This repository has been archived by the owner on Mar 6, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathfortress-saml-sample-security-policy.xml
executable file
·161 lines (141 loc) · 8.24 KB
/
fortress-saml-sample-security-policy.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ This is free and unencumbered software released into the public domain.
-->
<project basedir="." default="all" name="Apache Fortress Policy">
<taskdef classname="org.apache.directory.fortress.core.ant.FortressAntTask" name="FortressAdmin" >
<classpath path="${java.class.path}"/>
</taskdef>
<target name="all">
<FortressAdmin>
<deluser>
<user userId="sam*"/>
<user userId="sam1"/>
<user userId="sam2"/>
<user userId="sam3"/>
</deluser>
<adduser>
<user userId="sam*" password="password" description="Fortress SAML Demo Super User" ou="org.samlsample.users" cn="Sam Super" sn="Super" />
<user userId="sam1" password="password" description="Fortress SAML Demo User 1" ou="org.samlsample.users" cn="Sam One" sn="One" />
<user userId="sam2" password="password" description="Fortress SAML Demo User 2" ou="org.samlsample.users" cn="Sam Twor" sn="Two" />
<user userId="sam3" password="password" description="Fortress SAML Demo User 3" ou="org.samlsample.users" cn="Sam Three" sn="Three" />
</adduser>
<deluserrole>
<userrole userId="sam1" name="samRole1" />
<userrole userId="sam2" name="samRole2" />
<userrole userId="sam3" name="samRole3" />
<userrole userId="sam*" name="samSuperRole" />
</deluserrole>
<adduserrole>
<userrole userId="sam1" name="samRole1" />
<userrole userId="sam2" name="samRole2" />
<userrole userId="sam3" name="samRole3" />
<userrole userId="sam*" name="samSuperRole" />
</adduserrole>
<delrole>
<role name="samBaseRole" />
<role name="samRole1" />
<role name="samRole2" />
<role name="samRole3" />
<role name="samSuperRole" />
</delrole>
<addrole>
<role name="samBaseRole" description="Base Role gets you into the sample web app"/>
<role name="samRole1" description="Grants access to page 1 and components"/>
<role name="samRole2" description="Grants access to page 2 and components"/>
<role name="samRole3" description="Grants access to page 3 and components"/>
<role name="samSuperRole" description="Inherits from the page roles, grants user to all pages, components in app"/>
</addrole>
<delroleinheritance>
<relationship child="samRole1" parent="samBaseRole"/>
<relationship child="samRole2" parent="samBaseRole"/>
<relationship child="samRole3" parent="samBaseRole"/>
<relationship child="samSuperRole" parent="samRole1"/>
<relationship child="samSuperRole" parent="samRole2"/>
<relationship child="samSuperRole" parent="samRole3"/>
</delroleinheritance>
<addroleinheritance>
<relationship child="samRole1" parent="samBaseRole"/>
<relationship child="samRole2" parent="samBaseRole"/>
<relationship child="samRole3" parent="samBaseRole"/>
<relationship child="samSuperRole" parent="samRole1"/>
<relationship child="samSuperRole" parent="samRole2"/>
<relationship child="samSuperRole" parent="samRole3"/>
</addroleinheritance>
<delpermobj>
<permobj objName="SamlPage1" />
<permobj objName="SamlPage2" />
<permobj objName="SamlPage3" />
</delpermobj>
<addpermobj>
<permobj objName="SamlPage1" description="Fortress SAML Demo Test Page 1" ou="org.samlsample.perms" />
<permobj objName="SamlPage2" description="Fortress SAML Demo Test Page 2" ou="org.samlsample.perms" />
