amy/venice-dynamo-rewrite
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

*** empty log message ***

Browse Source
This commit is contained in:
Eric J. Bowersox
2003-05-20 03:25:31 +00:00
commit b80fa05ed1
682 changed files with 85738 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
conf-sso/extra-db-mysql.sql Normal file
View File

@@ -0,0 +1,33 @@
# The contents of this file are subject to the Mozilla Public License Version 1.1
# (the "License"); you may not use this file except in compliance with the License.
# You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
#
# Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
# WARRANTY OF ANY KIND, either express or implied. See the License for the specific
# language governing rights and limitations under the License.
#
# The Original Code is the Venice Web Communities System.
#
# The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
# for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
# Copyright (C) 2003 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
#
# Contributor(s):
#
USE venice;
##############################################################################
# Table Creation
##############################################################################
# The table which stores federations for a user ID. Each user ID may federate to one or more providers.
CREATE TABLE sso_federate (
uid INT NOT NULL,
provider VARCHAR(249) NOT NULL,
local_name VARCHAR(249) NOT NULL,
remote_name VARCHAR(249) NOT NULL,
PRIMARY KEY (uid, provider),
UNIQUE INDEX by_local (provider, local_name),
UNIQUE INDEX by_remote (provider, remote_name)
);

182
conf-sso/sp/dynamo.xml Normal file
View File

@@ -0,0 +1,182 @@
<?xml version="1.0"?>
<!--
The contents of this file are subject to the Mozilla Public License Version 1.1
(the "License"); you may not use this file except in compliance with the License.
You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
WARRANTY OF ANY KIND, either express or implied. See the License for the specific
language governing rights and limitations under the License.
The Original Code is the Venice Web Communities System.
The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
Copyright (C) 2002-03 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
Contributor(s):
-->
<configuration>
<!-- Low-level Dynamo application container configuration -->
<control>
<background-threads normal="2" low="2"/>
<resource-root>${code.path}</resource-root>
<url-rewrite-rules>
<rule type="ABSOLUTE" encode="false">${url}</rule>
<rule type="SERVLET" encode="true">${context.path}/${url}</rule>
<rule type="IMAGE" encode="false">${context.path}/images/${url}</rule>
<rule type="IMAGEDATA" encode="false">${context.path}/imagedata/${url}</rule>
<rule type="FRAME" encode="true">${context.path}/frame/${url}</rule>
</url-rewrite-rules>
</control>
<!-- The database connection pool -->
<dbconnection name="data" classname="com.silverwrist.dynamo.db.DatabaseConnectionPool">
<dbtype>mysql</dbtype>
<!-- driver name is the new MySQL Connector for Java - replaces org.gjt.mm.mysql.Driver -->
<driver>com.mysql.jdbc.Driver</driver>
<uri>jdbc:mysql://localhost/venice</uri>
<username>veniceuser</username>
<password>XYZZY0099</password>
<connections initial="5" max="20" busywait="true"/>
<initialize test="true"/>
</dbconnection>
<!-- Infrastructure objects -->
<object name="connector" classname="com.silverwrist.dynamo.app.ConnectionManager" priority="0">
<connection-point name="srm_proxy" interface="com.silverwrist.dynamo.db.UserProxyManagement"/>
</object>
<object name="module-manager" classname="com.silverwrist.dynamo.module.ModuleManager" priority="0">
<module-directory>${code.path}/modules</module-directory>
</object>
<!-- Data-driven objects -->
<object name="nscache" classname="com.silverwrist.dynamo.db.NamespaceCacheObject" priority="0">
<database connection="data"/>
</object>
<object name="srm" classname="com.silverwrist.dynamo.security.SRMObject" priority="1">
<database connection="data" namespaces="nscache"/>
<user-manager cpoint="srm_proxy"/>
</object>
<object name="globals" classname="com.silverwrist.dynamo.db.GlobalDataManagerObject" priority="2">
<database connection="data" namespaces="nscache"/>
<security object="srm"/>
<block-cache hardlimit="5" softlimit="20"/>
</object>
<object name="users" classname="com.silverwrist.dynamo.db.UserManagerObject" priority="2">
