Re: Java webapps and configuration files
Matthew Johnson <mjj29@debian.org> writes:
> I'm not sure that you need to ship them as conffiles though - lots of
> package have this sort of thing in /usr/share/doc/$package/examples (the
> jsp) - so you would build a default war from those (on install?) and
> then users can build their own from the examples if they wanted.
Packages aren't allowed to assume that /usr/share/doc exists, so if we put
them there, we wouldn't be able to build a WAR file including them on
install. Plus, in general, I suspect we're going to want conffile
semantics for things like this, since some users may have simple needs
that are satisfied by (at least some of) the default sample files and will
want to get updates of them applied automatically.
> I'm aware that several packages have configuration files which are
> technically written in a scripting language, but they tend to be of the
> $foo = "bar"; sort of code - which (without looking) I get the
> impression this isn't?
Here's the default login.jsp file, which should give you an idea of the
sort of thing upstream is doing here. As you can see, it's vaguely usable
as-is, but any site deploying a web authentication system at any scale is
going to want to make the wording of the page much less generic, include
local images and graphics, include help text aimed at the local user base,
and so forth.
(WebAuth has the same issue, but it's not written in Java and supports a
configuration file in /etc that points to any directory of templates that
the user wants to use.)
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
<%@ page import="edu.internet2.middleware.shibboleth.idp.authn.LoginContext" %>
<%@ page import="edu.internet2.middleware.shibboleth.idp.session.*" %>
<%@ page import="edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper" %>
<%@ page import="org.opensaml.saml2.metadata.*" %>
<%
LoginContext loginContext = HttpServletHelper.getLoginContext(HttpServletHelper.getStorageService(application),
application, request);
Session userSession = HttpServletHelper.getUserSession(request);
%>
<html>
<head>
<title>Shibboleth Identity Provider - Login</title>
</head>
<body>
<img src="<%= request.getContextPath() %>/images/logo.jpg" />
<h2>Shibboleth Identity Provider Login to Service Provider <%= loginContext.getRelyingPartyId() %></h2>
<p>
Existing Session: <%= userSession != null %><br/>
Requested Authentication Methods: <%= loginContext.getRequestedAuthenticationMethods() %><br/>
Attempting Authentication Method: <%= loginContext.getAttemptedAuthnMethod() %> <br/>
Is Forced Authentication: <%= loginContext.isForceAuthRequired() %><br/>
</p>
<% if ("true".equals(request.getAttribute("loginFailed"))) { %>
<p><font color="red">Authentication Failed</font></p>
<% } %>
<% if(request.getAttribute("actionUrl") != null){ %>
<form action="<%=request.getAttribute("actionUrl")%>" method="post">
<% }else{ %>
<form action="j_security_check" method="post">
<% } %>
<table>
<tr>
<td>Username:</td>
<td><input name="j_username" type="text" tabindex="1" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input name="j_password" type="password" tabindex="2" /></td>
</tr>
<tr>
<td colspan="2"><input type="submit" value="Login" tabindex="3" /></td>
</tr>
</table>
</form>
</body>
</html>
Reply to: