]> source.dussan.org Git - archiva.git/blob
projects / archiva.git / blob
? search:


c4fd136f0e71f44d713c6f3f22635e3546ce3829
[archiva.git] /
1 <?xml version="1.0" encoding="UTF-8"?>
2 <!--
3   ~ Licensed to the Apache Software Foundation (ASF) under one
4   ~ or more contributor license agreements.  See the NOTICE file
5   ~ distributed with this work for additional information
6   ~ regarding copyright ownership.  The ASF licenses this file
7   ~ to you under the Apache License, Version 2.0 (the
8   ~ "License"); you may not use this file except in compliance
9   ~ with the License.  You may obtain a copy of the License at
10   ~
11   ~  http://www.apache.org/licenses/LICENSE-2.0
12   ~
13   ~ Unless required by applicable law or agreed to in writing,
14   ~ software distributed under the License is distributed on an
15   ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   ~ KIND, either express or implied.  See the License for the
17   ~ specific language governing permissions and limitations
18   ~ under the License.
19   -->
20 <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
21     "http://struts.apache.org/dtds/struts-2.0.dtd"> 
22
23 <!-- ==================================================================
24      Plexus Security Tools
25
26      This should contain the /security namespaced action configurations.
27
28      These configurations will likely not need changing.
29
30      These configurations point to the overlaid jsp files.
31      ==================================================================  -->
32
33 <struts>
34   <!-- ==================================================================
35        Security Tools for Users
36
37        All Users should be able to access and use the actions contained
38        within this package.
39        ==================================================================  -->
40
41   <package name="security" extends="struts-default" namespace="/security">
42     <result-types>
43       <result-type name="security-external" class="securityExternalResult" />
44     </result-types>
45
46     <interceptors>
47       <interceptor name="redbackForceAdminUser" class="redbackForceAdminUserInterceptor"/>
48       <interceptor name="redbackEnvCheck" class="redbackEnvironmentCheckInterceptor"/>
49       <interceptor name="redbackAutoLogin" class="redbackAutoLoginInterceptor"/>
50       <interceptor name="redbackPolicyEnforcement" class="redbackPolicyEnforcementInterceptor"/>
51       <interceptor name="redbackSecureActions" class="redbackSecureActionInterceptor"/>
52
53       <!--
54       Stacks are order dependent and fail silently by not running the referenced stack.
55       Make sure that redbackCommonStack remains above is usages.
56       -->
57       <interceptor-stack name="redbackCommonStack">
58          <interceptor-ref name="redbackEnvCheck"/>
59          <interceptor-ref name="redbackForceAdminUser"/>
60          <interceptor-ref name="redbackAutoLogin"/>
61          <interceptor-ref name="redbackPolicyEnforcement"/>
62          <interceptor-ref name="redbackSecureActions">
63            <param name="enableReferrerCheck">true</param>
64          </interceptor-ref>
65       </interceptor-stack>
66
67       <interceptor-stack name="securedStack">
68         <interceptor-ref name="defaultStack"/>
69         <interceptor-ref name="redbackCommonStack"/>
70         <interceptor-ref name="tokenSession">
71           <param name="excludeMethods">*</param>  
72         </interceptor-ref>
73       </interceptor-stack>
74       
75       <interceptor-stack name="securedPrepareParamsStack">
76         <interceptor-ref name="paramsPrepareParamsStack"/>
77         <interceptor-ref name="redbackCommonStack"/>
78       </interceptor-stack>
79
80     </interceptors>
81
82     <default-interceptor-ref name="securedStack"/>
83
84     <global-results>
85       <result name="security-admin-user-needed" type="redirectAction">
86         <param name="actionName">addadmin</param>
87         <param name="namespace">/security</param>
88       </result>
89       <result name="requires-authentication">/WEB-INF/jsp/redback/requiresAuthentication.jsp</result>
90       <result name="requires-authorization">/WEB-INF/jsp/redback/accessDenied.jsp</result>
91       <result name="security-must-change-password" type="redirectAction">
92         <param name="actionName">password</param>
93         <param name="namespace">/security</param>        
94       </result>
95       <result name="security-resend-validation-email" type="redirectAction">
96         <param name="actionName">userlist</param>
97         <param name="namespace">/security</param>        
98       </result>
99       <result name="invalid.token">/WEB-INF/jsp/redback/invalidToken.jsp</result>
100     </global-results>
101
102     <action name="login" class="redback-login" method="show">
103       <result name="input">/WEB-INF/jsp/redback/login.jsp</result>
104       <result name="error">/WEB-INF/jsp/redback/login.jsp</result>
105       <result name="security-login-success" type="security-external">
106         <param name="externalResult">security-login-success</param>
107       </result>
108       <result name="cancel" type="security-external">
109         <param name="externalResult">security-login-cancel</param>
110       </result>
111       <result name="security-login-locked" type="security-external">
112         <param name="externalResult">security-login-locked</param>
113       </result>
114     </action>
115
116     <action name="logout" class="redback-logout" method="logout">
117       <result name="security-logout" type="security-external">
118         <param name="externalResult">security-logout</param>
119       </result>
120     </action>
121
122     <action name="register" class="redback-register" method="show">
123       <result name="input">/WEB-INF/jsp/redback/register.jsp</result>
124       <result name="error">/WEB-INF/jsp/redback/register.jsp</result>