<database connection="data" namespaces="nscache"/>
<security object="srm"/>
<connect-proxy-services cpoint="srm_proxy"/>
</object>
<object name="images" classname="com.silverwrist.dynamo.db.ImageStoreObject" priority="2">
<database connection="data" namespaces="nscache"/>
</object>
<object name="audit" classname="com.silverwrist.dynamo.security.SystemAuditManager" priority="3">
<database connection="data" namespaces="nscache" userproxy="users"/>
</object>
<!-- Presentation and interface objects -->
<object name="remapper" classname="com.silverwrist.dynamo.servlet.RemapperData" priority="0">
<remap path="/verifyemail">
<param name="tgt">top.js.vs</param>
<target type="SERVLET">verify_email.js.vs?tgt=${tgt}</target>
</remap>
</object>
<object name="velocity" classname="com.silverwrist.dynamo.velocity.VelocityRenderer" priority="0">
<resource-prefix>/velocity</resource-prefix>
</object>
<object name="xmlrpc" classname="com.silverwrist.dynamo.xmlrpc.XmlRpcSubSystem"
priority="-10" maxAge="3600">
<dispatch method="validator1\.\w+" classname="com.silverwrist.dynamo.xmlrpc.Validator1Suite"/>
<dispatch method="venice:siteinfo" classname="com.silverwrist.dynamo.xmlrpc.ScriptDispatcher">
<script>/xmlrpc/siteinfo.js</script>
<session param="0"/>
<metadata-file>/xmlrpc/siteinfo-metadata.xml</metadata-file>
</dispatch>
<dispatch method="venice:session\.create" classname="com.silverwrist.venice.xmlrpc.VeniceCreateSession"/>
<dispatch method="venice:session\.\w+" classname="com.silverwrist.dynamo.xmlrpc.ScriptDispatcher">
<script>/xmlrpc/session.js</script>
<session param="0"/>
<metadata-file>/xmlrpc/session-metadata.xml</metadata-file>
</dispatch>
</object>
<object name="dialog" classname="com.silverwrist.dynamo.dialog.DialogManager" priority="0">
<resource-prefix>/dialogs</resource-prefix>
<resource-dialog-cache hardlimit="5" softlimit="20"/>
</object>
<object name="mail" classname="com.silverwrist.dynamo.mail.MailSubSystem" priority="10">
<global-properties object="globals"
namespace="http://www.silverwrist.com/NS/venice/2002/12/28/mail.properties"/>
<smtp-host property="smtp.host"/>
<system-mail-name property="system.mail.from.name"/>
<system-mail-addr property="system.mail.from.addr"/>
<mailer property="mailer.name"/>
<template-resource-prefix>/mailmessages</template-resource-prefix>
<user-disclaimer block="user.disclaimer"/>
<user-info-header property="user.info.header"/>
<signature block="signature"/>
</object>
<!-- Venice-layer objects -->
<object name="user-default-ns" classname="com.silverwrist.venice.app.UserDefaultNamespaceHolder" priority="50"/>
<object name="venice-session" classname="com.silverwrist.venice.session.VeniceSessionManager" priority="50">
<global-properties object="globals"/>
<user-manager object="users"/>
</object>
<object name="venice-menus" classname="com.silverwrist.venice.menu.MenuManager" priority="100">
<database connection="data" namespaces="nscache"/>
<security object="srm"/>
</object>
<object name="venice-frame" classname="com.silverwrist.venice.frame.FrameAssembler" priority="101">
<global-properties object="globals"/>
<providers menu="venice-menus"/>
</object>
<object name="venice-content" classname="com.silverwrist.venice.content.StandardContentSupplier" priority="100">
<global-properties object="globals"/>
</object>
<object name="venice-buttons" classname="com.silverwrist.venice.content.ButtonSupplier" priority="100">
<global-properties object="globals"/>
</object>
<object name="venice-userphoto" classname="com.silverwrist.venice.content.UserPhotoRenderer" priority="100">
<global-properties object="globals"/>
</object>
<object name="venice-dlg-manager" classname="com.silverwrist.venice.dialog.VeniceDialogManager" priority="101">
<providers button="venice-buttons" content="venice-content"/>
</object>
<object name="venice-auditor" classname="com.silverwrist.venice.app.StartupShutdownAuditor" priority="100"/>
<!-- Additional objects for SourceID interface -->
<object name="sso" classname="com.silverwrist.venice.sourceid.FederationManagerObject" priority="20">
<database connection="data" userproxy="users"/>
</object>
<!-- The Venice application layer -->
<application name="venice" classname="com.silverwrist.venice.app.VeniceApplication">
<stylesheet-mappings>
<stylesheet path="/stylesheet-base.css" prefix="base"/>
<stylesheet path="/stylesheet-advanced.css" prefix="adv"/>
</stylesheet-mappings>
</application>
</configuration>

