lams-github / lams_central / conf / xdoclet

web-security.xml

Clone Tools

Stats

Commits this week: 0
Total Committers: 12
Last Commit: 30 Sep 16
Commits this week: 0

Lines of code count not available

Commit Activity

Commits By Day In Week
52 week commits volume
Commits By Day In Week
Commits by day
Commits By Day In Week
Commits by hour
Commits By Hour In Day
Commit calendar
 

Most active committers (90 days)

loading
loading
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Friday 30 Sep 2016
11:25 pm

Marcin Cieslak

LDEV-4002: Forbid non-authors from accessing Authoring. Check for author role when starting Live Edit. Do not show Live Edit button if role check fails.

Options
    • -2
    • +0
    ./web-security.xml
  2. … 1 more file in changeset.
Thursday 22 Sep 2016
7:23 pm

Andrey Balan

LDEV-3997 LAMS to become LTI compliant tool provider (version 1.1)

Options
    • -0
    • +1
    ./web-security.xml
  2. … 10 more files in changeset.
Wednesday 14 Oct 2015
9:20 pm

Andrey Balan

LDEV-3574 fixed unable to access forgotPassword jsps for unauthorized users

Options
    • -0
    • +3
    ./web-security.xml
Tuesday 28 Apr 2015
7:52 pm

Marcin Cieslak

LDEV-3468: Add a servlet which writes out short or long runtime stats. Short stats format is set by a client.

Options
    • -1
    • +3
    ./web-security.xml
  2. … 4 more files in changeset.
Thursday 09 Apr 2015
7:39 pm

FionaMalikoff <Fiona.Malikoff@gmail.com>

Portions of a rest based learning design saving interface.

Options
    • -1
    • +3
    ./web-security.xml
  2. … 10 more files in changeset.
Wednesday 26 Nov 2014
7:32 am

Andrey Balan

LDEV-3382 *Add datetime parameter check to LoginRequest. *Introduced getServerTime method available for 3rd party servers

Options
    • -0
    • +1
    ./web-security.xml
  2. … 2 more files in changeset.
Wednesday 19 Nov 2014
12:21 am

Marcin Cieslak

LDEV-3335, LDEV-3334: Use SSO mechanism introduced in WildFly 9. Do not create web.xml files with XDoclet as it can not produce them based on 3.1 schema. Use static ones instead. Make SessionManager just a proxy to webserver's HTTP session. Remov custom shared sessions and JSESSIONIDSSO cookie as they are obsolete. Remove own session monitoring as the container should take care of invalidation. Move injecting UserDTO into session to SsoHandler intead of UniversalLoginModule as an authentication request may not reach the latter due to WildFly credentials caching.

Options
    • -139
    • +0
    ./web-security.xml
  2. … 226 more files in changeset.
Wednesday 01 Oct 2014
9:47 pm

Marcin Cieslak

LDEV-3315: Allow unauthorised access via integrations URLs.

Options
    • -1
    • +14
    ./web-security.xml
9:45 pm

Marcin Cieslak

LDEV-3315: Allow unauthorised access via integrations URLs.

Options
    • -1
    • +14
    ./web-security.xml
Tuesday 30 Sep 2014
9:11 pm

Marcin Cieslak

LDEV-3315: Clean up roles and paths to secured resources in all modules. Remove AUTHOR ADMIN role.

Options
    • -81
    • +59
    ./web-security.xml
  2. … 72 more files in changeset.
1:10 am

Marcin Cieslak

LDEV-3315: Remove AUTHOR ADMIN role. Allow AUTHOR role to preview lessons. Allow MONITOR role to edit activities and run Live Edit.

Options
    • -10
    • +5
    ./web-security.xml
  2. … 72 more files in changeset.
Friday 26 Sep 2014
7:33 pm

Marcin Cieslak

LDEV-3315: Clean up roles and paths to secured resources in all modules.

Options
    • -80
    • +63
    ./web-security.xml
  2. … 38 more files in changeset.
Thursday 02 Aug 2012
10:07 pm

Andrey Balan

LDEV-2905 Integrated lams_signup to LAMS core

Options
    • -1
    • +9
    ./web-security.xml
  2. … 29 more files in changeset.
Tuesday 03 Apr 2012
4:00 pm

Marcin Cieslak

CNG-4: Move Struts and security control from Central to now standalone Mindapp project.

Options
    • -7
    • +0
    ./web-security.xml
  2. … 2 more files in changeset.
Thursday 05 Jan 2012
5:04 pm

Marcin Cieslak

CNG-1: Change Action extension from ".mindapp" to basic ".do". Calls to MindappAction are recognised by path, not extension, and workaround for security check was done by altering Central web-security.xml file (LAMS Mindapp has own security mechanism based on OpenID).

Change deployment descriptors so there are different application names for Dev and Pres server.

Fix some other bugs.

Options
    • -0
    • +7
    ./web-security.xml
  2. … 2 more files in changeset.
Friday 30 Dec 2011
8:33 pm

erniegx <ernieg@gmail.com>

LDEV-2110: Adding 2.4 jps

Options
    • -2
    • +8
    ./web-security.xml
Friday 05 Nov 2010
8:32 am

Andrey Balan

LDEV-2548 Ability for a course manager to see *all* lessons...

