2007年5月1日火曜日

HTML escape

このサイトでは <, > のエスケープが効いていないみたい。プログラムや、XML の
ソースを引用するには少し不便。以前作った PHP 版の簡易エスケープツールを
SpringMVC で作り直してみた。とりあえず動作確認。



<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xmlns:util="http://www.springframework.org/schema/util"
     xmlns:aop="http://www.springframework.org/schema/aop"
     xsi:schemaLocation="http://www.springframework.org/schema/beans
     http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
     http://www.springframework.org/schema/util
     http://www.springframework.org/schema/util/spring-util-2.0.xsd
     http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-2.0.xsd">

  <!-- Acegi config -->

  <bean id="authenticationManager"
        class="org.acegisecurity.providers.ProviderManager">
      <property name="providers">
          <list>
              <ref local="daoAuthenticationProvider"/>
          </list>
      </property>
  </bean>

  <bean id="daoAuthenticationProvider"
        class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
      <property name="userDetailsService" ref="userDetailsService"/>
  </bean>

  <bean id="userDetailsService"
        class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
      <property name="userProperties">
          <props>
              <prop key="admin">pass,ROLE_USER,ROLE_ADMIN</prop>
              <prop key="guest">pass,ROLE_USER</prop>
          </props>
      </property>
  </bean>

  <bean id="accessDecisionManager"
        class="org.acegisecurity.vote.AffirmativeBased">
      <property name="decisionVoters">
          <bean class="org.acegisecurity.vote.RoleVoter"/>
      </property>
  </bean>

  <bean id="authenticationProcessingFilter"
        class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
      <property name="authenticationManager" ref="authenticationManager"/>
      <property name="filterProcessesUrl" value="/process-login"/>
      <property name="defaultTargetUrl" value="/index.jsp"/>
      <property name="authenticationFailureUrl" value="/error/error-login.html"/>
  </bean>

  <bean id="logoutFilter"
        class="org.acegisecurity.ui.logout.LogoutFilter">
      <constructor-arg value="/"/>
      <constructor-arg>
          <bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
      </constructor-arg>
      <property name="filterProcessesUrl" value="/process-logout"/>
  </bean>

  <bean id="sessionIntegrationFilter"
        class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
  </bean>

  <bean id="anonymousProcessingFilter"
        class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
      <property name="userAttribute" value="anonymous,ROLE_ANONYMOUS"/>
      <property name="key" value="anonymousKey"/>
  </bean>

  <bean id="filterSecurityInterceptor"
        class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
      <property name="authenticationManager" ref="authenticationManager"/>
      <property name="accessDecisionManager" ref="accessDecisionManager"/>
      <property name="objectDefinitionSource">
          <value>
              CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
              PATTERN_TYPE_APACHE_ANT
              /login.html=ROLE_ANONYMOUS,ROLE_USER
              /process-login=ROLE_ANONYMOUS,ROLE_USER
              /user-info.jsp=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
              /error/**=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
              /css/**=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
              /index.jsp=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
              /welcome.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
              /vmstat.html=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
              /*.js=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
              /dynimg/**=ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN
              /admin/**=ROLE_ADMIN              
              /**=ROLE_USER,ROLE_ADMIN
          </value>
      </property>
  </bean>

  <bean id="exceptionTranslationFilter"
        class="org.acegisecurity.ui.ExceptionTranslationFilter">
      <property name="authenticationEntryPoint">
          <bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
              <property name="loginFormUrl" value="/login.html"/>
              <property name="forceHttps" value="false"/>
          </bean>
      </property>
      <property name="accessDeniedHandler">
          <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
              <property name="errorPage" value="/error/error-access.html"/>
          </bean>
      </property>
  </bean>

  <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
      <property name="filterInvocationDefinitionSource">
          <value>
              CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
              PATTERN_TYPE_APACHE_ANT
              /**=sessionIntegrationFilter,logoutFilter,authenticationProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor
          </value>
      </property>
  </bean>
  <!-- end Acegi config -->

  <bean id="customerService" class="uxtool.webflow.DefaultCustomerService"></bean>

</beans>

投稿者 時刻:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)