46
conf-sso/sp/logging.xml Normal file
View File

@@ -0,0 +1,46 @@
<?xml version="1.0"?>
<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
<!--
The contents of this file are subject to the Mozilla Public License Version 1.1
(the "License"); you may not use this file except in compliance with the License.
You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
WARRANTY OF ANY KIND, either express or implied. See the License for the specific
language governing rights and limitations under the License.
The Original Code is the Venice Web Communities System.
The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
Contributor(s):
-->
<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/">
<!-- Define the standard file appender. -->
<appender name="STDLOG" class="org.apache.log4j.RollingFileAppender">
<param name="File" value="/home/erbo/code/nvx/venice-sp.log"/>
<param name="Append" value="true"/>
<param name="MaxFileSize" value="10MB"/>
<param name="MaxBackupIndex" value="5"/>
<layout class="org.apache.log4j.PatternLayout">
<param name="ConversionPattern" value="%d %-5p %c{2} [%t %x] - %m%n"/>
</layout>
</appender>
<appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
<layout class="org.apache.log4j.PatternLayout">
<param name="ConversionPattern" value="[%t] %-5p %c %x - %m%n"/>
</layout>
</appender>
<!-- Define the root configuration for logging. -->
<root>
<priority value="debug"/>
<appender-ref ref="STDLOG"/>
<appender-ref ref="CONSOLE"/>
</root>
</log4j:configuration>

