forked from community/product-iots
commit
d7e67c44df
@ -0,0 +1,118 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
|
||||
<display-name>Certificate-Webapp</display-name>
|
||||
<servlet>
|
||||
<description>JAX-WS/JAX-RS Certificate Management Endpoint</description>
|
||||
<display-name>JAX-WS/JAX-RS Servlet</display-name>
|
||||
<servlet-name>CXFServlet</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.cxf.transport.servlet.CXFServlet
|
||||
</servlet-class>
|
||||
<init-param>
|
||||
<param-name>swagger.security.filter</param-name>
|
||||
<param-value>ApiAuthorizationFilterImpl</param-value>
|
||||
</init-param>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>CXFServlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
<session-config>
|
||||
<session-timeout>60</session-timeout>
|
||||
</session-config>
|
||||
|
||||
<context-param>
|
||||
<param-name>isAdminService</param-name>
|
||||
<param-value>false</param-value>
|
||||
</context-param>
|
||||
<context-param>
|
||||
<param-name>doAuthentication</param-name>
|
||||
<param-value>true</param-value>
|
||||
</context-param>
|
||||
|
||||
<!--publish to apim-->
|
||||
<context-param>
|
||||
<param-name>managed-api-enabled</param-name>
|
||||
<param-value>true</param-value>
|
||||
</context-param>
|
||||
<context-param>
|
||||
<param-name>managed-api-owner</param-name>
|
||||
<param-value>admin</param-value>
|
||||
</context-param>
|
||||
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>CertificateMgt-Admin</web-resource-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<user-data-constraint>
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<filter>
|
||||
<filter-name>ApiOriginFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.ApiOriginFilter</filter-class>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>hstsEnabled</param-name>
|
||||
<param-value>false</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>patterns</param-name>
|
||||
<param-value>text/html" ,application/json" ,text/plain</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>filterAction</param-name>
|
||||
<param-value>enforce</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>httpHeaders</param-name>
|
||||
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ApiOriginFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
|
||||
</web-app>
|
@ -0,0 +1,127 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
|
||||
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
||||
|
||||
<display-name>Entitlement-Service-Provider</display-name>
|
||||
|
||||
<!-- SWAGGER FILTER -->
|
||||
<filter>
|
||||
<filter-name>ApiOriginFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.identity.entitlement.endpoint.filter.ApiOriginFilter</filter-class>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>hstsEnabled</param-name>
|
||||
<param-value>false</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>patterns</param-name>
|
||||
<param-value>text/html" ,application/json" ,text/plain</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>filterAction</param-name>
|
||||
<param-value>enforce</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>httpHeaders</param-name>
|
||||
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ApiOriginFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>EntitlementServlet</servlet-name>
|
||||
<display-name>EntitlementServlet</display-name>
|
||||
<description>Entitlement Endpoints</description>
|
||||
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
|
||||
<!-- set the base path for the swagger application -->
|
||||
<init-param>
|
||||
<param-name>swagger.api.basepath</param-name>
|
||||
<param-value>https://localhost:9443/entitlement</param-value>
|
||||
</init-param>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>EntitlementServlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<session-config>
|
||||
<session-timeout>60</session-timeout>
|
||||
<cookie-config>
|
||||
<secure>true</secure>
|
||||
</cookie-config>
|
||||
</session-config>
|
||||
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>secured services</web-resource-name>
|
||||
<url-pattern>/decision/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<!--we take default name for everyone role.If it is changed in user-mgt.xml,this needs to be changed as well.-->
|
||||
<!--<auth-constraint>
|
||||
<role-name>Internal/everyone</role-name>
|
||||
</auth-constraint>-->
|
||||
<user-data-constraint>
|
||||
<!-- transport-guarantee can be CONFIDENTIAL, INTEGRAL, or NONE -->
|
||||
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
||||
</user-data-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<listener>
|
||||
<listener-class>org.wso2.carbon.identity.entitlement.endpoint.impl.ApplicationInitializer</listener-class>
