Changeset 20095 in main

03/24/20 22:48:51 (10 days ago)

view - changed view - removed secure remote publishing configs. Changed main ss.xslt and logo so know it's core.

2 deleted
3 edited


  • trunk/ibisph-view/src/main/webapp/WEB-INF/config/spring/security.xml

    r12822 r20095  
    1818                        processing sequences.  Note that the chain ordering is important
    1919                        as the first URL path match dictates which processing is used.
     21                        IP Publishing Request Testing Configuration was removed 3/2020.
     22                        This code could be implemented for remote IP accesses.  Removed:
     23                        securityAdminPublishFilterChain
     24                        securityPublishRequestAllowRequestIPAddressFilter
     25                        securityAdminAppIPAddress
     26                        securityAdminAppMatchPartialIPAddress
    2027                </description>
    2128                <constructor-arg>
    2431                                <ref bean="securitySecureQueryFilterChain"/>
    2532                                <ref bean="securityAuthenticationFilterChain"/>
    26                                 <ref bean="securityAdminPublishFilterChain"/>
    2733                        </list>
    2834                </constructor-arg>
    147153        </bean>
    149         <bean id="securityAdminPublishFilterChain" class="org.ibisph.web.filter.AntPatternSecurityFilterChain">
    150                 <description>
    151                         Entries needed to check that publish requests are originating
    152                         from a specified IP address.  The address is specified either
    153                         in the spring bean config file or in a property file and should
    154                         be set to the IP address of the computer that the admin app
    155                         lives on.  If the direct XML file publishing or a bundled
    156                         deployment mechanism is used then these are not needed - but do
    157                         no harm in being left as a default configuration - the URLs are
    158                         simply never hit.
    159                 </description>
    160                 <constructor-arg>
    161                         <list>
    162                                 <value>/publish/**</value>
    163                                 <value>/unpublish/**</value>
    164                         </list>
    165                 </constructor-arg>
    166                 <constructor-arg>
    167                         <list>
    168                                 <ref bean="securityPublishRequestAllowRequestIPAddressFilter"/>
    169                         </list>
    170                 </constructor-arg>
    171         </bean>
    175158        <bean id="securityIntegrationLoggerListener" class=""/>
    177         <bean id="securityAdminAppIPAddress" class="org.ibisph.model.StringHolder">
    178                 <description>
    179                         IP Address segment of the Admin System.  The IBIS-PH View system uses this
    180                         value to check publish requests it receives as a way to help ensure that
    181                         the publish request is valid.  This address does NOT have to match exactly.
    182                         The comparison is for the specified address only.  For example if 168.193
    183                         were specified then any machine with an IP address starting with 168.193
    184                         would be allowed to submit a publish request to the view system.  Note that
    185                         this MUST be an IP address and not a name.  If this
    186                         value is not specified then it is open and any net aware app that can
    187                         send an HTTP request can kick off a publish request to the admin app.
    188                 </description>
    189                 <constructor-arg value=""/>
    190         </bean>
    191         <bean id="securityAdminAppMatchPartialIPAddress" class="org.ibisph.model.StringHolder">
    192                 <description>
    193                         Flag that controls if the entire address needs to be matched.
    194                 </description>
    195                 <constructor-arg value="true"/>
    196         </bean>
    198160        <bean id="securityPostLogoutRedirectURL" class="org.ibisph.model.StringHolder">
    199161                <description>
    207169        <!-- ======================================================= F I L T E R S -->
    208         <bean id="securityPublishRequestAllowRequestIPAddressFilter" class="org.ibisph.web.filter.CheckAllowedRequesterIPAddressFilter">
    209                 <description>
    210                         Filter that enforces that the request is being made from a specific IP
    211                         address or domain segment address.  This is useful to block non admin
    212                         based client the ability to send a publish request to the view app.
    213                         This filter verifies that the request is coming from the Admin
    214                         application server's address.  If not, then the HTTP Unauthorized
    215                         Access (401) is returned by the filter and the publish request
    216                         does not go through.
    218                         IMPORTANT NOTE: For this to work ALL publish type requests need
    219                         to have a URL mapping that is caught by this filter (see filter
    220                         mapping).  The Spring Security can also be deployed but as of
    221                         1/2006, this is the only security need, so it done as a simple
    222                         filter without having to configure (see IpAddressMatcher).  Tomcat
    223                         also provides a similar filter.  Spring has also added a similar
    224                         filter but since this one was coded prior to Spring it is used.
    225                 </description>
    226                 <property name="matchPartialAddress" value="#{securityAdminAppMatchPartialIPAddress.string}"/>
    227                 <property name="IPAddressList">
    228                         <description>
    229                                 IP address segment (left to right significance) which is used to
    230                                 identify/allow publishing requests to come from.  Localhost should
    231                                 be "", If null/blank then any machine is allowed to make
    232                                 a publishing request.  A value of "254.67" means that any address
    233                                 that starts with 254.67 is valid (e.g. 254.67.*.* or
    234                                 in networking terms).
    235                         </description>
    236                         <list>
    237                                 <value>127.0</value>
    238                                 <value>#{securityAdminAppIPAddress.string}</value>
    239                         </list>
    240                 </property>
    241         </bean>
    243170        <bean id="securitySecurityContextPersistenceFilter" class="">
    244171                <constructor-arg>
  • trunk/ibisph-view/src/main/webapp/xslt/html/SiteSpecific.xslt

    r20037 r20095  
    77        exclude-result-prefixes="ibis"
    109        <xsl:import href="VideoDialog.xslt"/>
    1311        <ibis:doc>
    32         <xsl:param name="Page.applicationTitle" select="'NM-IBIS'"
     30        <xsl:param name="Page.applicationTitle" select="'IBIS-PH'"
    3331                ibis:doc="Used for the page's title element prefix text"
    3432        />
    9189        >
    9290                The information provided above is from the Department of Health's Center for
    93                 Health Data NM-IBIS web site (  The information published
     91                Health Data web site (  The information published
    9492                on this website may be reproduced without permission. Please use the following citation:
    9593                &quot;
    122120        >
    123121                <header id="header">
    124                         <div class="SiteTitle">New Mexico's Health Indicator Data &amp; Statistics</div>
     122                        <div class="SiteTitle">Our State's Health Indicator Data &amp; Statistics</div>
    126124                        <div id="userMenu" class="{if(ibis:hasAuthorities())then 'Popup Secure' else 'Popup'}">
    223221                                <nav class="Row">
    224222                                        <div class="Block">
    225                                                 <h3>NM-IBIS</h3>
     223                                                <h3>IBIS-PH</h3>
    226224                                                <ul>
    227225                                                        <li><a href="{$ibis.baseRequestPath}about/ContentUsage.html">Contents and Usage</a></li>
    258256                                                        reproduced without permission. Please use the following citation: <br/>
    259257                                                        &quot;Retrieved <xsl:value-of select="ibis:getFormattedDate(current-date())"/>
    260                                                         from the New Mexico Department of Health Indicator-Based Information System
    261                                                         <br/>(NM-IBIS) for Public Health Web site:;
     258                                                        from the Department of Health Indicator-Based Information System
     259                                                        <br/>(IBIS-PH) for Public Health Web site:;
    262260                                                        <xsl:if test="string-length($Page.XMLModifedDate) != 0">
    263261                                                                <div class="LastModified">Page Content Updated: <xsl:value-of select="$Page.XMLModifedDate"/></div>
Note: See TracChangeset for help on using the changeset viewer.