*merge from lams2_3_release

Options
    • -0
    • +1
    ./web-security.xml
  2. … 1 more file in changeset.
Wednesday 06 Oct 2010
6:18 pm

Marcin Cieslak

LDEV-2577 The new CKEditor does not have Java Integration library (yet). We have been using it to: a) get the tag library to create our own tag <lams:FCKeditor> But the new CKEditor uses AJAX to get the contents, so the library is not needed anymore. The references to it has been deleted from every tool. FCKEditor.tag has been rewritten to use the new syntax. b) get a FCKEditor internal file manager by a Connector from the jar The new CKEditor does not provide a file manager - the license became commercial and the whole thing became a separate project, CKFinder. There were alternatives suggested on the web: jasfinder - http://sourceforge.net/projects/jasfinder/support kcfinder - http://kcfinder.sunhater.com/ some other - http://www.miguelmanchego.com/2009/gestor-de-archivos-ckeditor/ but we have already nicely integrated with the old file manager. This page: http://jacek-kromski.jogger.pl/2009/09/25/integracja-ckeditor-z-przegladarka-plikow-z-fckeditor/ in polish says how to use the file manager from the old FCKEditor. The steps that have to be done: - download the new CKEditor - download the old FCKEditor - copy the filemanager to ckeditor directory - in the file browser/default/frmresourceslist.html, line 92 (with SetUrl call) needs to be replaced to: window.top.opener.CKEDITOR.tools.callFunction( window.top.document.CKEditorFuncNum, fileUrl, '' ); - in the file browser/default/browser.html add in line 80: document.CKEditorFuncNum = GetUrlParam( 'CKEditorFuncNum');

FCKeditor has been used in version 2.6.6, the last one before switching to CKEditor project.

Changes required to use newer version of Java Integration library

for FCKEditor so it was upgraded to the latest (for FCKEditor, because one for CKEditor does not exist) version 2.6.

This also required the Prototype to be upgraded to the latest 1.6.1.

The CKEditor code also needed to be changed, so if another upgrade to a newer version occurs, we need to remember to repeat these steps:

http://cksource.com/forums/viewtopic.php?f=5&t=15750

It says:

/ckeditor/plugins/link/dialogs/link.js

Changes

label:a.lang.common.target,'default':'notSet' --> label:a.lang.common.target,'default':'_blank'

label:a.lang.link.targetFrameName,'default':'' --> label:a.lang.link.targetFrameName,'default':'_blank'

It is also worth mentioning that if you include the ckeditor.js file twice in the same page, sometimes it causes trouble, thus detection in the CKEditor.tag files.

Options
    • -1
    • +1
    ./web-security.xml
  2. … 1096 more files in changeset.
Thursday 02 Jul 2009
4:19 pm

jliew

Merge lams2_3 to head (including things not merged last time due to eclipse's merge wizard not handling the lams2_3 start point as expected)

Options
    • -0
    • +1
    ./web-security.xml
  2. … 167 more files in changeset.
Tuesday 21 Apr 2009
9:46 am

asukkar

Added pedagogical_planner folder to secure content

LDEV-2110

Options
    • -0
    • +1
    ./web-security.xml
9:13 am

asukkar

Added findUserLessons.jsp and findUserLessonsAutocomplete.jsp to secure content

LDEV-2110

Options
    • -0
    • +2
    ./web-security.xml
Thursday 16 Oct 2008
2:08 pm

paulg

LDEV-1907 Show a plus sign "+" in the activity if it contains more than 10 learners

LDEV-1469 Progress Bar - rotate green triangles

LDEV-1929 Implement presence in learner (Flash and non-flash)

= TODO:

+ must refactor to use xmpp service to create users with admin account

+ fix IE to catch flashvars sent from javascript

+ find workaround to not commenting out sasl in jsjac lib

LDEV-1783 Improve the error message when a user tries to select an activity inside an optional activity/sequence via the progress bar

Options
    • -0
    • +1
    ./web-security.xml
  2. … 33 more files in changeset.
Friday 11 Apr 2008
8:27 am

lfoxton

LDEV-273 Password Reset

xdoclet changes for the forgot password tast

Changes to the web-security.xml for lams-central mean that every new secure jsp must be added to the sevcurity provisions instaedof having the *.jsp provision.

Options
    • -1
    • +28
    ./web-security.xml
  2. … 1 more file in changeset.
Wednesday 30 May 2007
12:33 pm

jliew

LDEV-1245 allow learners to access content repository download servlet

Options
    • -0
    • +1
    ./web-security.xml
Wednesday 29 Nov 2006
1:46 pm

jliew

updating security-roles in web.xmls with change from 'course' to 'group' admin/manager

Options
    • -6
    • +6
    ./web-security.xml
  2. … 2 more files in changeset.
Wednesday 01 Nov 2006
11:38 am

mseaton

added author admin security role

Options
    • -0
    • +7
    ./web-security.xml
Thursday 28 Sep 2006
12:35 pm

fyang

added *.do to protected resources

Options
    • -1
    • +1
    ./web-security.xml
Tuesday 12 Sep 2006
3:36 pm

mseaton

updated security defin

Options
    • -1
    • +2
    ./web-security.xml
  2. … 1 more file in changeset.
Friday 01 Sep 2006
1:58 pm

asukkar

Renamed security-role STAFF to MONITOR

Options
    • -4
    • +4
    ./web-security.xml
  2. … 14 more files in changeset.
Tuesday 18 Jul 2006
8:58 am

fyang

fix problems of role definitions

Options
    • -31
    • +9
    ./web-security.xml