59
conf-sso/sp/sourceid-sso-providers.xml Normal file
View File

@@ -0,0 +1,59 @@
<?xml version="1.0"?>
<ProviderDirectory xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns="http://www.sourceid.org/schemas/sso/providers/2002/11">
<!--
Sample Identity Provider Descriptor. If this instance of SourceID-SSO is configured to
operate in the "sp" role, then the entry below describes an Identity Provider with which
we are federated. If this instance is configured to operate in the "idp" role, then the entry
below will be ignored.
-->
<lib:IDPDescriptor xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<!--
Customize the following line to match the ProviderID of the remote provider; if the other
provider is SourceID-SSO, then the ProviderID below should match the <provider-id> element
in the other deployment's sourceid-sso.xml.
-->
<lib:ProviderID>SourceID-Sample-IDP</lib:ProviderID>
<!--
The following KeyInfo represents the public key contained in the sample "sourceid.keystore"
file bundled with SourceID-SSO
-->
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICSjCCAbMCBD4coSAwDQYJKoZIhvcNAQEEBQAwbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjAeFw0wMzAxMDgyMjA3MjhaFw0wMzA0MDgyMjA3MjhaMGwxEDAOBgNVBAYTB1Vua25vd24xEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24xEDAOBgNVBAoTB1Vua25vd24xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMJhokczPBJlZe48d5oKZiX6vo7DBU5b54t9JjSHLOEZd0XK5w81BY4iX8QADMc7GyTrqDDrehfh4S5eQO89Fll50D4f6HpSI2QGtionDrj3kuET9nW9n98IzWc3eiLLH+5q3VGm04rylo4PTnJCeMYmDRqYJkWR1xQbNsrv9HHJAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAI16O969XJkYRJaTiPXMcJg8XRM9oHKqc4L6YEDXGvnQ8NfTPDuJEzKIcU8QWNnprcY+MOue+O2YvP7u9NQuKK4zDA14CcIRb8G+VMLFa2A+BYiD66yIBWsb89YNFYnvH379wGp+ankQBTdljpgFo6Bt+fXmZxB6mToBdXy0h5b8=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<!--
The endpoints in the following URL's are correct for services offered by SourceID-SSO.
If federating this installation with another instance of SourceID-SSO, then all you need to do
is customize the URL's to match your deployment (e.g. replace "http://localhost:9080/sso-sample-idp"
with your server name and servlet context).
-->
<lib:SoapEndpoint>http://localhost:8080/sso-sample-idp/sso/soap/endpoint</lib:SoapEndpoint>
<lib:SingleLogoutServiceURL>http://localhost:8080/sso-sample-idp/sso/logout</lib:SingleLogoutServiceURL>
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/sso-sample-idp/sso/logout</lib:SingleLogoutServiceReturnURL>
<lib:FederationTerminationServiceURL>http://localhost:8080/sso-sample-idp/sso/fedterm</lib:FederationTerminationServiceURL>
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/sso-sample-idp/sso/fedterm</lib:FederationTerminationServiceReturnURL>
<lib:SingleSignOnServiceURL>http://localhost:8080/sso-sample-idp/sso/authn</lib:SingleSignOnServiceURL>
<!--
The following profile declarations indicate the variants of the Liberty Protocol which
this provider can speak.
-->
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</lib:RegisterNameIdentifierProtocolProfile>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</lib:FederationTerminationNotificationProtocolProfile>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</lib:FederationTerminationNotificationProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</lib:SingleLogoutProtocolProfile>
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-art</lib:SingleSignOnProtocolProfile>
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-post</lib:SingleSignOnProtocolProfile>
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/wml-post</lib:SingleSignOnProtocolProfile>
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/lecp</lib:SingleSignOnProtocolProfile>
</lib:IDPDescriptor>
</ProviderDirectory>

