community
/
product-iots
10
0
Fork 4
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Made web apps to be extracted and replace the web.xml files and pack again for fixing security issues

Browse Source
merge-requests/1/head
Maninda 8 years ago
parent dbf3de7f40
commit 819f3c9a23
11 changed files with 1518 additions and 17 deletions
Show Stats Download Patch File Download Diff File

117
modules/core/distribution/pom.xml
Unescape View File

@ -527,6 +527,9 @@
<goal>run</goal>
</goals>
</execution>
<execution>
<id>clean_target</id>
<phase>install</phase>
@ -566,6 +569,120 @@
<goal>run</goal>
</goals>
</execution>
<execution>
<id>replace-web-xmls-in-war-files</id>
<phase>prepare-package</phase>
<goals>
<goal>run</goal>
</goals>
<configuration>
<tasks>
<property name="tempdir" value="target/webapp-temp" />
<property name="xmldir" value="src/repository/resources/web-apps/web-xml" />
<property name="srcdir" value="${basedir}/../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/deployment/server/webapps" />
<mkdir dir="${tempdir}" />
<mkdir dir="${tempdir}/api-application-registration" />
<mkdir dir="${tempdir}/api#certificate-mgt#v1.0" />
<mkdir dir="${tempdir}/api#identity#entitlement" />
<mkdir dir="${tempdir}/api#scep-mgt#v1.0" />
<mkdir dir="${tempdir}/authenticationendpoint" />
<mkdir dir="${tempdir}/client-registration#v0.11" />
<mkdir dir="${tempdir}/oauth2" />
<mkdir dir="${tempdir}/secured-websocket" />
<mkdir dir="${tempdir}/shindig" />
<unzip dest="${tempdir}/api-application-registration">
<fileset dir="${srcdir}">
<include name="api-application-registration.war" />
</fileset>
</unzip>
<unzip dest="${tempdir}/api#certificate-mgt#v1.0">
<fileset dir="${srcdir}">
<include name="api#certificate-mgt#v1.0.war" />
</fileset>
</unzip>
<unzip dest="${tempdir}/api#identity#entitlement">
<fileset dir="${srcdir}">
<include name="api#identity#entitlement.war" />
</fileset>
</unzip>
<unzip dest="${tempdir}/api#scep-mgt#v1.0">
<fileset dir="${srcdir}">
<include name="api#scep-mgt#v1.0.war" />
</fileset>
</unzip>
<unzip dest="${tempdir}/authenticationendpoint">
<fileset dir="${srcdir}">
<include name="authenticationendpoint.war" />
</fileset>
</unzip>
<unzip dest="${tempdir}/client-registration#v0.11">
<fileset dir="${srcdir}">
<include name="client-registration#v0.11.war" />
</fileset>
</unzip>
<unzip dest="${tempdir}/oauth2">
<fileset dir="${srcdir}">
<include name="oauth2.war" />
</fileset>
</unzip>
<unzip dest="${tempdir}/secured-websocket">
<fileset dir="${srcdir}">
<include name="secured-websocket.war" />
</fileset>
</unzip>
<unzip dest="${tempdir}/shindig">
<fileset dir="${srcdir}">
<include name="shindig.war" />
</fileset>
</unzip>
<delete file="${tempdir}/api-application-registration/WEB-INF/web.xml" />
<delete file="${tempdir}/api#certificate-mgt#v1.0/WEB-INF/web.xml" />
<delete file="${tempdir}/api#identity#entitlement/WEB-INF/web.xml" />
<delete file="${tempdir}/api#scep-mgt#v1.0/WEB-INF/web.xml" />
<delete file="${tempdir}/authenticationendpoint/WEB-INF/web.xml" />
<delete file="${tempdir}/client-registration#v0.11/WEB-INF/web.xml" />
<delete file="${tempdir}/oauth2/WEB-INF/web.xml" />
<delete file="${tempdir}/secured-websocket/WEB-INF/web.xml" />
<delete file="${tempdir}/shindig/WEB-INF/web.xml" />
<copy file="src/repository/resources/web-apps/web-xml/api-application-registration/web.xml"
tofile="${tempdir}/api-application-registration/WEB-INF/web.xml"/>
<copy file="src/repository/resources/web-apps/web-xml/api#certificate-mgt#v1.0/web.xml"
tofile="${tempdir}/api#certificate-mgt#v1.0/WEB-INF/web.xml"/>
<copy file="src/repository/resources/web-apps/web-xml/api#identity#entitlement/web.xml"
tofile="${tempdir}/api#identity#entitlement/WEB-INF/web.xml"/>
<copy file="src/repository/resources/web-apps/web-xml/api#scep-mgt#v1.0/web.xml"
tofile="${tempdir}/api#scep-mgt#v1.0/WEB-INF/web.xml"/>
<copy file="src/repository/resources/web-apps/web-xml/authenticationendpoint/web.xml"
tofile="${tempdir}/authenticationendpoint/WEB-INF/web.xml"/>
<copy file="src/repository/resources/web-apps/web-xml/client-registration#v0.11/web.xml"
tofile="${tempdir}/client-registration#v0.11/WEB-INF/web.xml"/>
<copy file="src/repository/resources/web-apps/web-xml/oauth2/web.xml"
tofile="${tempdir}/oauth2/WEB-INF/web.xml"/>
<copy file="src/repository/resources/web-apps/web-xml/secured-websocket/web.xml"
tofile="${tempdir}/secured-websocket/WEB-INF/web.xml"/>
<copy file="src/repository/resources/web-apps/web-xml/shindig/web.xml"
tofile="${tempdir}/shindig/WEB-INF/web.xml"/>
<zip destfile="${tempdir}/api-application-registration.war" basedir="${tempdir}/api-application-registration"/>
<zip destfile="${tempdir}/api#certificate-mgt#v1.0.war" basedir="${tempdir}/api#certificate-mgt#v1.0"/>
<zip destfile="${tempdir}/api#identity#entitlement.war" basedir="${tempdir}/api#identity#entitlement"/>
<zip destfile="${tempdir}/api#scep-mgt#v1.0.war" basedir="${tempdir}/api#scep-mgt#v1.0"/>
<zip destfile="${tempdir}/authenticationendpoint.war" basedir="${tempdir}/authenticationendpoint"/>
<zip destfile="${tempdir}/client-registration#v0.11.war" basedir="${tempdir}/client-registration#v0.11"/>
<zip destfile="${tempdir}/oauth2.war" basedir="${tempdir}/oauth2"/>
<zip destfile="${tempdir}/secured-websocket.war" basedir="${tempdir}/secured-websocket"/>
<zip destfile="${tempdir}/shindig.war" basedir="${tempdir}/shindig"/>
</tasks>
</configuration>
</execution>
</executions>
</plugin>