125       <result name="validation-note">/WEB-INF/jsp/redback/validationNotification.jsp</result>
126       <result name="security-register-success" type="security-external">
127         <param name="externalResult">security-register-success</param>
128       </result>
129       <result name="cancel" type="security-external">
130         <param name="externalResult">security-register-cancel</param>
131       </result>
132     </action>
133
134     <action name="account" class="redback-account" method="show">
135       <result name="input">/WEB-INF/jsp/redback/account.jsp</result>
136       <result name="error">/WEB-INF/jsp/redback/account.jsp</result>
137       <result name="security-account-success" type="security-external">
138         <param name="externalResult">security-account-success</param>
139       </result>
140       <result name="cancel" type="security-external">
141         <param name="externalResult">security-account-cancel</param>
142       </result>
143     </action>
144
145     <action name="password" class="redback-password" method="show">
146       <result name="input">/WEB-INF/jsp/redback/password.jsp</result>
147       <result name="error">/WEB-INF/jsp/redback/password.jsp</result>
148       <result name="security-login-success" type="security-external">
149         <param name="externalResult">security-login-success</param>
150       </result>
151       <result name="security-register-success" type="security-external">
152         <param name="externalResult">security-register-success</param>
153       </result>      
154       <result name="success" type="redirect">${targetUrl}</result>
155       <result name="cancel" type="redirectAction">
156         <param name="actionName">logout</param>
157         <param name="namespace">/security</param>
158       </result>
159       <result name="security-change-password-success">/WEB-INF/jsp/redback/changePasswordSuccess.jsp</result>
160     </action>
161
162     <action name="passwordReset" class="redback-password-reset" method="show">
163       <result name="input">/WEB-INF/jsp/redback/requestPasswordReset.jsp</result>
164       <result name="none">/WEB-INF/jsp/redback/login.jsp</result>
165     </action>
166
167     <action name="addadmin" class="redback-admin-account" method="show">
168       <interceptor-ref name="defaultStack"/>
169       <result name="input">/WEB-INF/jsp/redback/admin/createAdmin.jsp</result>
170       <result name="error">/WEB-INF/jsp/redback/admin/createAdmin.jsp</result>
171       <result name="login-error">/WEB-INF/jsp/redback/login.jsp</result>
172       <result name="security-login-success" type="security-external">
173         <param name="externalResult">security-login-success</param>
174       </result>
175       <result name="security-login-locked" type="security-external">
176         <param name="externalResult">security-login-locked</param>
177       </result>
178     </action>
179
180   <!-- ==================================================================
181        Security Tools for Administrators
182
183        Only Administrators should be able to access and use these actions
184        ==================================================================  -->
185
186     <action name="systeminfo" class="redback-sysinfo" method="show">
187       <result>/WEB-INF/jsp/redback/admin/systemInformation.jsp</result>
188     </action>
189
190     <action name="adminConsole" class="redback-admin-console" method="show">
191       <result>/WEB-INF/jsp/redback/admin/console.jsp</result>
192     </action>
193
194     <action name="report" class="redback-report" method="generate">
195       <result name="error" type="redirectAction">userlist</result>
196     </action>
197
198     <action name="userlist" class="redback-admin-user-list" method="show">
199       <result name="input">/WEB-INF/jsp/redback/admin/userList.jsp</result>
200       <result name="success">/WEB-INF/jsp/redback/admin/userList.jsp</result>
201     </action>
202
203     <action name="useredit" class="redback-admin-user-edit" method="edit">
204       <result name="input">/WEB-INF/jsp/redback/admin/userEdit.jsp</result>
205       <result name="error">/WEB-INF/jsp/redback/admin/userEdit.jsp</result>
206       <result name="confirm">/WEB-INF/jsp/redback/admin/confirmUserAdministrator.jsp</result>
207       <result name="confirmError">/WEB-INF/jsp/redback/admin/confirmUserAdministrator.jsp</result>
208       <result name="success" type="redirectAction">userlist</result>
209       <result name="cancel" type="redirectAction">userlist</result>
210     </action>
211
212     <action name="usercreate" class="redback-admin-user-create" method="show">
213       <result name="input">/WEB-INF/jsp/redback/admin/userCreate.jsp</result>
214       <result name="error">/WEB-INF/jsp/redback/admin/userCreate.jsp</result>
215       <result name="success" type="redirectAction">
216         <param name="actionName">assignments</param>
217         <param name="principal">${user.username}</param>
218       </result>
219       <interceptor-ref name="securedStack">
220         <param name="tokenSession.includeMethods">*</param>
221       </interceptor-ref>
222     </action>
223
224     <action name="userdelete" class="redback-admin-user-delete" method="confirm">
225       <result name="input">/WEB-INF/jsp/redback/admin/userDelete.jsp</result>
226       <result name="error" type="redirectAction">userlist</result>
227       <result name="success" type="redirectAction">userlist</result>
228       <result name="cancel" type="redirectAction">userlist</result>
229       <interceptor-ref name="securedStack">
230         <param name="tokenSession.includeMethods">*</param>
231       </interceptor-ref>
232     </action>
233
234     <!-- ==== RBAC Actions ========================================== -->
235
236     <!-- This action is meant to be embedded within the User Edit action output jsp.