|
||||
</listener>
|
||||
|
||||
<!--login-config>
|
||||
<auth-method>BASIC</auth-method>
|
||||
</login-config>
|
||||
<context-param>
|
||||
<param-name>carbon.enable.saas</param-name>
|
||||
<param-value>*</param-value>
|
||||
</context-param-->
|
||||
|
||||
</web-app>
|
||||
|
@ -0,0 +1,92 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
|
||||
<display-name>Certificate-Webapp</display-name>
|
||||
<servlet>
|
||||
<description>JAX-WS/JAX-RS Certificate Management Endpoint</description>
|
||||
<display-name>JAX-WS/JAX-RS Servlet</display-name>
|
||||
<servlet-name>CXFServlet</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.cxf.transport.servlet.CXFServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>CXFServlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
<session-config>
|
||||
<session-timeout>60</session-timeout>
|
||||
</session-config>
|
||||
|
||||
<context-param>
|
||||
<param-name>isAdminService</param-name>
|
||||
<param-value>false</param-value>
|
||||
</context-param>
|
||||
<context-param>
|
||||
<param-name>doAuthentication</param-name>
|
||||
<param-value>true</param-value>
|
||||
</context-param>
|
||||
|
||||
<!--publish to apim-->
|
||||
<context-param>
|
||||
<param-name>managed-api-enabled</param-name>
|
||||
<param-value>true</param-value>
|
||||
</context-param>
|
||||
<context-param>
|
||||
<param-name>managed-api-owner</param-name>
|
||||
<param-value>admin</param-value>
|
||||
</context-param>
|
||||
|
||||
<filter>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>hstsEnabled</param-name>
|
||||
<param-value>false</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>patterns</param-name>
|
||||
<param-value>text/html" ,application/json" ,text/plain</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>filterAction</param-name>
|
||||
<param-value>enforce</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>httpHeaders</param-name>
|
||||
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
</web-app>
|
@ -0,0 +1,103 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<web-app version="2.5"
|
||||
xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
|
||||
metadata-complete="true">
|
||||
<display-name>WSO2 IoT Server</display-name>
|
||||
<description>WSO2 IoT Server</description>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>CXFServlet</servlet-name>
|
||||
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>CXFServlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
<context-param>
|
||||
<param-name>isAdminService</param-name>
|
||||
<param-value>false</param-value>
|
||||
</context-param>
|
||||
<context-param>
|
||||
<param-name>doAuthentication</param-name>
|
||||
<param-value>true</param-value>
|
||||
</context-param>
|
||||
|
||||
<!--publish to apim-->
|
||||
<context-param>
|
||||
<param-name>managed-api-enabled</param-name>
|
||||
<param-value>true</param-value>
|
||||
</context-param>
|
||||
<context-param>
|
||||
<param-name>managed-api-owner</param-name>
|
||||
<param-value>admin</param-value>
|
||||
</context-param>
|
||||
|
||||
<filter>
|
||||
<filter-name>ApiPermissionFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.apimgt.application.extension.api.filter.ApiPermissionFilter</filter-class>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>hstsEnabled</param-name>
|
||||
<param-value>false</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>patterns</param-name>
|
||||
<param-value>text/html" ,application/json" ,text/plain</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>filterAction</param-name>
|
||||
<param-value>enforce</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>httpHeaders</param-name>
|
||||
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ApiPermissionFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
</web-app>
|
@ -0,0 +1,280 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?><!--
|
||||
~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
|
||||
"http://java.sun.com/dtd/web-app_2_3.dtd" >
|
||||
|
||||
<web-app>
|
||||
<!-- Custom Page configurations -->
|
||||
<!-- *************** Application specific configurations ********************** -->
|
||||
<!--context-param>
|
||||
<param-name>ServiceProviderApp-/samlsso_login.do</param-name>
|
||||
<param-value>http://localhost:8080/customauthenticationendpoint/login.do</param-value>
|
||||
</context-param-->
|
||||
<!--context-param>
|
||||
<param-name>ServiceProviderApp-/oauth2_authz.do</param-name>
|
||||
<param-value>http://localhost:8080/authenticationendpoint/oauth2_authz.do</param-value>
|
||||
</context-param-->
|
||||
<!--context-param>
|
||||
<param-name>ServiceProviderApp-/oauth2_error.do</param-name>