<permobj objName="SamlPage3" description="Fortress SAML Demo Test Page 3" ou="org.samlsample.perms" />
</addpermobj>
<delpermop>
<permop objName="SamlPage1" opName="link" type="Button"/>
<permop objName="SamlPage2" opName="link" type="Button"/>
<permop objName="SamlPage3" opName="link" type="Button"/>
<permop objName="SamlPage1" opName="Button1"/>
<permop objName="SamlPage1" opName="Button2"/>
<permop objName="SamlPage1" opName="Button3"/>
<permop objName="SamlPage2" opName="Button1"/>
<permop objName="SamlPage2" opName="Button2"/>
<permop objName="SamlPage2" opName="Button3"/>
<permop objName="SamlPage3" opName="Button1"/>
<permop objName="SamlPage3" opName="Button2"/>
<permop objName="SamlPage3" opName="Button3"/>
</delpermop>
<addpermop>
<permop objName="SamlPage1" opName="link" />
<permop objName="SamlPage2" opName="link" />
<permop objName="SamlPage3" opName="link" />
<permop objName="SamlPage1" opName="Button1" />
<permop objName="SamlPage1" opName="Button2" />
<permop objName="SamlPage1" opName="Button3" />
<permop objName="SamlPage2" opName="Button1" />
<permop objName="SamlPage2" opName="Button2" />
<permop objName="SamlPage2" opName="Button3" />
<permop objName="SamlPage3" opName="Button1" />
<permop objName="SamlPage3" opName="Button2" />
<permop objName="SamlPage3" opName="Button3" />
</addpermop>
<delpermgrant>
<permgrant objName="SamlPage1" opName="link" roleNm="samRole1"/>
<permgrant objName="SamlPage2" opName="link" roleNm="samRole2"/>
<permgrant objName="SamlPage3" opName="link" roleNm="samRole3"/>
<permgrant objName="SamlPage1" opName="Button1" roleNm="samRole1"/>
<permgrant objName="SamlPage1" opName="Button2" roleNm="samRole1"/>
<permgrant objName="SamlPage1" opName="Button3" roleNm="samRole1"/>
<permgrant objName="SamlPage2" opName="Button1" roleNm="samRole2"/>
<permgrant objName="SamlPage2" opName="Button2" roleNm="samRole2"/>
<permgrant objName="SamlPage2" opName="Button3" roleNm="samRole2"/>
<permgrant objName="SamlPage3" opName="Button1" roleNm="samRole3"/>
<permgrant objName="SamlPage3" opName="Button2" roleNm="samRole3"/>
<permgrant objName="SamlPage3" opName="Button3" roleNm="samRole3"/>
</delpermgrant>
<addpermgrant>
<permgrant objName="SamlPage1" opName="link" roleNm="samRole1"/>
<permgrant objName="SamlPage2" opName="link" roleNm="samRole2"/>
<permgrant objName="SamlPage3" opName="link" roleNm="samRole3"/>
<permgrant objName="SamlPage1" opName="Button1" roleNm="samRole1"/>
<permgrant objName="SamlPage1" opName="Button2" roleNm="samRole1"/>
<permgrant objName="SamlPage1" opName="Button3" roleNm="samRole1"/>
<permgrant objName="SamlPage2" opName="Button1" roleNm="samRole2"/>
<permgrant objName="SamlPage2" opName="Button2" roleNm="samRole2"/>
<permgrant objName="SamlPage2" opName="Button3" roleNm="samRole2"/>
<permgrant objName="SamlPage3" opName="Button1" roleNm="samRole3"/>
<permgrant objName="SamlPage3" opName="Button2" roleNm="samRole3"/>
<permgrant objName="SamlPage3" opName="Button3" roleNm="samRole3"/>
</addpermgrant>
<delorgunit>
<orgunit name="org.samlsample.perms" typeName="PERM"/>
<orgunit name="org.samlsample.users" typeName="USER"/>
</delorgunit>
<addorgunit>
<orgunit name="org.samlsample.perms" typeName="PERM"/>
<orgunit name="org.samlsample.users" typeName="USER"/>
</addorgunit>
</FortressAdmin>
</target>
</project>