68
conf-sso/sp/sourceid-sso.xml Normal file
View File

@@ -0,0 +1,68 @@
<?xml version="1.0"?>
<SourceID-SSO>
<!-- See SourceID-SSO documentation for more detailed documentation for these options -->
<!--
The unique ProviderID of this installation. The value here should appear in other sites'
<SPDescriptor> or <IDPDescriptor> elements describing this site.
-->
<provider-id>Venice-SSO-SP</provider-id>
<!--
The role of this site with respect to the Liberty Protocol; valid values are "sp" and "idp".
-->
<provider-role>sp</provider-role>
<provider-directory>/WEB-INF/sourceid-sso-providers.xml</provider-directory>
<exception-handlers>
<default>/sourceid/errorHandler.js.vs</default>
</exception-handlers>
<signing-key>
<keystore-path>/WEB-INF/venice-sp.keystore</keystore-path>
<keystore-password>numenor</keystore-password>
<key-alias>mykey</key-alias>
<key-password>mithrandir</key-password>
</signing-key>
<!-- none of these matter for a Service Provider -->
<idp-authentication-uri>/idp/logon.jsp</idp-authentication-uri>
<idp-authn-lifespan>1800</idp-authn-lifespan>
<idp-logout-render-page>/idp/idpLogoutRender.jsp</idp-logout-render-page>
<idp-logout-done-image>/idp/checkmark.png</idp-logout-done-image>
<idp-post-assertion-render-page>/idp/idpPost.jsp</idp-post-assertion-render-page>
<!--
Here, you may optionally specify a Session-context attribute which SourceID-SSO should remove whenever
a user is logged off (either via a browser-based front-channel, or via a SOAP-based backchannel). SourceID-SSO
will already cleanup it's own session tracking info for the user, effectively logging them out of SourceID-SSO.
By putting an attribute key here, you can have SourceID-SSO log the user out of your application as well.
Future versions of SourceID-SSO will also support JAAS-based login/logout.
The sample value below works for the sample JSP-based application distributed with SourceID-SSO.
-->
<remove-session-attribute-on-logout>dynamo.session</remove-session-attribute-on-logout>
<!--
When generating or consuming assertions, tolerances for "Not Before" and "Not On or After" are encoded in the
assertion document. Liberty Protocol recommends 1 minute for "Not Before", and 5 minutes for "Not On Or After".
Enter the number of SECONDS for these tolerances below (default values should work).
-->
<assert-tolerance-not-before>60</assert-tolerance-not-before>
<assert-tolerance-not-on-or-after>300</assert-tolerance-not-on-or-after>
<!--
Here, set the AccountHandler implementation class. The default configuration
is to use the "in-memory handler", which is really for demo and testing purposes only,
as it does not connect to any actual persistent storage. The SourceID-SSO User's Guide
describes how to implement an AccountHandler for your user directory. You may also use
the provided JDBC Account Handler, with simple table mappings described in the file
sourceid-sso-jdbc.xml. Or for LDAP access, use the JNDI Account Handler, with attribute
mappings described in the file sourceid-sso-jndi.xml.
-->
<account-handler>com.silverwrist.venice.sourceid.VeniceAccountHandler</account-handler>
<artifact-handler>org.sourceid.sso.handlers.ArtifactHandlerInMemoryImpl</artifact-handler>
</SourceID-SSO>

37
conf-sso/sp/sp-descriptor.xml Normal file
View File

@@ -0,0 +1,37 @@
<?xml version="1.0"?>
<ProviderDirectory xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns="http://www.sourceid.org/schemas/sso/providers/2002/11">
<lib:SPDescriptor xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<lib:ProviderID>Venice-SSO-SP</lib:ProviderID>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICbjCCAdcCBD7AlmwwDQYJKoZIhvcNAQEEBQAwfjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNPMQ8wDQYDVQQHEwZEZW52ZXIxIzAhBgNVBAoTGlNpbHZlcndyaXN0IERlc2lnbiBTdHVkaW9zMRQwEgYDVQQLEwtEZXZlbG9wbWVudDEWMBQGA1UEAxMNRXJpYyBCb3dlcnNveDAeFw0wMzA1MTMwNjUzMzJaFw0wMzA4MTEwNjUzMzJaMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMSMwIQYDVQQKExpTaWx2ZXJ3cmlzdCBEZXNpZ24gU3R1ZGlvczEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFjAUBgNVBAMTDUVyaWMgQm93ZXJzb3gwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvjYZPJwt16vTVIKleltTVDyvswVr2vCd9aHg7rKPhNKN+iVS2XY+Y5IopgcVtshQx/SbWnPNldtpGtFewaSQzCud/Lhja1xoGO/nTbjRr7MrPlR3yub8KO90tgslZ9yjEPZDWDEr3Y59ieDpMtAnYjS2GQ2LFRHq63kzd4AXg1AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAVhJqkLZd59BiTjvRF0ZtBKXe+kxnvyclc0MeIzkzGFmnpMuSpSyZ3LlYp0uvFn5OADM6KkXj7DgXIqb1bqIvXmlwDds+oO3KL+WdHBO9KHW0KjR2jpIujpmJ8Eaf/cefcOxxA00CMrwBeL8EXyAaynpcT78nrT5iN3FZwMkBi9o=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<lib:AssertionConsumerServiceURL>http://localhost:8080/venice-sp/sso/authnRequest</lib:AssertionConsumerServiceURL>
<lib:SoapEndpoint>http://localhost:8080/venice-sp/sso/soap/endpoint</lib:SoapEndpoint>
<lib:SingleLogoutServiceURL>http://localhost:8080/venice-sp/sso/logout</lib:SingleLogoutServiceURL>
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/venice-sp/sso/logout</lib:SingleLogoutServiceReturnURL>
<lib:FederationTerminationServiceURL>http://localhost:8080/venice-sp/sso/fedterm</lib:FederationTerminationServiceURL>
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/venice-sp/sso/fedterm</lib:FederationTerminationServiceReturnURL>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-soap</lib:FederationTerminationNotificationProtocolProfile>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-http</lib:FederationTerminationNotificationProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http-get</lib:SingleLogoutProtocolProfile>
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-soap</lib:RegisterNameIdentifierProtocolProfile>
<lib:RegisterNameIdentifierServiceURL>http://localhost:9080/sourceid-sso/sso/rni</lib:RegisterNameIdentifierServiceURL>
<lib:RegisterNameIdentifierServiceReturnURL>http://localhost:9080/sourceid-sso/sso/rni</lib:RegisterNameIdentifierServiceReturnURL>
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-http</lib:RegisterNameIdentifierProtocolProfile>
<lib:AuthnRequestsSigned>false</lib:AuthnRequestsSigned>
</lib:SPDescriptor>
</ProviderDirectory>

BIN
conf-sso/sp/venice-sp.keystore Normal file
View File

Binary file not shown.

335
conf-sso/sp/web.xml Normal file
View File

@@ -0,0 +1,335 @@
<?xml version="1.0"?>
<!--
The contents of this file are subject to the Mozilla Public License Version 1.1
(the "License"); you may not use this file except in compliance with the License.
You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
WARRANTY OF ANY KIND, either express or implied. See the License for the specific
language governing rights and limitations under the License.
The Original Code is the Venice Web Communities System.
The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
Copyright (C) 2002-03 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
Contributor(s):
-->
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<display-name>Venice Web Communities System</display-name>
<description>
Venice Web Communities System (TODO: fill out description)
Contains SourceID-SSO, configured as Service Provider
</description>
<!-- Context parameters -->
<context-param>
<param-name>logging.config</param-name>
<param-value>WEB-INF/logging.xml</param-value>
<description>
The path and file name of the Log4J logger configuration file, relative to the application root.
</description>
</context-param>
<context-param>
<param-name>dynamo.config</param-name>
<param-value>WEB-INF/dynamo.xml</param-value>
<description>
The path and file name of the base Dynamo configuration file, relative to the application root.
The default, if not specified, is "WEB-INF/dynamo.xml".
</description>
</context-param>
<context-param>
<param-name>SSO.config.attrs</param-name>
<param-value>object=sso</param-value>
</context-param>
<!-- Servlet definitions -->
<servlet>
<servlet-name>ScriptExec</servlet-name>
<description>Executes a scripting file as a servlet.</description>
<servlet-class>com.silverwrist.dynamo.servlet.ScriptExecServlet</servlet-class>
<init-param>
<param-name>remove.extension</param-name>
<param-value>vs</param-value>
<description>
The extension which is used in the servlet mapping to distinguish scripts to execute. This
extension is removed from the servlet path to create the script name.
</description>
</init-param>
<init-param>
<param-name>script.prefix</param-name>
<param-value>/scripts</param-value>
<description>
The resource prefix to use for scripts. This is prepended to the servlet path to create the
script name which is executed.
</description>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>XmlRpc</servlet-name>
<description>Executes XML-RPC requests.</description>
<servlet-class>com.silverwrist.dynamo.xmlrpc.XmlRpcServlet</servlet-class>
<init-param>
<param-name>subsystem.object</param-name>
<param-value>xmlrpc</param-value>
<description>
The object name of the XML-RPC subsystem object. Must match the name configured for the
com.silverwrist.dynamo.xmlrpc.XmlRpcSubSystem object in dynamo.xml.
</description>
</init-param>
</servlet>
<servlet>
<servlet-name>Remapper</servlet-name>
<description>Remaps URLs to other URLs programmatically.</description>
<servlet-class>com.silverwrist.dynamo.servlet.RemapperServlet</servlet-class>
<init-param>
<param-name>data.object</param-name>
<param-value>remapper</param-value>
<description>
The object name of the remapper data object. Must match the name configured for the
com.silverwrist.dynamo.servlet.RemapperData object in dynamo.xml.
</description>
</init-param>
</servlet>
<servlet>
<servlet-name>Image</servlet-name>
<description>Serves up images from the ImageStore.</description>
<servlet-class>com.silverwrist.dynamo.servlet.ImageServlet</servlet-class>
<init-param>
<param-name>image.store</param-name>
<param-value>images</param-value>
<description>
The object name of the image store object. Must match the name configured for the
com.silverwrist.dynamo.db.ImageStoreObject object in dynamo.xml.
</description>
</init-param>
</servlet>
<servlet>
<servlet-name>StyleSheet</servlet-name>
<description>Serves up CSS stylesheets for use by the frame.</description>
<servlet-class>com.silverwrist.venice.frame.StyleSheetServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>Frame</servlet-name>
<description>Frames static pages within the outer Venice frame.</description>
<servlet-class>com.silverwrist.venice.servlet.FrameServlet</servlet-class>
<init-param>
<param-name>content.prefix</param-name>
<param-value>static</param-value>
<description>
The prefix to apply to the static content path before retrieving it. Interpreted
relative to the Web application root (i.e. where Web content normally gets linked from).
</description>
</init-param>
<init-param>
<param-name>cache.hard.limit</param-name>
<param-value>5</param-value>
<description>
Maximum number of documents that will be hard-cached by this servlet. Must be at least 1.
</description>
</init-param>
<init-param>
<param-name>cache.soft.limit</param-name>
<param-value>10</param-value>
<description>
Maximum number of documents that will be soft-cached by this servlet. Will always be at least
twice the number of hard-cached documents.
</description>
</init-param>
</servlet>
<servlet>
<servlet-name>PasswordRecovery</servlet-name>