|
||||
<param-value>http://localhost:8080/authenticationendpoint/oauth2_error.do</param-value>
|
||||
</context-param-->
|
||||
<!--context-param>
|
||||
<param-name>ServiceProviderApp-/oauth2_consent.do</param-name>
|
||||
<param-value>http://localhost:8080/authenticationendpoint/oauth2_consent.do</param-value>
|
||||
</context-param-->
|
||||
<!-- **************** End of Application specific configurations ************************* -->
|
||||
|
||||
<!-- *************** Global configurations ********************** -->
|
||||
<!--context-param>
|
||||
<param-name>/retry.do</param-name>
|
||||
<param-value>http://localhost:8080/customauthenticationendpoint/retry.do?type=retry.do</param-value>
|
||||
</context-param-->
|
||||
<!-- *************** End of Global configurations ********************** -->
|
||||
|
||||
<!-- *************** Account Recovery Endpoint Context URL Configuration ********************** -->
|
||||
<!--context-param>
|
||||
<param-name>IdentityManagementEndpointContextURL</param-name>
|
||||
<param-value>https://localhost:9443/accountrecoveryendpoint</param-value>
|
||||
</context-param-->
|
||||
<context-param>
|
||||
<param-name>AccountRecoveryRESTEndpointURL</param-name>
|
||||
<param-value>https://localhost:9443/t/tenant-domain/api/identity/user/v0.9/</param-value>
|
||||
</context-param>
|
||||
<!-- *************** End of Account Recovery Endpoint Context URL Configuration ********************** -->
|
||||
|
||||
<!--Display scopes in the consent page.-->
|
||||
<context-param>
|
||||
<param-name>displayScopes</param-name>
|
||||
<param-value>true</param-value>
|
||||
</context-param>
|
||||
|
||||
<filter>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>hstsEnabled</param-name>
|
||||
<param-value>false</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<url-pattern>*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter>
|
||||
<filter-name>AuthenticationEndpointFilter</filter-name>
|
||||
<filter-class>
|
||||
org.wso2.carbon.identity.application.authentication.endpoint.util.filter.AuthenticationEndpointFilter
|
||||
</filter-class>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>AuthenticationEndpointFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<listener>
|
||||
<listener-class>
|
||||
org.wso2.carbon.identity.application.authentication.endpoint.util.listener.AuthenticationEndpointContextListener
|
||||
</listener-class>
|
||||
</listener>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>retry.do</servlet-name>
|
||||
<jsp-file>/retry.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>claims.do</servlet-name>
|
||||
<jsp-file>/requested-claims.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>oauth2_login.do</servlet-name>
|
||||
<jsp-file>/login.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>oauth2_authz.do</servlet-name>
|
||||
<jsp-file>/oauth2_authz.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>oauth2_consent.do</servlet-name>
|
||||
<jsp-file>/oauth2_consent.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>oauth2_logout_consent.do</servlet-name>
|
||||
<jsp-file>/oauth2_logout_consent.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>oauth2_logout.do</servlet-name>
|
||||
<jsp-file>/logout.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>oauth2_error.do</servlet-name>
|
||||
<jsp-file>/oauth2_error.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>samlsso_login.do</servlet-name>
|
||||
<jsp-file>/login.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>samlsso_logout.do</servlet-name>
|
||||
<jsp-file>/logout.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>samlsso_redirect.do</servlet-name>
|
||||
<jsp-file>/login.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>samlsso_notification.do</servlet-name>
|
||||
<jsp-file>/samlsso_notification.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>openid_login.do</servlet-name>
|
||||
<jsp-file>/login.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>openid_profile.do</servlet-name>
|
||||
<jsp-file>/openid_profile.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>passivests_login.do</servlet-name>
|
||||
<jsp-file>/login.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>tenantlistrefresher.do</servlet-name>
|
||||
<jsp-file>/tenant_refresh_endpoint.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>registration.do</servlet-name>
|
||||
<jsp-file>/registration.jsp</jsp-file>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>retry.do</servlet-name>
|
||||
<url-pattern>/retry.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>oauth2_login.do</servlet-name>
|
||||
<url-pattern>/oauth2_login.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>oauth2_authz.do</servlet-name>