27
modules/core/distribution/src/assembly/bin.xml
Unescape View File

@ -1348,75 +1348,68 @@
<fileMode>755</fileMode>
</file>
<!-- <file>
<source>src/repository/resources/web-apps/api-application-registration.war</source>
<outputDirectory>
${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
</outputDirectory>
<fileMode>755</fileMode>
</file>
<file>
<source>src/repository/resources/web-apps/api#device-mgt#v1.0.war</source>
<source>target/webapp-temp/api-application-registration.war</source>
<outputDirectory>
${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
</outputDirectory>
<fileMode>755</fileMode>
</file>
<file>
<source>src/repository/resources/web-apps/api#scep-mgt#v1.0.war</source>
<source>target/webapp-temp/api#scep-mgt#v1.0.war</source>
<outputDirectory>
${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
</outputDirectory>
<fileMode>755</fileMode>
</file>
<file>
<source>src/repository/resources/web-apps/client-registration#v0.11.war</source>
<source>target/webapp-temp/client-registration#v0.11.war</source>
<outputDirectory>
${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
</outputDirectory>
<fileMode>755</fileMode>
</file>
<file>
<source>src/repository/resources/web-apps/secured-websocket.war</source>
<source>target/webapp-temp/secured-websocket.war</source>
<outputDirectory>
${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
</outputDirectory>
<fileMode>755</fileMode>
</file>
<file>
<source>src/repository/resources/web-apps/api#certificate-mgt#v1.0.war</source>
<source>target/webapp-temp/api#certificate-mgt#v1.0.war</source>
<outputDirectory>
${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
</outputDirectory>
<fileMode>755</fileMode>
</file>
<file>
<source>src/repository/resources/web-apps/api#identity#entitlement.war</source>
<source>target/webapp-temp/api#identity#entitlement.war</source>
<outputDirectory>
${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
</outputDirectory>
<fileMode>755</fileMode>
</file>
<file>
<source>src/repository/resources/web-apps/authenticationendpoint.war</source>
<source>target/webapp-temp/authenticationendpoint.war</source>
<outputDirectory>
${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
</outputDirectory>
<fileMode>755</fileMode>
</file>
<file>
<source>src/repository/resources/web-apps/oauth2.war</source>
<source>target/webapp-temp/oauth2.war</source>
<outputDirectory>
${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
</outputDirectory>
<fileMode>755</fileMode>
</file>
<file>
<source>src/repository/resources/web-apps/shindig.war</source>
<source>target/webapp-temp/shindig.war</source>
<outputDirectory>
${pom.artifactId}-${pom.version}/repository/deployment/server/webapps
</outputDirectory>
<fileMode>755</fileMode>
</file>-->
</file>
</files>
</assembly>

