method="show">
145       <result name="input">/WEB-INF/jsp/redback/requestPasswordReset.jsp</result>
146       <result name="none">/WEB-INF/jsp/redback/login.jsp</result>
147     </action>
148
149     <action name="addadmin" class="redback-admin-account" method="show">
150       <interceptor-ref name="defaultStack"/>
151       <result name="input">/WEB-INF/jsp/redback/admin/createAdmin.jsp</result>
152       <result name="error">/WEB-INF/jsp/redback/admin/createAdmin.jsp</result>
153       <result name="login-error">/WEB-INF/jsp/redback/login.jsp</result>
154       <result name="security-login-success" type="security-external">
155         <param name="externalResult">security-login-success</param>
156       </result>
157       <result name="security-login-locked" type="security-external">
158         <param name="externalResult">security-login-locked</param>
159       </result>
160     </action>
161
162   <!-- ==================================================================
163        Security Tools for Administrators
164
165        Only Administrators should be able to access and use these actions
166        ==================================================================  -->
167
168     <action name="systeminfo" class="redback-sysinfo" method="show">
169       <result>/WEB-INF/jsp/redback/admin/systemInformation.jsp</result>
170     </action>
171
172     <action name="adminConsole" class="redback-admin-console" method="show">
173       <result>/WEB-INF/jsp/redback/admin/console.jsp</result>
174     </action>
175
176     <action name="report" class="redback-report" method="generate">
177       <result name="error" type="redirectAction">userlist</result>
178     </action>
179
180     <action name="userlist" class="redback-admin-user-list" method="show">
181       <result name="input">/WEB-INF/jsp/redback/admin/userList.jsp</result>
182       <result name="success">/WEB-INF/jsp/redback/admin/userList.jsp</result>
183     </action>
184
185     <action name="useredit" class="redback-admin-user-edit" method="edit">
186       <result name="input">/WEB-INF/jsp/redback/admin/userEdit.jsp</result>
187       <result name="error">/WEB-INF/jsp/redback/admin/userEdit.jsp</result>
188       <result name="confirm">/WEB-INF/jsp/redback/admin/confirmUserAdministrator.jsp</result>
189       <result name="confirmError">/WEB-INF/jsp/redback/admin/confirmUserAdministrator.jsp</result>
190       <result name="success" type="redirectAction">userlist</result>
191       <result name="cancel" type="redirectAction">userlist</result>
192     </action>
193
194     <action name="usercreate" class="redback-admin-user-create" method="show">
195       <result name="input">/WEB-INF/jsp/redback/admin/userCreate.jsp</result>
196       <result name="error">/WEB-INF/jsp/redback/admin/userCreate.jsp</result>
197       <result name="success" type="redirectAction">
198         <param name="actionName">assignments</param>
199         <param name="principal">${user.username}</param>
200       </result>
201       <interceptor-ref name="securedStack">
202         <param name="tokenSession.includeMethods">*</param>
203       </interceptor-ref>
204     </action>
205
206     <action name="userdelete" class="redback-admin-user-delete" method="confirm">
207       <result name="input">/WEB-INF/jsp/redback/admin/userDelete.jsp</result>
208       <result name="error" type="redirectAction">userlist</result>
209       <result name="success" type="redirectAction">userlist</result>
210       <result name="cancel" type="redirectAction">userlist</result>
211       <interceptor-ref name="securedStack">
212         <param name="tokenSession.includeMethods">*</param>
213       </interceptor-ref>
214     </action>
215
216     <!-- ==== RBAC Actions ========================================== -->
217
218     <!-- This action is meant to be embedded within the User Edit action output jsp.
