Example 11 with HttpConstraintElement
use of javax.servlet.HttpConstraintElement in project Payara by payara.
the class EjbInvokerContainerInitializer method onStartup.
@Override
public void onStartup(Set<Class<?>> set, ServletContext ctx) throws ServletException {
EjbInvokerConfiguration config = Globals.getDefaultBaseServiceLocator().getService(EjbInvokerConfiguration.class);
String endpoint = ctx.getContextPath();
if (endpoint.startsWith("/")) {
endpoint = endpoint.substring(1);
}
if (!config.getEndpoint().equals(endpoint)) {
return;
}
if (Boolean.parseBoolean(config.getSecurityEnabled())) {
String[] roles = config.getRoles().split(",");
ServletRegistration.Dynamic reg = (ServletRegistration.Dynamic) ctx.getServletRegistration(EjbOverHttpApplication.class.getName());
if (reg == null) {
new JerseyServletContainerInitializer().onStartup(new HashSet<>(asList(EjbOverHttpApplication.class)), ctx);
reg = (ServletRegistration.Dynamic) ctx.getServletRegistration(EjbOverHttpApplication.class.getName());
}
reg.setServletSecurity(new ServletSecurityElement(new HttpConstraintElement(CONFIDENTIAL, roles)));
if (FORM_AUTH.equals(config.getAuthType())) {
ServletRegistration defaultRegistration = ctx.getServletRegistration("default");
defaultRegistration.addMapping("/login.xhtml");
defaultRegistration.addMapping("/error.xhtml");
}
ctx.declareRoles(roles);
}
}
Also used :
ServletRegistration(javax.servlet.ServletRegistration)
EjbInvokerConfiguration(fish.payara.ejb.http.admin.EjbInvokerConfiguration)
HttpConstraintElement(javax.servlet.HttpConstraintElement)
EjbOverHttpApplication(fish.payara.ejb.http.endpoint.EjbOverHttpApplication)
ServletSecurityElement(javax.servlet.ServletSecurityElement)
JerseyServletContainerInitializer(org.glassfish.jersey.servlet.init.JerseyServletContainerInitializer)
Example 12 with HttpConstraintElement
use of javax.servlet.HttpConstraintElement in project Payara by payara.
the class HealthCheckServletContainerInitializer method onStartup.
@Override
public void onStartup(Set<Class<?>> c, ServletContext ctx) throws ServletException {
// Check if this context is the root one ("/")
if (ctx.getContextPath().isEmpty()) {
// Check if there is already a servlet for healthcheck
Map<String, ? extends ServletRegistration> registrations = ctx.getServletRegistrations();
MicroprofileHealthCheckConfiguration configuration = Globals.getDefaultHabitat().getService(MicroprofileHealthCheckConfiguration.class);
if (!Boolean.parseBoolean(configuration.getEnabled())) {
// MP Healthcheck disabled
return;
}
for (ServletRegistration reg : registrations.values()) {
if (reg.getClass().equals(HealthCheckServlet.class) || reg.getMappings().contains("/" + configuration.getEndpoint())) {
return;
}
}
String virtualServers = configuration.getVirtualServers();
if (!isEmpty(virtualServers) && !asList(virtualServers.split(",")).contains(ctx.getVirtualServerName())) {
return;
}
// Register servlet
ServletRegistration.Dynamic reg = ctx.addServlet("microprofile-healthcheck-servlet", HealthCheckServlet.class);
reg.addMapping("/" + configuration.getEndpoint() + "/*");
if (Boolean.parseBoolean(configuration.getSecurityEnabled())) {
String[] roles = configuration.getRoles().split(",");
reg.setServletSecurity(new ServletSecurityElement(new HttpConstraintElement(CONFIDENTIAL, roles)));
ctx.declareRoles(roles);
if (Boolean.getBoolean(CREATE_INSECURE_ENDPOINT_TEST)) {
ServletRegistration.Dynamic insecureReg = ctx.addServlet("microprofile-healthcheck-servlet-insecure", HealthCheckServlet.class);
insecureReg.addMapping("/" + configuration.getEndpoint() + "-insecure/*");
}
}
}
}
Also used :
ServletRegistration(javax.servlet.ServletRegistration)
MicroprofileHealthCheckConfiguration(fish.payara.microprofile.healthcheck.config.MicroprofileHealthCheckConfiguration)
HttpConstraintElement(javax.servlet.HttpConstraintElement)
ServletSecurityElement(javax.servlet.ServletSecurityElement)
Example 13 with HttpConstraintElement
use of javax.servlet.HttpConstraintElement in project iaf by ibissource.
the class ServletManager method registerServlet.
