source: fedd/abac-src/ttg/demo/build/WEB-INF/web.xml @ 8780cbec

<!DOCTYPE web-app 
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" 
    "http://java.sun.com/dtd/web-app_2_3.dtd">

<web-app>


    <!-- General description of your web application -->

    <display-name>ABAC Demo Application</display-name>
    <description>
      This is version 1.0 of an application to perform
      attribute based access control using a servlet
      authentication filter.  
    </description>


    <!-- Context initialization parameters that define shared
         String constants used within your application, which
         can be customized by the system administrator who is
         installing your application.  The values actually
         assigned to these parameters can be retrieved in a
         servlet or JSP page by calling:

             String value =
               getServletContext().getInitParameter("name");

         where "name" matches the <param-name> element of
         one of these initialization parameters.

         You can define any number of context initialization
         parameters, including zero.
    -->

    <context-param>
      <param-name>webmaster</param-name>
      <param-value>Jay_Jacobs@networkassociates.com</param-value>
      <description>
        The EMAIL address of the administrator to whom questions
        and comments about this application should be addressed.
      </description>
    </context-param>


    <!-- Servlet definitions for the servlets that make up
         your web application, including initialization
         parameters.  With Tomcat, you can also send requests
         to servlets not listed here with a request like this:

           http://localhost:8080/{context-path}/servlet/{classname}

         but this usage is not guaranteed to be portable.  It also
         makes relative references to images and other resources
         required by your servlet more complicated, so defining
         all of your servlets (and defining a mapping to them with
         a servlet-mapping element) is recommended.

         Servlet initialization parameters can be retrieved in a
         servlet or JSP page by calling:

             String value =
               getServletConfig().getInitParameter("name");

         where "name" matches the <param-name> element of
         one of these initialization parameters.

         You can define any number of servlets, including zero.
    -->

    <!--filter>
      <filter-name>medsup filter</filter-name>
      <description>
      The access mediator handles the initialization of a negotiation on
      the server-side. This includes creating a new negotiation context,
      a new agent, retrieve a remote reference to the peer's agent, and
      constructing a new primary trust target. 

      The servlet then waits for a decision. If the negotiation succeeds
      the reuqest is allowed to continue along the filter/servlet chain.
      Failure results in the request being blocked immediately. 
      </description>
      <filter-class>AccessMediator</filter-class>
      <init-param>
        <param-name>EntityName</param-name>
        <param-value>MedSup</param-value>
      </init-param>
      <init-param>
        <param-name>EntityHash</param-name>
        <param-value>FakeHashKeyMedSup</param-value>
      </init-param>
      <init-param>
        <param-name>PrimaryRole</param-name>
        <param-value>discount</param-value>
      </init-param>
      <init-param>
        <param-name>PolicyFile</param-name>
        <param-value>/var/tomcat4/webapps/demo/medsup.txt</param-value>
      </init-param>
    </filter-->

    <filter>
      <filter-name>geni filter</filter-name>
      <description>
      The access mediator handles the initialization of a negotiation on
      the server-side. This includes creating a new negotiation context,
      a new agent, retrieve a remote reference to the peer's agent, and
      constructing a new primary trust target. 

      The servlet then waits for a decision. If the negotiation succeeds
      the reuqest is allowed to continue along the filter/servlet chain.
      Failure results in the request being blocked immediately. 
      </description>
      <filter-class>AccessMediator</filter-class>
      <init-param>
        <param-name>EntityName</param-name>
        <param-value>GENI</param-value>
      </init-param>
      <init-param>
        <param-name>EntityHash</param-name>
        <param-value>FakeHashKeyGeni</param-value>
      </init-param>
      <init-param>
        <param-name>PrimaryRole</param-name>
        <param-value>GENI.CTFaccess</param-value>
      </init-param>
      <init-param>
        <param-name>PolicyFile</param-name>
        <param-value>/var/tomcat4/webapps/demo/geni.txt</param-value>
      </init-param>
    </filter>

    <!--filter>
      <filter-name>swedish filter</filter-name>
      <description>
      The access mediator handles the initialization of a negotiation on
      the server-side. This includes creating a new negotiation context,
      a new agent, retrieve a remote reference to the peer's agent, and
      constructing a new primary trust target. 

      The servlet then waits for a decision. If the negotiation succeeds
      the reuqest is allowed to continue along the filter/servlet chain.
      Failure results in the request being blocked immediately. 
      </description>
      <filter-class>AccessMediator</filter-class>
      <init-param>
        <param-name>EntityName</param-name>
        <param-value>SAdmir</param-value>
      </init-param>
      <init-param>
        <param-name>EntityHash</param-name>
        <param-value>FakeHashKeySAdmir</param-value>
      </init-param>
      <init-param>
        <param-name>PrimaryRole</param-name>
        <param-value>SAdmin.getsSLocs</param-value>
      </init-param>
      <init-param>
        <param-name>PolicyFile</param-name>
        <param-value>/var/tomcat4/webapps/demo/WEB-INF/sadmir.txt</param-value>
      </init-param>
    </filter-->

    <!--filter-mapping>
      <filter-name>medsup filter</filter-name>
      <url-pattern>/medsup/*</url-pattern>
    </filter-mapping-->

    <filter-mapping>
      <filter-name>geni filter</filter-name>
      <url-pattern>/geni/*</url-pattern>
    </filter-mapping>

    <!--filter-mapping>
      <filter-name>swedish filter</filter-name>
      <url-pattern>/sweden/*</url-pattern>
    </filter-mapping-->

    <servlet>
      <servlet-name>session servlet</servlet-name>
      <servlet-class>SessionServlet</servlet-class>
    </servlet>

    <!--servlet>
      <servlet-name>swedish discovery</servlet-name>
      <servlet-class>DiscoveryServlet</servlet-class>
      <init-param>
        <param-name>PolicyFile</param-name>
        <param-value>/var/tomcat4/webapps/demo/WEB-INF/se.xml</param-value>
      </init-param>
    </servlet-->

    <!--servlet>
      <servlet-name>american discovery</servlet-name>
      <servlet-class>DiscoveryServlet</servlet-class>
      <init-param>
        <param-name>PolicyFile</param-name>
        <param-value>/var/tomcat4/webapps/demo/WEB-INF/usn.xml</param-value>
      </init-param>
    </servlet-->

    <servlet-mapping>
      <servlet-name>session servlet</servlet-name>
      <url-pattern>/session</url-pattern>
    </servlet-mapping>

    <!--servlet-mapping>
      <servlet-name>swedish discovery</servlet-name>
      <url-pattern>/se-discovery</url-pattern>
    </servlet-mapping-->

    <!--servlet-mapping>
      <servlet-name>american discovery</servlet-name>
      <url-pattern>/us-discovery</url-pattern>
    </servlet-mapping-->

    <!-- Define the default session timeout for your application,
         in minutes.  From a servlet or JSP page, you can modify
         the timeout for a particular session dynamically by using
         HttpSession.getMaxInactiveInterval(). -->

    <session-config>
      <session-timeout>30</session-timeout>    <!-- 30 minutes -->
    </session-config>


</web-app>