219          It is injected using the <ww:action> taglib -->
220     <action name="assignments" class="redback-assignments" method="show">
221       <interceptor-ref name="securedStack"/>
222       <result name="input">/WEB-INF/jsp/redback/admin/assignments.jsp</result>
223       <result name="error">/WEB-INF/jsp/redback/include/error.jsp</result>
224       <result name="success">/WEB-INF/jsp/redback/admin/assignments.jsp</result>
225     </action>
226
227     <action name="addRolesToUser" class="redback-assignments" method="edituser">
228       <result name="success" type="redirectAction">userlist</result>
229       <interceptor-ref name="securedStack">
230         <param name="tokenSession.includeMethods">*</param>
231       </interceptor-ref>
232     </action>
233
234     <action name="removeRolesFromUser" class="redback-assignments" method="edituser">
235       <result name="success" type="redirectAction">userlist</result>
236     </action>
237
238     <action name="rolecreate" class="redback-role-create" method="show">
239       <result name="input">/WEB-INF/jsp/redback/admin/roleCreate.jsp</result>
240       <result name="error">/WEB-INF/jsp/redback/admin/roleCreate.jsp</result>
241       <result name="success" type="redirectAction">userlist</result>
242       <interceptor-ref name="securedStack">
243         <param name="tokenSession.includeMethods">*</param>
244       </interceptor-ref>
245     </action>
246
247     <action name="role" class="redback-role-edit" method="input">
248       <result name="input">/WEB-INF/jsp/redback/admin/role.jsp</result>
249       <result name="error">/WEB-INF/jsp/redback/admin/role.jsp</result>
250       <result name="success" type="redirectAction">roles</result>
251     </action>
252
253     <action name="roleedit" class="redback-role-edit" method="edit">
254       <result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
255       <result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
256       <result name="success" type="redirectAction">roles</result>
257     </action>
258
259     <action name="rolesave" class="redback-role-edit" method="save">
260       <result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
261       <result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
262       <result name="success" type="redirectAction">roles</result>
263       <interceptor-ref name="securedStack">
264         <param name="tokenSession.includeMethods">*</param>
265       </interceptor-ref>
266     </action>
267
268     <action name="roleusersadd" class="redback-role-edit" method="addUsers">
269       <result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
270       <result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
271       <result name="success">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
272       <interceptor-ref name="securedStack">
273         <param name="tokenSession.includeMethods">*</param>
274       </interceptor-ref>
275     </action>
276
277     <action name="roleusersremove" class="redback-role-edit" method="removeUsers">
278       <result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
279       <result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
280       <result name="success">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
281       <interceptor-ref name="securedStack">
282         <param name="tokenSession.includeMethods">*</param>
283       </interceptor-ref>
284     </action>
285
286     <action name="roleSummary" class="redback-roles" method="list">
287        <result name="list">/WEB-INF/jsp/redback/admin/roleSummary.jsp</result>
288     </action>
289
290     <action name="roles" class="redback-roles" method="list">
291       <result name="list">/WEB-INF/jsp/redback/admin/roleList.jsp</result>
292     </action>
293
294     <action name="permissions" class="redback-permissions" method="list">
295       <result name="list">/WEB-INF/jsp/redback/admin/permissionList.jsp</result>
296     </action>
297
298     <action name="operations" class="redback-operations" method="list">
299       <result name="list">/WEB-INF/jsp/redback/admin/operationList.jsp</result>
300     </action>
301
302     <action name="resources" class="redback-resources" method="list">
303       <result name="list">/WEB-INF/jsp/redback/admin/resourceList.jsp</result>
304     </action>
305
306     <action name="roleModel" class="redback-role-model" method="view">
307       <result name="success">/WEB-INF/jsp/redback/admin/roleModel.jsp</result>
308     </action>
309
310     <!--
311       Backup Restore actions 
312      -->
313
314     <action name="backupRestore" class="backup-restore" method="view">
315       <result>/WEB-INF/jsp/redback/admin/backupRestore.jsp</result>
316     </action>
317        
318     <action name="backup" class="backup-restore" method="backup">
319       <result name="custom_error">/WEB-INF/jsp/redback/admin/backupRestore.jsp</result>
320       <result type="redirectAction">backupRestore</result>
321     </action>
322
323     <action name="restore" class="backup-restore" method="restore">
324       <result name="custom_error">/WEB-INF/jsp/redback/admin/backupRestore.jsp</result>      
325       <result name="success" type="redirectAction">backupRestore</result>
326     </action>
327     
328   </package>
329
330 </struts>
Apache Archiva Repository: https://github.com/apache/archiva