237          It is injected using the <ww:action> taglib -->
238     <action name="assignments" class="redback-assignments" method="show">
239       <interceptor-ref name="securedStack"/>
240       <result name="input">/WEB-INF/jsp/redback/admin/assignments.jsp</result>
241       <result name="error">/WEB-INF/jsp/redback/include/error.jsp</result>
242       <result name="success">/WEB-INF/jsp/redback/admin/assignments.jsp</result>
243     </action>
244
245     <action name="addRolesToUser" class="redback-assignments" method="edituser">
246       <result name="success" type="redirectAction">userlist</result>
247       <interceptor-ref name="securedStack">
248         <param name="tokenSession.includeMethods">*</param>
249       </interceptor-ref>
250     </action>
251
252     <action name="removeRolesFromUser" class="redback-assignments" method="edituser">
253       <result name="success" type="redirectAction">userlist</result>
254     </action>
255
256     <action name="rolecreate" class="redback-role-create" method="show">
257       <result name="input">/WEB-INF/jsp/redback/admin/roleCreate.jsp</result>
258       <result name="error">/WEB-INF/jsp/redback/admin/roleCreate.jsp</result>
259       <result name="success" type="redirectAction">userlist</result>
260       <interceptor-ref name="securedStack">
261         <param name="tokenSession.includeMethods">*</param>
262       </interceptor-ref>
263     </action>
264
265     <action name="role" class="redback-role-edit" method="input">
266       <result name="input">/WEB-INF/jsp/redback/admin/role.jsp</result>
267       <result name="error">/WEB-INF/jsp/redback/admin/role.jsp</result>
268       <result name="success" type="redirectAction">roles</result>
269     </action>
270
271     <action name="roleedit" class="redback-role-edit" method="edit">
272       <result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
273       <result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
274       <result name="success" type="redirectAction">roles</result>
275     </action>
276
277     <action name="rolesave" class="redback-role-edit" method="save">
278       <result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
279       <result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
280       <result name="success" type="redirectAction">roles</result>
281       <interceptor-ref name="securedStack">
282         <param name="tokenSession.includeMethods">*</param>
283       </interceptor-ref>
284     </action>
285
286     <action name="roleusersadd" class="redback-role-edit" method="addUsers">
287       <result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
288       <result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
289       <result name="success">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
290       <interceptor-ref name="securedStack">
291         <param name="tokenSession.includeMethods">*</param>
292       </interceptor-ref>
293     </action>
294
295     <action name="roleusersremove" class="redback-role-edit" method="removeUsers">
296       <result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
297       <result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
298       <result name="success">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
299       <interceptor-ref name="securedStack">
300         <param name="tokenSession.includeMethods">*</param>
301       </interceptor-ref>
302     </action>
303
304     <action name="roleSummary" class="redback-roles" method="list">
305        <result name="list">/WEB-INF/jsp/redback/admin/roleSummary.jsp</result>
306     </action>
307
308     <action name="roles" class="redback-roles" method="list">
309       <result name="list">/WEB-INF/jsp/redback/admin/roleList.jsp</result>
310     </action>
311
312     <action name="permissions" class="redback-permissions" method="list">
313       <result name="list">/WEB-INF/jsp/redback/admin/permissionList.jsp</result>
314     </action>
315
316     <action name="operations" class="redback-operations" method="list">
317       <result name="list">/WEB-INF/jsp/redback/admin/operationList.jsp</result>
318     </action>
319
320     <action name="resources" class="redback-resources" method="list">
321       <result name="list">/WEB-INF/jsp/redback/admin/resourceList.jsp</result>
322     </action>
323
324     <action name="roleModel" class="redback-role-model" method="view">
325       <result name="success">/WEB-INF/jsp/redback/admin/roleModel.jsp</result>
326     </action>
327
328     <!--
329       Backup Restore actions 
330      -->
331
332     <action name="backupRestore" class="backup-restore" method="view">
333       <result>/WEB-INF/jsp/redback/admin/backupRestore.jsp</result>
334     </action>
335        
336     <action name="backup" class="backup-restore" method="backup">
337       <result name="custom_error">/WEB-INF/jsp/redback/admin/backupRestore.jsp</result>
338       <result type="redirectAction">backupRestore</result>
339     </action>
340
341     <action name="restore" class="backup-restore" method="restore">
342       <result name="custom_error">/WEB-INF/jsp/redback/admin/backupRestore.jsp</result>      
343       <result name="success" type="redirectAction">backupRestore</result>
344     </action>
345     
346   </package>
347
348 </struts>
Apache Archiva Repository: https://github.com/apache/archiva