public void registerServlet(String servletName, Servlet servlet, String urlMapping, String[] roles, int loadOnStartup, Map<String, String> initParameters) {
log.info("instantiating IbisInitializer servlet name [" + servletName + "] servletClass [" + servlet + "] loadOnStartup [" + loadOnStartup + "]");
getServletContext().log("instantiating IbisInitializer servlet [" + servletName + "]");
AppConstants appConstants = AppConstants.getInstance();
String propertyPrefix = "servlet." + servletName + ".";
if (!appConstants.getBoolean(propertyPrefix + "enabled", true))
return;
ServletRegistration.Dynamic serv = getServletContext().addServlet(servletName, servlet);
ServletSecurity.TransportGuarantee transportGuarantee = getTransportGuarantee(propertyPrefix + "transportGuarantee");
String stage = appConstants.getString("dtap.stage", null);
String[] rolesCopy = new String[0];
if (roles != null && stage != null && !stage.equalsIgnoreCase("LOC"))
rolesCopy = roles;
String roleNames = appConstants.getString(propertyPrefix + "securityroles", null);
if (StringUtils.isNotEmpty(roleNames)) {
log.warn("property [" + propertyPrefix + "securityroles] has been replaced with [" + propertyPrefix + "securityRoles" + "]");
}
roleNames = appConstants.getString(propertyPrefix + "securityRoles", roleNames);
if (StringUtils.isNotEmpty(roleNames))
rolesCopy = roleNames.split(",");
declareRoles(rolesCopy);
HttpConstraintElement httpConstraintElement = new HttpConstraintElement(transportGuarantee, rolesCopy);
ServletSecurityElement constraint = new ServletSecurityElement(httpConstraintElement);
String urlMappingCopy = appConstants.getString(propertyPrefix + "urlMapping", urlMapping);
if (!urlMappingCopy.startsWith("/") && !urlMappingCopy.startsWith("*")) {
urlMappingCopy = "/" + urlMappingCopy;
}
serv.addMapping(urlMappingCopy);
int loadOnStartupCopy = appConstants.getInt(propertyPrefix + "loadOnStartup", loadOnStartup);
serv.setLoadOnStartup(loadOnStartupCopy);
serv.setServletSecurity(constraint);
if (initParameters != null && !initParameters.isEmpty()) {
// Manually loop through the map as serv.setInitParameters will fail all parameters even if only 1 fails...
for (String key : initParameters.keySet()) {
String value = initParameters.get(key);
if (!serv.setInitParameter(key, value)) {
log("unable to set init-parameter [" + key + "] with value [" + value + "] for servlet [" + servletName + "]", Level.ERROR);
}
}
}
if (log.isDebugEnabled())
log.debug("registered servlet [" + servletName + "] class [" + servlet + "] url [" + urlMapping + "] loadOnStartup [" + loadOnStartup + "]");
}
Also used :
ServletRegistration(javax.servlet.ServletRegistration)
ServletSecurity(javax.servlet.annotation.ServletSecurity)
HttpConstraintElement(javax.servlet.HttpConstraintElement)
ServletSecurityElement(javax.servlet.ServletSecurityElement)
AppConstants(nl.nn.adapterframework.util.AppConstants)
Aggregations
HttpConstraintElement (javax.servlet.HttpConstraintElement)13
ServletSecurityElement (javax.servlet.ServletSecurityElement)13
Test (org.junit.Test)7
ServletRegistration (javax.servlet.ServletRegistration)6
HttpMethodConstraintElement (javax.servlet.HttpMethodConstraintElement)4
ArrayList (java.util.ArrayList)3
EjbInvokerConfiguration (fish.payara.ejb.http.admin.EjbInvokerConfiguration)1
EjbOverHttpApplication (fish.payara.ejb.http.endpoint.EjbOverHttpApplication)1
MicroprofileHealthCheckConfiguration (fish.payara.microprofile.healthcheck.config.MicroprofileHealthCheckConfiguration)1
MetricsServiceConfiguration (fish.payara.microprofile.metrics.admin.MetricsServiceConfiguration)1
OpenApiServiceConfiguration (fish.payara.microprofile.openapi.impl.admin.OpenApiServiceConfiguration)1
OpenApiApplication (fish.payara.microprofile.openapi.rest.app.OpenApiApplication)1
HashSet (java.util.HashSet)1
FilterRegistration (javax.servlet.FilterRegistration)1
ServletSecurity (javax.servlet.annotation.ServletSecurity)1
AppConstants (nl.nn.adapterframework.util.AppConstants)1
ServletContainer (org.glassfish.jersey.servlet.ServletContainer)1
JerseyServletContainerInitializer (org.glassfish.jersey.servlet.init.JerseyServletContainerInitializer)1