<description>Used to access the password recovery feature; changes user passwords.</description>
<servlet-class>com.silverwrist.venice.session.PasswordRecoveryServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>User</servlet-name>
<description>Displays user profiles.</description>
<servlet-class>com.silverwrist.venice.servlet.UserServlet</servlet-class>
</servlet>
<!-- BEGIN SourceID-SSO Servlets -->
<!-- SourceID-SSO Manager Servlet (configuration is loaded here) -->
<servlet>
<servlet-name>SourceID-SSO-Manager</servlet-name>
<description>Loads configuration at boot time, and provides instrumentation and admin control</description>
<servlet-class>org.sourceid.sso.servlets.Manager</servlet-class>
<load-on-startup>15</load-on-startup>
</servlet>
<!-- SourceID-SSO Authenticator Servlet -->
<servlet>
<servlet-name>SourceID-SSO-Authenticator</servlet-name>
<description>Provides Identity Provider (IDP) Authentication Services</description>
<servlet-class>org.sourceid.sso.servlets.Authenticator</servlet-class>
</servlet>
<!-- SourceID-SSO AuthnRequestor Servlet -->
<servlet>
<servlet-name>SourceID-SSO-AuthnRequestor</servlet-name>
<description>Provides Service Provider (SP) Authentication Request Services</description>
<servlet-class>org.sourceid.sso.servlets.AuthnRequestor</servlet-class>
</servlet>
<!-- SourceID-SSO Federation Terminator Servlet -->
<servlet>
<servlet-name>SourceID-SSO-FederationTerminator</servlet-name>
<description>Provides Federation Termination Services</description>
<servlet-class>org.sourceid.sso.servlets.FederationTerminator</servlet-class>
</servlet>
<!-- SourceID-SSO Federation Terminator Servlet -->
<servlet>
<servlet-name>SourceID-SSO-Logout</servlet-name>
<description>Provides Single Logout Services</description>
<servlet-class>org.sourceid.sso.servlets.Logout</servlet-class>
</servlet>
<!-- SourceID-SSO Federation Terminator Servlet -->
<servlet>
<servlet-name>SourceID-SSO-NameRegistrar</servlet-name>
<description>Provides Single Logout Services</description>
<servlet-class>org.sourceid.sso.servlets.NameRegistrar</servlet-class>
</servlet>
<!-- Apache Axis (SOAP) Servlets -->
<servlet>
<servlet-name>AxisServlet</servlet-name>
<display-name>Apache-Axis Servlet</display-name>
<servlet-class>org.apache.axis.transport.http.AxisServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>AdminServlet</servlet-name>
<display-name>Axis Admin Servlet</display-name>
<servlet-class>org.apache.axis.transport.http.AdminServlet</servlet-class>
<load-on-startup>100</load-on-startup>
</servlet>
<servlet>
<servlet-name>SOAPMonitorService</servlet-name>
<display-name>SOAPMonitorService</display-name>
<servlet-class>org.apache.axis.monitor.SOAPMonitorService</servlet-class>
<init-param>
<param-name>SOAPMonitorPort</param-name>
<param-value>5001</param-value>
</init-param>
<load-on-startup>100</load-on-startup>
</servlet>
<!-- END SourceID-SSO Servlets -->
<!-- Servlet mappings -->
<servlet-mapping>
<servlet-name>ScriptExec</servlet-name>
<url-pattern>*.vs</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>XmlRpc</servlet-name>
<url-pattern>/RPC2</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Remapper</servlet-name>
<url-pattern>/verifyemail</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Image</servlet-name>
<url-pattern>/imagedata/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>StyleSheet</servlet-name>
<url-pattern>/stylesheet-base.css</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>StyleSheet</servlet-name>
<url-pattern>/stylesheet-advanced.css</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Frame</servlet-name>
<url-pattern>/frame/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>PasswordRecovery</servlet-name>
<url-pattern>/passrecovery/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>User</servlet-name>
<url-pattern>/user/*</url-pattern>
</servlet-mapping>
<!-- BEGIN SourceID-SSO Servlet Mappings -->
<!-- Authenticator Servlet -->
<servlet-mapping>
<servlet-name>SourceID-SSO-Authenticator</servlet-name>
<url-pattern>/sso/authn</url-pattern>
</servlet-mapping>
<!-- AuthnRequestor Servlet -->
<servlet-mapping>
<servlet-name>SourceID-SSO-AuthnRequestor</servlet-name>
<url-pattern>/sso/authnRequest</url-pattern>
</servlet-mapping>
<!-- FederationTerminator Servlet -->
<servlet-mapping>
<servlet-name>SourceID-SSO-FederationTerminator</servlet-name>
<url-pattern>/sso/fedterm</url-pattern>
</servlet-mapping>
<!-- Logout Servlet -->
<servlet-mapping>
<servlet-name>SourceID-SSO-Logout</servlet-name>
<url-pattern>/sso/logout</url-pattern>
</servlet-mapping>
<!-- NameRegistrar Servlet -->
<servlet-mapping>
<servlet-name>SourceID-SSO-NameRegistrar</servlet-name>
<url-pattern>/sso/rni</url-pattern>
</servlet-mapping>
<!-- SOAP Handler -->
<servlet-mapping>
<servlet-name>AxisServlet</servlet-name>
<url-pattern>/sso/soap/*</url-pattern>
</servlet-mapping>
<!-- END SourceID-SSO Servlet Mappings -->
<!-- Global parameters for the HTTP session -->
<session-config>
<session-timeout>60</session-timeout> <!-- 1 hour -->
</session-config>
<!-- The list of "welcome files" for the application -->
<welcome-file-list>
<welcome-file>default.jsp</welcome-file>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
</web-app>