118
modules/core/distribution/src/repository/resources/web-apps/web-xml/api#certificate-mgt#v1.0/web.xml
Unescape View File

@ -0,0 +1,118 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<display-name>Certificate-Webapp</display-name>
<servlet>
<description>JAX-WS/JAX-RS Certificate Management Endpoint</description>
<display-name>JAX-WS/JAX-RS Servlet</display-name>
<servlet-name>CXFServlet</servlet-name>
<servlet-class>
org.apache.cxf.transport.servlet.CXFServlet
</servlet-class>
<init-param>
<param-name>swagger.security.filter</param-name>
<param-value>ApiAuthorizationFilterImpl</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>60</session-timeout>
</session-config>
<context-param>
<param-name>isAdminService</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>doAuthentication</param-name>
<param-value>true</param-value>
</context-param>
<!--publish to apim-->
<context-param>
<param-name>managed-api-enabled</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>managed-api-owner</param-name>
<param-value>admin</param-value>
</context-param>
<security-constraint>
<web-resource-collection>
<web-resource-name>CertificateMgt-Admin</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<filter>
<filter-name>ApiOriginFilter</filter-name>
<filter-class>org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.ApiOriginFilter</filter-class>
</filter>
<filter>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
<init-param>
<param-name>patterns</param-name>
<param-value>"text/html*","application/json*","text/plain*"</param-value>
</init-param>
<init-param>
<param-name>filterAction</param-name>
<param-value>enforce</param-value>
</init-param>
<init-param>
<param-name>httpHeaders</param-name>
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ApiOriginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>

127
modules/core/distribution/src/repository/resources/web-apps/web-xml/api#identity#entitlement/web.xml
Unescape View File

@ -0,0 +1,127 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>Entitlement-Service-Provider</display-name>
<!-- SWAGGER FILTER -->
<filter>
<filter-name>ApiOriginFilter</filter-name>
<filter-class>org.wso2.carbon.identity.entitlement.endpoint.filter.ApiOriginFilter</filter-class>
</filter>
<filter>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
<init-param>
<param-name>patterns</param-name>
<param-value>"text/html*","application/json*","text/plain*"</param-value>
</init-param>
<init-param>
<param-name>filterAction</param-name>
<param-value>enforce</param-value>
</init-param>
<init-param>
<param-name>httpHeaders</param-name>
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ApiOriginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>EntitlementServlet</servlet-name>
<display-name>EntitlementServlet</display-name>
<description>Entitlement Endpoints</description>
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
<load-on-startup>1</load-on-startup>
<!-- set the base path for the swagger application -->
<init-param>
<param-name>swagger.api.basepath</param-name>
<param-value>https://localhost:9443/entitlement</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>EntitlementServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>60</session-timeout>
<cookie-config>
<secure>true</secure>
</cookie-config>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>secured services</web-resource-name>
<url-pattern>/decision/*</url-pattern>
</web-resource-collection>
<!--we take default name for everyone role.If it is changed in user-mgt.xml,this needs to be changed as well.-->
<!--<auth-constraint>
<role-name>Internal/everyone</role-name>
</auth-constraint>-->
<user-data-constraint>
<!-- transport-guarantee can be CONFIDENTIAL, INTEGRAL, or NONE -->
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<listener>
<listener-class>org.wso2.carbon.identity.entitlement.endpoint.impl.ApplicationInitializer</listener-class>
</listener>
<!--login-config>
<auth-method>BASIC</auth-method>
</login-config>
<context-param>
<param-name>carbon.enable.saas</param-name>
<param-value>*</param-value>
</context-param-->
</web-app>

92
modules/core/distribution/src/repository/resources/web-apps/web-xml/api#scep-mgt#v1.0/web.xml
Unescape View File

