diff --git a/modules/broker/distribution/src/main/assembly/bin.xml b/modules/broker/distribution/src/main/assembly/bin.xml index 15dda311..8d198090 100644 --- a/modules/broker/distribution/src/main/assembly/bin.xml +++ b/modules/broker/distribution/src/main/assembly/bin.xml @@ -210,6 +210,7 @@ **/broker.xml + tomcat/carbon/WEB-INF/web.xml **/axis2.xml **/carbon.xml **/cipher-text.properties @@ -352,6 +353,12 @@ ${pom.artifactId}-${pom.version}/repository/conf/ true + + src/main/conf/web.xml + + ${pom.artifactId}-${pom.version}/repository/conf/tomcat/carbon/WEB-INF/ + true + src/main/conf/metrics.xml diff --git a/modules/broker/distribution/src/main/conf/web.xml b/modules/broker/distribution/src/main/conf/web.xml new file mode 100644 index 00000000..ce5eba2e --- /dev/null +++ b/modules/broker/distribution/src/main/conf/web.xml @@ -0,0 +1,177 @@ + + + + + + + Restrict access to carbon console + + Restricted Console UI + /carbon/* + + + + + + + Owasp.CsrfGuard.Config + repository/conf/security/Owasp.CsrfGuard.Carbon.properties + + + + bridgeservlet + Carbon Bridge Servlet + Carbon Bridge Servlet + org.wso2.carbon.tomcat.ext.servlet.DelegationServlet + + 1 + + + + + JavaScriptServlet + org.owasp.csrfguard.servlet.JavaScriptServlet + + + + bridgeservlet + /* + + + + bridgeservlet + *.jsp + + + + JavaScriptServlet + /carbon/admin/js/csrfPrevention.js + + + + + CharsetFilter + org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter + + requestEncoding + UTF-8 + + + + + + CSRFGuard + org.owasp.csrfguard.CsrfGuardFilter + + + + + HttpHeaderSecurityFilter + org.apache.catalina.filters.HttpHeaderSecurityFilter + + hstsEnabled + false + + + + + HttpHeaderSecurityFilter + * + + + + CharsetFilter + /* + + + + CSRFGuard + /* + + + + + org.owasp.csrfguard.CsrfGuardServletContextListener + + + + + org.owasp.csrfguard.CsrfGuardHttpSessionListener + + + + 15 + + true + + + + + + 400 + /carbon/errors/error_400.html + + + 401 + /carbon/errors/error_401.html + + + 403 + /carbon/errors/error_403.html + + + 404 + /carbon/errors/error_404.html + + + 405 + /carbon/errors/error_405.html + + + 408 + /carbon/errors/error_408.html + + + 410 + /carbon/errors/error_410.html + + + 500 + /carbon/errors/error_500.html + + + 502 + /carbon/errors/error_502.html + + + 503 + /carbon/errors/error_503.html + + + 504 + /carbon/errors/error_504.html + + + + /carbon/errors/error.html + + diff --git a/modules/broker/p2-profile/pom.xml b/modules/broker/p2-profile/pom.xml index 66366263..938d31b6 100644 --- a/modules/broker/p2-profile/pom.xml +++ b/modules/broker/p2-profile/pom.xml @@ -103,9 +103,6 @@ org.wso2.carbon.registry:org.wso2.carbon.registry.contentsearch.feature:${carbon.registry.version} - - org.wso2.carbon.registry:org.wso2.carbon.registry.ui.menu.feature:${carbon.registry.version} - org.wso2.carbon.registry:org.wso2.carbon.registry.resource.properties.feature:${carbon.registry.version} @@ -119,7 +116,7 @@ org.wso2.carbon.messaging:org.wso2.carbon.andes.feature:${carbon.messaging.version} - org.wso2.carbon.multitenancy:org.wso2.carbon.tenant.common.feature:${carbon.multitenancy.version} + org.wso2.carbon.multitenancy:org.wso2.carbon.tenant.common.server.feature:${carbon.multitenancy.version} org.wso2.carbon.commons:org.wso2.carbon.tenant.mgt.common.feature:${carbon.commons.version} @@ -136,18 +133,12 @@ org.wso2.carbon.identity:org.wso2.carbon.identity.authenticator.saml2.sso.server.feature:${identity.carbon.auth.saml2.version} - - org.wso2.carbon.identity:org.wso2.carbon.identity.authenticator.saml2.sso.ui.feature:${identity.carbon.auth.saml2.version} - org.wso2.carbon.identity:org.wso2.carbon.user.mgt.feature:${carbon.identity.framework.version} org.wso2.carbon.identity:org.wso2.carbon.identity.core.feature:${carbon.identity.framework.version} - - org.wso2.carbon.identity:org.wso2.carbon.identity.core.ui.feature:${carbon.identity.framework.version} - org.wso2.carbon:org.wso2.carbon.core.feature:${carbon.kernel.version} @@ -161,13 +152,6 @@ org.wso2.carbon.metrics:org.wso2.carbon.metrics.feature:${carbon.metrics.version} - - - org.wso2.mb:org.wso2.mb.styles.feature:${product.mb.version} - - - org.wso2.mb:org.wso2.stratos.mb.dashboard.ui.feature:${product.mb.version} - org.wso2.ciphertool:org.wso2.ciphertool.feature:${cipher.tool.version} @@ -232,10 +216,6 @@ org.wso2.carbon.registry.core.feature.group ${carbon.registry.version} - - org.wso2.carbon.registry.ui.menu.feature.group - ${carbon.registry.version} - org.wso2.carbon.registry.resource.properties.feature.group @@ -245,10 +225,6 @@ org.wso2.carbon.wsdl.tools.feature.group ${carbon.commons.version} - - org.wso2.carbon.registry.core.ui.feature.group - ${carbon.registry.version} - org.wso2.carbon.um.ws.service.feature.group ${carbon.um.ws.version} @@ -264,7 +240,7 @@ - org.wso2.carbon.tenant.common.feature.group + org.wso2.carbon.tenant.common.server.feature.group ${carbon.multitenancy.version} @@ -281,12 +257,6 @@ org.wso2.carbon.tenant.throttling.agent.feature.group ${carbon.multitenancy.version} - - - org.wso2.carbon.identity.authenticator.saml2.sso.ui.feature.group - - ${identity.carbon.auth.saml2.version} - org.wso2.carbon.user.mgt.feature.group ${carbon.identity.framework.version} @@ -295,10 +265,6 @@ org.wso2.carbon.identity.core.feature.group ${carbon.identity.framework.version} - - org.wso2.carbon.identity.core.ui.feature.group - ${carbon.identity.framework.version} - org.wso2.carbon.messaging.metrics.feature.group ${carbon.messaging.version} @@ -307,15 +273,6 @@ org.wso2.carbon.metrics.feature.group ${carbon.metrics.version} - - - org.wso2.stratos.mb.dashboard.ui.feature.group - ${product.mb.version} - - - org.wso2.mb.styles.feature.group - ${product.mb.version} - org.wso2.ciphertool.feature.group diff --git a/pom.xml b/pom.xml index a31dbb17..a65a66e0 100644 --- a/pom.xml +++ b/pom.xml @@ -1274,36 +1274,16 @@ servlet-api ${servlet-api.version} - - org.wso2.iot - org.wso2.stratos.mb.dashboard.ui - ${product.iot.broker.version} - org.wso2.carbon org.wso2.carbon.ui.menu.stratos ${carbon.ui.menu.stratos.version} - - org.wso2.iot - org.wso2.stratos.mb.deployment - ${product.iot.broker.version} - - - org.wso2.iot - org.wso2.stratos.mb.login.ui - ${product.iot.broker.version} - org.wso2.iot org.wso2.iot.broker.styles ${product.iot.broker.version} - - org.wso2.iot - org.wso2.stratos.mb.styles - ${product.iot.broker.version} - org.wso2.iot