|
||||
<url-pattern>/oauth2_authz.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>oauth2_consent.do</servlet-name>
|
||||
<url-pattern>/oauth2_consent.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>oauth2_logout_consent.do</servlet-name>
|
||||
<url-pattern>/oauth2_logout_consent.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>oauth2_logout.do</servlet-name>
|
||||
<url-pattern>/oauth2_logout.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>oauth2_error.do</servlet-name>
|
||||
<url-pattern>/oauth2_error.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>samlsso_login.do</servlet-name>
|
||||
<url-pattern>/samlsso_login.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>samlsso_logout.do</servlet-name>
|
||||
<url-pattern>/samlsso_logout.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>samlsso_redirect.do</servlet-name>
|
||||
<url-pattern>/samlsso_redirect.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>samlsso_notification.do</servlet-name>
|
||||
<url-pattern>/samlsso_notification.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>openid_login.do</servlet-name>
|
||||
<url-pattern>/openid_login.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>openid_profile.do</servlet-name>
|
||||
<url-pattern>/openid_profile.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>passivests_login.do</servlet-name>
|
||||
<url-pattern>/passivests_login.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>tenantlistrefresher.do</servlet-name>
|
||||
<url-pattern>/tenantlistrefresher.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>registration.do</servlet-name>
|
||||
<url-pattern>/registration.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>claims.do</servlet-name>
|
||||
<url-pattern>/claims.do</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<error-page>
|
||||
<exception-type>java.lang.Throwable</exception-type>
|
||||
<location>/generic-exception-response.jsp</location>
|
||||
</error-page>
|
||||
|
||||
<session-config>
|
||||
<cookie-config>
|
||||
<secure>true</secure>
|
||||
</cookie-config>
|
||||
</session-config>
|
||||
|
||||
</web-app>
|
@ -0,0 +1,87 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ /*
|
||||
~ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~ *
|
||||
~ * WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ * Version 2.0 (the "License"); you may not use this file except
|
||||
~ * in compliance with the License.
|
||||
~ * You may obtain a copy of the License at
|
||||
~ *
|
||||
~ * http://www.apache.org/licenses/LICENSE-2.0
|
||||
~ *
|
||||
~ * Unless required by applicable law or agreed to in writing,
|
||||
~ * software distributed under the License is distributed on an
|
||||
~ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ * KIND, either express or implied. See the License for the
|
||||
~ * specific language governing permissions and limitations
|
||||
~ * under the License.
|
||||
~ */
|
||||
-->
|
||||
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
|
||||
version="2.4">
|
||||
|
||||
<description>JAX-WS/JAX-RS Device Registration Agent Endpoint</description>
|
||||
<display-name>JAX-WS/JAX-RS Servlet</display-name>
|
||||
<context-param>
|
||||
<param-name>contextConfigLocation</param-name>
|
||||
<param-value>WEB-INF/beans.xml</param-value>
|
||||
</context-param>
|
||||
<listener>
|
||||
<listener-class>
|
||||
org.springframework.web.context.ContextLoaderListener
|
||||
</listener-class>
|
||||
</listener>
|
||||
<servlet>
|
||||
<description>JAX-WS/JAX-RS Device Registration Agent Endpoint</description>
|
||||
<display-name>JAX-WS/JAX-RS Servlet</display-name>
|
||||
<servlet-name>CXFServlet</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.cxf.transport.servlet.CXFServlet
|
||||
</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>CXFServlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<filter>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>hstsEnabled</param-name>
|
||||
<param-value>false</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>patterns</param-name>
|
||||
<param-value>text/html" ,application/json" ,text/plain</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>filterAction</param-name>
|
||||
<param-value>enforce</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>httpHeaders</param-name>
|
||||
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
</web-app>
|
@ -0,0 +1,100 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2011 WSO2, Inc. (http://wso2.com)
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
|
||||
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
||||
|
||||
<display-name>OAuth2 Endpoints</display-name>
|
||||
|
||||
