Since we use Seam as our framework to develop web applications, we adopt its mechanism of securing JSF pages to restrict access to users that aren't authenticated, which is to add the login-required attribute to the .page.xml file. (Section 11.2.2 in 'Seam in Action' )
<page xmlns="http://jboss.com/products/seam/pages" login-required="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.2.xsd"> ... </page>However, one day, we suddenly noticed there were some .page.xml files didn't include that authentication attribute, and this might introduce security issue to our system. We needed to find all those files and correct them, but they distributed over all the directories which was not easy to find, at least I didn't think I could achieve that in a fast way by JBoss Developer Studio, manually checking through all the .page.xml files (hundreds of them) in the workspace obviously was not a good idea.
Therefore, I tried to check if our text search utility in Linux - grep can solve my problem:
I want to search all the .page.xml files under webapp directory recursively, and get a list of filename which doesn't contains 'login-required' string.
I want to search all the .page.xml files under webapp directory recursively, and get a list of filename which doesn't contains 'login-required' string.
I thought I needed to use several pipelines, or applied regression expression which I'm not very good at.
After surveyed for a while, fortunately, things didn't get that complicated. One simple line can serve my need:
Within 1 second, the screen started to print out the results I wanted, thanks for this powerful "Global Regular Expression Print"!
tag note for the grep:
After surveyed for a while, fortunately, things didn't get that complicated. One simple line can serve my need:
[root@localhost webapp]# pwd
/root/workspace/proj/target/proj/proj-war/src/main/webapp
[root@localhost webapp]# grep -RL 'login-required=\"true' --include='*.page.xml' .
tag note for the grep:
--include=GLOB
Search only files whose base name matches GLOB (using wildcard matching as
described under --exclude).
Search only files whose base name matches GLOB (using wildcard matching as
described under --exclude).
-L, --files-without-match
Suppress normal output; instead print the name of each input file from which
no output would normally have been printed. The scanning will stop on the
first match.
Suppress normal output; instead print the name of each input file from which
no output would normally have been printed. The scanning will stop on the
first match.
-l, --files-with-matches
Suppress normal output; instead print the name of each input file from which
output would normally have been printed. The scanning will stop on the
first match. (-l is specified by POSIX.)
Suppress normal output; instead print the name of each input file from which
output would normally have been printed. The scanning will stop on the
first match. (-l is specified by POSIX.)
-R, -r, --recursive
Read all files under each directory, recursively; this is equivalent to the
-d recurse option.
Read all files under each directory, recursively; this is equivalent to the
-d recurse option.
沒有留言:
張貼留言