File: authentication-policy.xml

package info (click to toggle)
libowasp-esapi-java 2.1.0-3
  • links: PTS, VCS
  • area: main
  • in suites: buster, stretch
  • size: 7,480 kB
  • ctags: 4,161
  • sloc: java: 26,333; xml: 1,309; sh: 293; makefile: 4
file content (30 lines) | stat: -rw-r--r-- 841 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
<?xml version="1.0" encoding="UTF-8"?>

	<!--
	This test file exemplifies an authentication rule.

	Authentication applies to: /.*
	Session variable whose existence implies authentication: sessionUserObjKey
	Static exception:   <path-exception>/index.html</path-exception>
	Pattern exception:  <path-exception type="regex">/images/.*</path-exception>
	-->

<policy>

	<settings>
		<mode>redirect</mode>
		<error-handling>
			<default-redirect-page>/security/error.jsp</default-redirect-page>
			<block-status>403</block-status>
		</error-handling>
	</settings>>

	<!--
		Set authentication rules by path.
	-->
	<authentication-rules path="/.*"  key="sessionUserObjKey" >
		<path-exception>/index.html</path-exception>
		<path-exception type="regex">/images/.*</path-exception>
	</authentication-rules>

</policy>