File: authentication-policy.xml

package info (click to toggle)
libowasp-esapi-java 2.4.0.0-2.1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 12,000 kB
  • sloc: java: 35,401; xml: 1,630; sh: 373; makefile: 2
file content (30 lines) | stat: -rw-r--r-- 812 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
<?xml version="1.0" encoding="UTF-8"?>

	<!--
	This test file exemplifies an authentication rule.

	Authentication applies to: /.*
	Session variable whose existence implies authentication: sessionUserObjKey
	Static exception:   <path-exception>/index.html</path-exception>
	Pattern exception:  <path-exception type="regex">/images/.*</path-exception>
	-->

<policy>

	<settings>
		<mode>redirect</mode>
		<error-handling>
			<default-redirect-page>/security/error.jsp</default-redirect-page>
			<block-status>403</block-status>
		</error-handling>
	</settings>>

	<!--
		Set authentication rules by path.
	-->
	<authentication-rules path="/.*"  key="sessionUserObjKey" >
		<path-exception>/index.html</path-exception>
		<path-exception type="regex">/images/.*</path-exception>
	</authentication-rules>

</policy>