<filter>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>hstsEnabled</param-name>
|
||||
<param-value>false</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>patterns</param-name>
|
||||
<param-value>text/html" ,application/json" ,text/plain</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>filterAction</param-name>
|
||||
<param-value>enforce</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>httpHeaders</param-name>
|
||||
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
|
||||
<servlet>
|
||||
<servlet-name>OAuth2Endpoints</servlet-name>
|
||||
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
|
||||
<!-- Application based page loading configs -->
|
||||
|
||||
<!-- *********** Pages for the SampleApp *************** -->
|
||||
<!--init-param>
|
||||
<description>Login page for the application SampleApp</description>
|
||||
<param-name>SampleApp-LoginPage</param-name>
|
||||
<param-value>https://localhost:9443/mypages/sampleapp-login</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<description>Error page for the application SampleApp</description>
|
||||
<param-name>SampleApp-ErrorPage</param-name>
|
||||
<param-value>https://localhost:9443/mypages/sampleapp-error</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<description>Consent page for the application SampleApp</description>
|
||||
<param-name>SampleApp-ConsentPage</param-name>
|
||||
<param-value>https://localhost:9443/mypages/sampleapp-consent</param-value>
|
||||
</init-param-->
|
||||
<!-- ******************* End of SampleApp configs ***************** -->
|
||||
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>OAuth2Endpoints</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<session-config>
|
||||
<cookie-config>
|
||||
<secure>true</secure>
|
||||
</cookie-config>
|
||||
</session-config>
|
||||
|
||||
</web-app>
|
@ -0,0 +1,61 @@
|
||||
<!--
|
||||
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
<!DOCTYPE web-app PUBLIC
|
||||
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
|
||||
"http://java.sun.com/dtd/web-app_2_3.dtd" >
|
||||
|
||||
<web-app>
|
||||
<display-name>Output WebSocket</display-name>
|
||||
|
||||
<filter>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>hstsEnabled</param-name>
|
||||
<param-value>false</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>patterns</param-name>
|
||||
<param-value>text/html" ,application/json" ,text/plain</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>filterAction</param-name>
|
||||
<param-value>enforce</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>httpHeaders</param-name>
|
||||
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
</web-app>
|
@ -0,0 +1,423 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
|
||||
id="Shindig"
|
||||
version="2.5">
|
||||
<display-name>Shindig</display-name>
|
||||
<!-- configuration -->
|
||||
<!-- If you have your own Guice module(s), put them here as a colon-separated list. -->
|
||||
<!-- Note that any extras modules are optional -->
|
||||
<context-param>
|
||||
<param-name>guice-modules</param-name>
|
||||
<param-value>
|
||||
org.apache.shindig.common.PropertiesModule:
|
||||
org.apache.shindig.gadgets.DefaultGuiceModule:
|
||||
org.apache.shindig.social.core.config.SocialApiGuiceModule:
|
||||
org.apache.shindig.social.sample.SampleModule:
|
||||
org.apache.shindig.gadgets.oauth.OAuthModule:
|
||||
org.apache.shindig.gadgets.oauth2.OAuth2Module:
|
||||
org.apache.shindig.gadgets.oauth2.OAuth2MessageModule:
|
||||
org.apache.shindig.gadgets.oauth2.handler.OAuth2HandlerModule:
|
||||
org.apache.shindig.gadgets.oauth2.persistence.sample.OAuth2PersistenceModule:
|
||||
org.apache.shindig.common.cache.ehcache.EhCacheModule:
|
||||
org.apache.shindig.sample.shiro.ShiroGuiceModule:
|
||||
org.apache.shindig.sample.container.SampleContainerGuiceModule:
|
||||
org.apache.shindig.extras.ShindigExtrasGuiceModule:
|
||||
org.apache.shindig.gadgets.admin.GadgetAdminModule:
|
||||
org.wso2.carbon.dashboard.shindig.features.WSO2ShindigFeaturesModule
|
||||
</param-value>
|
||||
</context-param>
|
||||
|
||||
<!--
|
||||
Syntax: <key>=<value> separated by a newline
|
||||
|
||||
system.properties specifies the environmental variables that will be set to the JVM System Properties at server startup time.
|
||||
Alternatively, you may add these values in your app server (ex: Tomcat) as
|
||||
VM arguments like this: -Dshindig.host="my.production.shindig.server.com".
|
||||
|
||||
Here are a few properties that can be set for Shindig:
|
||||
shindig.host: the server name that Shindig is deployed and running on
|
||||
shindig.port: the port number of shindig.host server
|
||||
|
||||
Make sure you escape all HTML values for the web.xml to be parsed correctly.