@ -0,0 +1,92 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<display-name>Certificate-Webapp</display-name>
<servlet>
<description>JAX-WS/JAX-RS Certificate Management Endpoint</description>
<display-name>JAX-WS/JAX-RS Servlet</display-name>
<servlet-name>CXFServlet</servlet-name>
<servlet-class>
org.apache.cxf.transport.servlet.CXFServlet
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>60</session-timeout>
</session-config>
<context-param>
<param-name>isAdminService</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>doAuthentication</param-name>
<param-value>true</param-value>
</context-param>
<!--publish to apim-->
<context-param>
<param-name>managed-api-enabled</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>managed-api-owner</param-name>
<param-value>admin</param-value>
</context-param>
<filter>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
<init-param>
<param-name>patterns</param-name>
<param-value>"text/html*","application/json*","text/plain*"</param-value>
</init-param>
<init-param>
<param-name>filterAction</param-name>
<param-value>enforce</param-value>
</init-param>
<init-param>
<param-name>httpHeaders</param-name>
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>

103
modules/core/distribution/src/repository/resources/web-apps/web-xml/api-application-registration/web.xml
Unescape View File

@ -0,0 +1,103 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<web-app version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
metadata-complete="true">
<display-name>WSO2 IoT Server</display-name>
<description>WSO2 IoT Server</description>
<servlet>
<servlet-name>CXFServlet</servlet-name>
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<context-param>
<param-name>isAdminService</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>doAuthentication</param-name>
<param-value>true</param-value>
</context-param>
<!--publish to apim-->
<context-param>
<param-name>managed-api-enabled</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>managed-api-owner</param-name>
<param-value>admin</param-value>
</context-param>
<filter>
<filter-name>ApiPermissionFilter</filter-name>
<filter-class>org.wso2.carbon.apimgt.application.extension.api.filter.ApiPermissionFilter</filter-class>
</filter>
<filter>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
<init-param>
<param-name>patterns</param-name>
<param-value>"text/html*","application/json*","text/plain*"</param-value>
</init-param>
<init-param>
<param-name>filterAction</param-name>
<param-value>enforce</param-value>
</init-param>
<init-param>
<param-name>httpHeaders</param-name>
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ApiPermissionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>

280
modules/core/distribution/src/repository/resources/web-apps/web-xml/authenticationendpoint/web.xml
Unescape View File