|
||||
-->
|
||||
<context-param>
|
||||
<param-name>system.properties</param-name>
|
||||
<param-value>
|
||||
<![CDATA[
|
||||
shindig.host=
|
||||
shindig.port=
|
||||
aKey=/shindig/gadgets/proxy?container=default&url=
|
||||
]]>
|
||||
</param-value>
|
||||
</context-param>
|
||||
|
||||
<filter>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>hstsEnabled</param-name>
|
||||
<param-value>false</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>antiClickJackingOption</param-name>
|
||||
<param-value>SAMEORIGIN</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
|
||||
<filter>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<filter-class>org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>patterns</param-name>
|
||||
<param-value>text/html" ,application/json" ,text/plain</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>filterAction</param-name>
|
||||
<param-value>enforce</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>httpHeaders</param-name>
|
||||
<param-value>Cache-Control: no-store, no-cache, must-revalidate, private</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ContentTypeBasedCachePreventionFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>HttpHeaderSecurityFilter</filter-name>
|
||||
<url-pattern>*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter>
|
||||
<filter-name>hostFilter</filter-name>
|
||||
<filter-class>org.apache.shindig.common.servlet.HostFilter</filter-class>
|
||||
</filter>
|
||||
<filter-mapping>
|
||||
<filter-name>hostFilter</filter-name>
|
||||
<url-pattern>/gadgets/ifr</url-pattern>
|
||||
<url-pattern>/gadgets/js/*</url-pattern>
|
||||
<url-pattern>/gadgets/proxy/*</url-pattern>
|
||||
<url-pattern>/gadgets/concat</url-pattern>
|
||||
<url-pattern>/gadgets/makeRequest</url-pattern>
|
||||
<url-pattern>/rpc/*</url-pattern>
|
||||
<url-pattern>/rest/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter>
|
||||
<filter-name>ShiroFilter</filter-name>
|
||||
<filter-class>org.apache.shiro.web.servlet.IniShiroFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>config</param-name>
|
||||
<param-value>
|
||||
<![CDATA[
|
||||
# The ShiroFilter configuration is very powerful and flexible, while still remaining succinct.
|
||||
# Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
|
||||
#
|
||||
# http://www.jsecurity.org/api/org/jsecurity/web/servlet/JSecurityFilter.html
|
||||
[main]
|
||||
shindigSampleRealm = org.apache.shindig.sample.shiro.SampleShiroRealm
|
||||
securityManager.realm = $shindigSampleRealm
|
||||
authc.loginUrl = /login.jsp
|
||||
|
||||
[urls]
|
||||
# The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
|
||||
# the 'authc' filter must still be specified for it so it can process that url's
|
||||
# login submissions. It is 'smart' enough to allow those requests through as specified by the
|
||||
# shiro.loginUrl above.
|
||||
/login.jsp = authc
|
||||
|
||||
/oauth/authorize/** = authc
|
||||
/oauth2/authorize/** = authc
|
||||
]]>
|
||||
</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>authFilter</filter-name>
|
||||
<filter-class>org.apache.shindig.auth.AuthenticationServletFilter</filter-class>
|
||||
</filter>
|
||||
|
||||
<filter>
|
||||
<filter-name>etagFilter</filter-name>
|
||||
<filter-class>org.apache.shindig.gadgets.servlet.ETagFilter</filter-class>
|
||||
</filter>
|
||||
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ShiroFilter</filter-name>
|
||||
<url-pattern>/oauth/authorize</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ShiroFilter</filter-name>
|
||||
<url-pattern>/oauth2/authorize</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>ShiroFilter</filter-name>
|
||||
<url-pattern>*.jsp</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>authFilter</filter-name>
|
||||
<url-pattern>/social/*</url-pattern>
|
||||
<url-pattern>/gadgets/ifr</url-pattern>
|
||||
<url-pattern>/gadgets/makeRequest</url-pattern>
|
||||
<url-pattern>/gadgets/proxy</url-pattern>
|
||||
<url-pattern>/gadgets/api/rpc/*</url-pattern>
|
||||
<url-pattern>/gadgets/api/rest/*</url-pattern>
|
||||
<url-pattern>/rpc/*</url-pattern>
|
||||
<url-pattern>/rest/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>etagFilter</filter-name>
|
||||
<url-pattern>*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<listener>
|
||||
<listener-class>org.apache.shindig.common.servlet.GuiceServletContextListener</listener-class>
|
||||
</listener>
|
||||
|
||||
<!-- Render a Gadget -->
|
||||
<servlet>
|
||||
<servlet-name>xml-to-html</servlet-name>
|
||||
<servlet-class>
|
||||
org.wso2.carbon.dashboard.shindig.extensions.WSO2GadgetRenderingServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>accel</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.gadgets.servlet.HtmlAccelServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<!-- Proxy -->
|
||||
<servlet>
|
||||
<servlet-name>proxy</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.gadgets.servlet.ProxyServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<!-- makeRequest -->