@ -0,0 +1,280 @@
<?xml version="1.0" encoding="UTF-8"?><!--
~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<!-- Custom Page configurations -->
<!-- *************** Application specific configurations ********************** -->
<!--context-param>
<param-name>ServiceProviderApp-/samlsso_login.do</param-name>
<param-value>http://localhost:8080/customauthenticationendpoint/login.do</param-value>
</context-param-->
<!--context-param>
<param-name>ServiceProviderApp-/oauth2_authz.do</param-name>
<param-value>http://localhost:8080/authenticationendpoint/oauth2_authz.do</param-value>
</context-param-->
<!--context-param>
<param-name>ServiceProviderApp-/oauth2_error.do</param-name>
<param-value>http://localhost:8080/authenticationendpoint/oauth2_error.do</param-value>
</context-param-->
<!--context-param>
<param-name>ServiceProviderApp-/oauth2_consent.do</param-name>
<param-value>http://localhost:8080/authenticationendpoint/oauth2_consent.do</param-value>
</context-param-->
<!-- **************** End of Application specific configurations ************************* -->
<!-- *************** Global configurations ********************** -->
<!--context-param>
<param-name>/retry.do</param-name>
<param-value>http://localhost:8080/customauthenticationendpoint/retry.do?type=retry.do</param-value>
</context-param-->
<!-- *************** End of Global configurations ********************** -->
<!-- *************** Account Recovery Endpoint Context URL Configuration ********************** -->
<!--context-param>
<param-name>IdentityManagementEndpointContextURL</param-name>
<param-value>https://localhost:9443/accountrecoveryendpoint</param-value>
</context-param-->
<context-param>
<param-name>AccountRecoveryRESTEndpointURL</param-name>
<param-value>https://localhost:9443/t/tenant-domain/api/identity/user/v0.9/</param-value>
</context-param>
<!-- *************** End of Account Recovery Endpoint Context URL Configuration ********************** -->
<!--Display scopes in the consent page.-->
<context-param>
<param-name>displayScopes</param-name>
<param-value>true</param-value>
</context-param>
<filter>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<url-pattern>*</url-pattern>
</filter-mapping>
<filter>
<filter-name>AuthenticationEndpointFilter</filter-name>
<filter-class>
org.wso2.carbon.identity.application.authentication.endpoint.util.filter.AuthenticationEndpointFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>AuthenticationEndpointFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>
org.wso2.carbon.identity.application.authentication.endpoint.util.listener.AuthenticationEndpointContextListener
</listener-class>
</listener>
<servlet>
<servlet-name>retry.do</servlet-name>
<jsp-file>/retry.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>claims.do</servlet-name>
<jsp-file>/requested-claims.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>oauth2_login.do</servlet-name>
<jsp-file>/login.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>oauth2_authz.do</servlet-name>
<jsp-file>/oauth2_authz.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>oauth2_consent.do</servlet-name>
<jsp-file>/oauth2_consent.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>oauth2_logout_consent.do</servlet-name>
<jsp-file>/oauth2_logout_consent.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>oauth2_logout.do</servlet-name>
<jsp-file>/logout.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>oauth2_error.do</servlet-name>
<jsp-file>/oauth2_error.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>samlsso_login.do</servlet-name>
<jsp-file>/login.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>samlsso_logout.do</servlet-name>
<jsp-file>/logout.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>samlsso_redirect.do</servlet-name>
<jsp-file>/login.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>samlsso_notification.do</servlet-name>
<jsp-file>/samlsso_notification.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>openid_login.do</servlet-name>
<jsp-file>/login.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>openid_profile.do</servlet-name>
<jsp-file>/openid_profile.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>passivests_login.do</servlet-name>
<jsp-file>/login.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>tenantlistrefresher.do</servlet-name>
<jsp-file>/tenant_refresh_endpoint.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>registration.do</servlet-name>
<jsp-file>/registration.jsp</jsp-file>
</servlet>
<servlet-mapping>
<servlet-name>retry.do</servlet-name>
<url-pattern>/retry.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>oauth2_login.do</servlet-name>
<url-pattern>/oauth2_login.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>oauth2_authz.do</servlet-name>
<url-pattern>/oauth2_authz.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>oauth2_consent.do</servlet-name>
<url-pattern>/oauth2_consent.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>oauth2_logout_consent.do</servlet-name>
<url-pattern>/oauth2_logout_consent.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>oauth2_logout.do</servlet-name>
<url-pattern>/oauth2_logout.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>oauth2_error.do</servlet-name>
<url-pattern>/oauth2_error.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>samlsso_login.do</servlet-name>
<url-pattern>/samlsso_login.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>samlsso_logout.do</servlet-name>
<url-pattern>/samlsso_logout.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>samlsso_redirect.do</servlet-name>
<url-pattern>/samlsso_redirect.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>samlsso_notification.do</servlet-name>
<url-pattern>/samlsso_notification.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>openid_login.do</servlet-name>
<url-pattern>/openid_login.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>openid_profile.do</servlet-name>
<url-pattern>/openid_profile.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>passivests_login.do</servlet-name>
<url-pattern>/passivests_login.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>tenantlistrefresher.do</servlet-name>
<url-pattern>/tenantlistrefresher.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>registration.do</servlet-name>
<url-pattern>/registration.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>claims.do</servlet-name>
<url-pattern>/claims.do</url-pattern>
</servlet-mapping>
<error-page>
<exception-type>java.lang.Throwable</exception-type>
<location>/generic-exception-response.jsp</location>
</error-page>
<session-config>
<cookie-config>
<secure>true</secure>
</cookie-config>
</session-config>
</web-app>

87
modules/core/distribution/src/repository/resources/web-apps/web-xml/client-registration#v0.11/web.xml
Unescape View File

@ -0,0 +1,87 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ /*
~ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~ *
~ * WSO2 Inc. licenses this file to you under the Apache License,
~ * Version 2.0 (the "License"); you may not use this file except
~ * in compliance with the License.
~ * You may obtain a copy of the License at
~ *
~ * http://www.apache.org/licenses/LICENSE-2.0
~ *
~ * Unless required by applicable law or agreed to in writing,
~ * software distributed under the License is distributed on an
~ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ * KIND, either express or implied. See the License for the
~ * specific language governing permissions and limitations
~ * under the License.
~ */
-->
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<description>JAX-WS/JAX-RS Device Registration Agent Endpoint</description>
<display-name>JAX-WS/JAX-RS Servlet</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/beans.xml</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<servlet>
<description>JAX-WS/JAX-RS Device Registration Agent Endpoint</description>
<display-name>JAX-WS/JAX-RS Servlet</display-name>
<servlet-name>CXFServlet</servlet-name>
<servlet-class>
org.apache.cxf.transport.servlet.CXFServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<filter>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
<init-param>
<param-name>patterns</param-name>
<param-value>"text/html*","application/json*","text/plain*"</param-value>
</init-param>
<init-param>
<param-name>filterAction</param-name>
<param-value>enforce</param-value>
</init-param>
<init-param>
<param-name>httpHeaders</param-name>
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>

100
modules/core/distribution/src/repository/resources/web-apps/web-xml/oauth2/web.xml
Unescape View File

@ -0,0 +1,100 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2011 WSO2, Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>OAuth2 Endpoints</display-name>
<filter>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
<init-param>
<param-name>patterns</param-name>
<param-value>"text/html*","application/json*","text/plain*"</param-value>
</init-param>
<init-param>
<param-name>filterAction</param-name>
<param-value>enforce</param-value>
</init-param>
<init-param>
<param-name>httpHeaders</param-name>
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>OAuth2Endpoints</servlet-name>
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
<load-on-startup>1</load-on-startup>
<!-- Application based page loading configs -->
<!-- *********** Pages for the SampleApp *************** -->
<!--init-param>
<description>Login page for the application SampleApp</description>
<param-name>SampleApp-LoginPage</param-name>
<param-value>https://localhost:9443/mypages/sampleapp-login</param-value>
</init-param>
<init-param>
<description>Error page for the application SampleApp</description>
<param-name>SampleApp-ErrorPage</param-name>
<param-value>https://localhost:9443/mypages/sampleapp-error</param-value>
</init-param>
<init-param>
<description>Consent page for the application SampleApp</description>
<param-name>SampleApp-ConsentPage</param-name>
<param-value>https://localhost:9443/mypages/sampleapp-consent</param-value>
</init-param-->
<!-- ******************* End of SampleApp configs ***************** -->
</servlet>
<servlet-mapping>
<servlet-name>OAuth2Endpoints</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<session-config>
<cookie-config>
<secure>true</secure>
</cookie-config>
</session-config>
</web-app>

61
modules/core/distribution/src/repository/resources/web-apps/web-xml/secured-websocket/web.xml
Unescape View File

@ -0,0 +1,61 @@
<!--
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ WSO2 Inc. licenses this file to you under the Apache License,
~ Version 2.0 (the "License"); you may not use this file except
~ in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<display-name>Output WebSocket</display-name>
<filter>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
<init-param>
<param-name>patterns</param-name>
<param-value>"text/html*","application/json*","text/plain*"</param-value>
</init-param>
<init-param>
<param-name>filterAction</param-name>
<param-value>enforce</param-value>
</init-param>
<init-param>
<param-name>httpHeaders</param-name>
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>

423
modules/core/distribution/src/repository/resources/web-apps/web-xml/shindig/web.xml
Unescape View File