|
||||
<servlet>
|
||||
<servlet-name>makeRequest</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.gadgets.servlet.MakeRequestServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<!-- Concat -->
|
||||
<servlet>
|
||||
<servlet-name>concat</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.gadgets.servlet.ConcatProxyServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<!-- OAuth callback -->
|
||||
<servlet>
|
||||
<servlet-name>oauthCallback</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.gadgets.servlet.OAuthCallbackServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<!-- OAuth2 callback -->
|
||||
<servlet>
|
||||
<servlet-name>oauth2callback</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.gadgets.servlet.OAuth2CallbackServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<!-- Metadata RPC -->
|
||||
<servlet>
|
||||
<servlet-name>metadata</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.gadgets.servlet.RpcServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<!-- javascript serving -->
|
||||
<servlet>
|
||||
<servlet-name>js</servlet-name>
|
||||
<servlet-class>org.apache.shindig.gadgets.servlet.JsServlet</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>restapiServlet</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.protocol.DataServiceServlet
|
||||
</servlet-class>
|
||||
<init-param>
|
||||
<param-name>handlers</param-name>
|
||||
<param-value>org.apache.shindig.handlers</param-value>
|
||||
</init-param>
|
||||
</servlet>
|
||||
|
||||
<!-- Serve social RPC api -->
|
||||
<servlet>
|
||||
<servlet-name>jsonRpcServlet</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.protocol.JsonRpcServlet
|
||||
</servlet-class>
|
||||
<init-param>
|
||||
<param-name>handlers</param-name>
|
||||
<param-value>org.apache.shindig.handlers</param-value>
|
||||
</init-param>
|
||||
</servlet>
|
||||
|
||||
<!-- Serve sample OAuth apis -->
|
||||
<servlet>
|
||||
<servlet-name>sampleOAuth</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.social.sample.oauth.SampleOAuthServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<!-- Serve OAuth 2 APIs -->
|
||||
<servlet>
|
||||
<servlet-name>OAuth2Servlet</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.social.core.oauth2.OAuth2Servlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>rpcSwf</servlet-name>
|
||||
<servlet-class>
|
||||
org.apache.shindig.gadgets.servlet.RpcSwfServlet
|
||||
</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>js</servlet-name>
|
||||
<url-pattern>/gadgets/js/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>proxy</servlet-name>
|
||||
<url-pattern>/gadgets/proxy/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>makeRequest</servlet-name>
|
||||
<url-pattern>/gadgets/makeRequest</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>jsonRpcServlet</servlet-name>
|
||||
<url-pattern>/rpc/*</url-pattern>
|
||||
<url-pattern>/gadgets/api/rpc/*</url-pattern>
|
||||
<url-pattern>/social/rpc/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>restapiServlet</servlet-name>
|
||||
<url-pattern>/rest/*</url-pattern>
|
||||
<url-pattern>/gadgets/api/rest/*</url-pattern>
|
||||
<url-pattern>/social/rest/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>concat</servlet-name>
|
||||
<url-pattern>/gadgets/concat</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>oauthCallback</servlet-name>
|
||||
<url-pattern>/gadgets/oauthcallback</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>oauth2callback</servlet-name>
|
||||
<url-pattern>/gadgets/oauth2callback</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>xml-to-html</servlet-name>
|
||||
<url-pattern>/gadgets/ifr</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>accel</servlet-name>
|
||||
<url-pattern>/gadgets/accel</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>metadata</servlet-name>
|
||||
<url-pattern>/gadgets/metadata</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>sampleOAuth</servlet-name>
|
||||
<url-pattern>/oauth/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>OAuth2Servlet</servlet-name>
|
||||
<url-pattern>/oauth2/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>rpcSwf</servlet-name>
|
||||
<url-pattern>/xpc*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<error-page>
|
||||
<error-code>404</error-code>
|
||||
<location>/error-pages/error404.html</location>
|
||||
</error-page>
|
||||
|
||||
<error-page>
|
||||
<error-code>401</error-code>
|
||||
<location>/error-pages/error401.html</location>
|
||||
</error-page>
|
||||
|
||||
<error-page>
|
||||
<error-code>403</error-code>
|
||||
<location>/error-pages/error403.html</location>
|
||||
</error-page>
|
||||
|
||||
<error-page>
|
||||
<error-code>405</error-code>
|
||||
<location>/error-pages/error405.html</location>
|
||||
</error-page>
|
||||
|
||||
<error-page>
|
||||
<error-code>500</error-code>
|
||||
<location>/error-pages/error500.html</location>
|
||||
</error-page>
|
||||
</web-app>
|
Loading…
Reference in new issue