@ -0,0 +1,423 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="Shindig"
version="2.5">
<display-name>Shindig</display-name>
<!-- configuration -->
<!-- If you have your own Guice module(s), put them here as a colon-separated list. -->
<!-- Note that any extras modules are optional -->
<context-param>
<param-name>guice-modules</param-name>
<param-value>
org.apache.shindig.common.PropertiesModule:
org.apache.shindig.gadgets.DefaultGuiceModule:
org.apache.shindig.social.core.config.SocialApiGuiceModule:
org.apache.shindig.social.sample.SampleModule:
org.apache.shindig.gadgets.oauth.OAuthModule:
org.apache.shindig.gadgets.oauth2.OAuth2Module:
org.apache.shindig.gadgets.oauth2.OAuth2MessageModule:
org.apache.shindig.gadgets.oauth2.handler.OAuth2HandlerModule:
org.apache.shindig.gadgets.oauth2.persistence.sample.OAuth2PersistenceModule:
org.apache.shindig.common.cache.ehcache.EhCacheModule:
org.apache.shindig.sample.shiro.ShiroGuiceModule:
org.apache.shindig.sample.container.SampleContainerGuiceModule:
org.apache.shindig.extras.ShindigExtrasGuiceModule:
org.apache.shindig.gadgets.admin.GadgetAdminModule:
org.wso2.carbon.dashboard.shindig.features.WSO2ShindigFeaturesModule
</param-value>
</context-param>
<!--
Syntax: <key>=<value> separated by a newline
system.properties specifies the environmental variables that will be set to the JVM System Properties at server startup time.
Alternatively, you may add these values in your app server (ex: Tomcat) as
VM arguments like this: -Dshindig.host="my.production.shindig.server.com".
Here are a few properties that can be set for Shindig:
shindig.host: the server name that Shindig is deployed and running on
shindig.port: the port number of shindig.host server
Make sure you escape all HTML values for the web.xml to be parsed correctly.
-->
<context-param>
<param-name>system.properties</param-name>
<param-value>
<![CDATA[
shindig.host=
shindig.port=
aKey=/shindig/gadgets/proxy?container=default&url=
]]>
</param-value>
</context-param>
<filter>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsEnabled</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>antiClickJackingOption</param-name>
<param-value>SAMEORIGIN</param-value>
</init-param>
</filter>
<filter>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
<init-param>
<param-name>patterns</param-name>
<param-value>"text/html*","application/json*","text/plain*"</param-value>
</init-param>
<init-param>
<param-name>filterAction</param-name>
<param-value>enforce</param-value>
</init-param>
<init-param>
<param-name>httpHeaders</param-name>
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>HttpHeaderSecurityFilter</filter-name>
<url-pattern>*</url-pattern>
</filter-mapping>
<filter>
<filter-name>hostFilter</filter-name>
<filter-class>org.apache.shindig.common.servlet.HostFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>hostFilter</filter-name>
<url-pattern>/gadgets/ifr</url-pattern>
<url-pattern>/gadgets/js/*</url-pattern>
<url-pattern>/gadgets/proxy/*</url-pattern>
<url-pattern>/gadgets/concat</url-pattern>
<url-pattern>/gadgets/makeRequest</url-pattern>
<url-pattern>/rpc/*</url-pattern>
<url-pattern>/rest/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.IniShiroFilter</filter-class>
<init-param>
<param-name>config</param-name>
<param-value>
<![CDATA[
# The ShiroFilter configuration is very powerful and flexible, while still remaining succinct.
# Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
#
# http://www.jsecurity.org/api/org/jsecurity/web/servlet/JSecurityFilter.html
[main]
shindigSampleRealm = org.apache.shindig.sample.shiro.SampleShiroRealm
securityManager.realm = $shindigSampleRealm
authc.loginUrl = /login.jsp
[urls]
# The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
# the 'authc' filter must still be specified for it so it can process that url's
# login submissions. It is 'smart' enough to allow those requests through as specified by the
# shiro.loginUrl above.
/login.jsp = authc
/oauth/authorize/** = authc
/oauth2/authorize/** = authc
]]>
</param-value>
</init-param>
</filter>
<filter>
<filter-name>authFilter</filter-name>
<filter-class>org.apache.shindig.auth.AuthenticationServletFilter</filter-class>
</filter>
<filter>
<filter-name>etagFilter</filter-name>
<filter-class>org.apache.shindig.gadgets.servlet.ETagFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/oauth/authorize</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/oauth2/authorize</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>authFilter</filter-name>
<url-pattern>/social/*</url-pattern>
<url-pattern>/gadgets/ifr</url-pattern>
<url-pattern>/gadgets/makeRequest</url-pattern>
<url-pattern>/gadgets/proxy</url-pattern>
<url-pattern>/gadgets/api/rpc/*</url-pattern>
<url-pattern>/gadgets/api/rest/*</url-pattern>
<url-pattern>/rpc/*</url-pattern>
<url-pattern>/rest/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>etagFilter</filter-name>
<url-pattern>*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.apache.shindig.common.servlet.GuiceServletContextListener</listener-class>
</listener>
<!-- Render a Gadget -->
<servlet>
<servlet-name>xml-to-html</servlet-name>
<servlet-class>
org.wso2.carbon.dashboard.shindig.extensions.WSO2GadgetRenderingServlet
</servlet-class>
</servlet>
<servlet>
<servlet-name>accel</servlet-name>
<servlet-class>
org.apache.shindig.gadgets.servlet.HtmlAccelServlet
</servlet-class>
</servlet>
<!-- Proxy -->
<servlet>
<servlet-name>proxy</servlet-name>
<servlet-class>
org.apache.shindig.gadgets.servlet.ProxyServlet
</servlet-class>
</servlet>
<!-- makeRequest -->
<servlet>
<servlet-name>makeRequest</servlet-name>
<servlet-class>
org.apache.shindig.gadgets.servlet.MakeRequestServlet
</servlet-class>
</servlet>
<!-- Concat -->
<servlet>
<servlet-name>concat</servlet-name>
<servlet-class>
org.apache.shindig.gadgets.servlet.ConcatProxyServlet
</servlet-class>
</servlet>
<!-- OAuth callback -->
<servlet>
<servlet-name>oauthCallback</servlet-name>
<servlet-class>
org.apache.shindig.gadgets.servlet.OAuthCallbackServlet
</servlet-class>
</servlet>
<!-- OAuth2 callback -->
<servlet>
<servlet-name>oauth2callback</servlet-name>
<servlet-class>
org.apache.shindig.gadgets.servlet.OAuth2CallbackServlet
</servlet-class>
</servlet>
<!-- Metadata RPC -->
<servlet>
<servlet-name>metadata</servlet-name>
<servlet-class>
org.apache.shindig.gadgets.servlet.RpcServlet
</servlet-class>
</servlet>
<!-- javascript serving -->
<servlet>
<servlet-name>js</servlet-name>
<servlet-class>org.apache.shindig.gadgets.servlet.JsServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>restapiServlet</servlet-name>
<servlet-class>
org.apache.shindig.protocol.DataServiceServlet
</servlet-class>
<init-param>
<param-name>handlers</param-name>
<param-value>org.apache.shindig.handlers</param-value>
</init-param>
</servlet>
<!-- Serve social RPC api -->
<servlet>
<servlet-name>jsonRpcServlet</servlet-name>
<servlet-class>
org.apache.shindig.protocol.JsonRpcServlet
</servlet-class>
<init-param>
<param-name>handlers</param-name>
<param-value>org.apache.shindig.handlers</param-value>
</init-param>
</servlet>
<!-- Serve sample OAuth apis -->
<servlet>
<servlet-name>sampleOAuth</servlet-name>
<servlet-class>
org.apache.shindig.social.sample.oauth.SampleOAuthServlet
</servlet-class>
</servlet>
<!-- Serve OAuth 2 APIs -->
<servlet>
<servlet-name>OAuth2Servlet</servlet-name>
<servlet-class>
org.apache.shindig.social.core.oauth2.OAuth2Servlet
</servlet-class>
</servlet>
<servlet>
<servlet-name>rpcSwf</servlet-name>
<servlet-class>
org.apache.shindig.gadgets.servlet.RpcSwfServlet
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>js</servlet-name>
<url-pattern>/gadgets/js/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>proxy</servlet-name>
<url-pattern>/gadgets/proxy/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>makeRequest</servlet-name>
<url-pattern>/gadgets/makeRequest</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>jsonRpcServlet</servlet-name>
<url-pattern>/rpc/*</url-pattern>
<url-pattern>/gadgets/api/rpc/*</url-pattern>
<url-pattern>/social/rpc/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>restapiServlet</servlet-name>
<url-pattern>/rest/*</url-pattern>
<url-pattern>/gadgets/api/rest/*</url-pattern>
<url-pattern>/social/rest/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>concat</servlet-name>
<url-pattern>/gadgets/concat</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>oauthCallback</servlet-name>
<url-pattern>/gadgets/oauthcallback</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>oauth2callback</servlet-name>
<url-pattern>/gadgets/oauth2callback</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>xml-to-html</servlet-name>
<url-pattern>/gadgets/ifr</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>accel</servlet-name>
<url-pattern>/gadgets/accel</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>metadata</servlet-name>
<url-pattern>/gadgets/metadata</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>sampleOAuth</servlet-name>
<url-pattern>/oauth/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>OAuth2Servlet</servlet-name>
<url-pattern>/oauth2/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>rpcSwf</servlet-name>
<url-pattern>/xpc*</url-pattern>
</servlet-mapping>
<error-page>
<error-code>404</error-code>
<location>/error-pages/error404.html</location>
</error-page>
<error-page>
<error-code>401</error-code>
<location>/error-pages/error401.html</location>
</error-page>
<error-page>
<error-code>403</error-code>
<location>/error-pages/error403.html</location>
</error-page>
<error-page>
<error-code>405</error-code>
<location>/error-pages/error405.html</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/error-pages/error500.html</location>
</error-page>
</web-app>
Write Preview
Loading…
Cancel
Save