Search in sources :

Example 1 with SecurityRoleRef

use of org.apache.tomcat.util.descriptor.web.SecurityRoleRef in project tomcat by apache.

the class ContextConfig method configureContext.

private void configureContext(WebXml webxml) {
    // As far as possible, process in alphabetical order so it is easy to
    // check everything is present
    // Some validation depends on correct public ID
    context.setPublicId(webxml.getPublicId());
    // Everything else in order
    context.setEffectiveMajorVersion(webxml.getMajorVersion());
    context.setEffectiveMinorVersion(webxml.getMinorVersion());
    for (Entry<String, String> entry : webxml.getContextParams().entrySet()) {
        context.addParameter(entry.getKey(), entry.getValue());
    }
    context.setDenyUncoveredHttpMethods(webxml.getDenyUncoveredHttpMethods());
    context.setDisplayName(webxml.getDisplayName());
    context.setDistributable(webxml.isDistributable());
    for (ContextLocalEjb ejbLocalRef : webxml.getEjbLocalRefs().values()) {
        context.getNamingResources().addLocalEjb(ejbLocalRef);
    }
    for (ContextEjb ejbRef : webxml.getEjbRefs().values()) {
        context.getNamingResources().addEjb(ejbRef);
    }
    for (ContextEnvironment environment : webxml.getEnvEntries().values()) {
        context.getNamingResources().addEnvironment(environment);
    }
    for (ErrorPage errorPage : webxml.getErrorPages().values()) {
        context.addErrorPage(errorPage);
    }
    for (FilterDef filter : webxml.getFilters().values()) {
        if (filter.getAsyncSupported() == null) {
            filter.setAsyncSupported("false");
        }
        context.addFilterDef(filter);
    }
    for (FilterMap filterMap : webxml.getFilterMappings()) {
        context.addFilterMap(filterMap);
    }
    context.setJspConfigDescriptor(webxml.getJspConfigDescriptor());
    for (String listener : webxml.getListeners()) {
        context.addApplicationListener(listener);
    }
    for (Entry<String, String> entry : webxml.getLocaleEncodingMappings().entrySet()) {
        context.addLocaleEncodingMappingParameter(entry.getKey(), entry.getValue());
    }
    // Prevents IAE
    if (webxml.getLoginConfig() != null) {
        context.setLoginConfig(webxml.getLoginConfig());
    }
    for (MessageDestinationRef mdr : webxml.getMessageDestinationRefs().values()) {
        context.getNamingResources().addMessageDestinationRef(mdr);
    }
    // messageDestinations were ignored in Tomcat 6, so ignore here
    context.setIgnoreAnnotations(webxml.isMetadataComplete());
    for (Entry<String, String> entry : webxml.getMimeMappings().entrySet()) {
        context.addMimeMapping(entry.getKey(), entry.getValue());
    }
    context.setRequestCharacterEncoding(webxml.getRequestEncoding());
    // Name is just used for ordering
    for (ContextResourceEnvRef resource : webxml.getResourceEnvRefs().values()) {
        context.getNamingResources().addResourceEnvRef(resource);
    }
    for (ContextResource resource : webxml.getResourceRefs().values()) {
        context.getNamingResources().addResource(resource);
    }
    context.setResponseCharacterEncoding(webxml.getResponseEncoding());
    boolean allAuthenticatedUsersIsAppRole = webxml.getSecurityRoles().contains(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS);
    for (SecurityConstraint constraint : webxml.getSecurityConstraints()) {
        if (allAuthenticatedUsersIsAppRole) {
            constraint.treatAllAuthenticatedUsersAsApplicationRole();
        }
        context.addConstraint(constraint);
    }
    for (String role : webxml.getSecurityRoles()) {
        context.addSecurityRole(role);
    }
    for (ContextService service : webxml.getServiceRefs().values()) {
        context.getNamingResources().addService(service);
    }
    for (ServletDef servlet : webxml.getServlets().values()) {
        Wrapper wrapper = context.createWrapper();
        if (servlet.getLoadOnStartup() != null) {
            wrapper.setLoadOnStartup(servlet.getLoadOnStartup().intValue());
        }
        if (servlet.getEnabled() != null) {
            wrapper.setEnabled(servlet.getEnabled().booleanValue());
        }
        wrapper.setName(servlet.getServletName());
        Map<String, String> params = servlet.getParameterMap();
        for (Entry<String, String> entry : params.entrySet()) {
            wrapper.addInitParameter(entry.getKey(), entry.getValue());
        }
        wrapper.setRunAs(servlet.getRunAs());
        Set<SecurityRoleRef> roleRefs = servlet.getSecurityRoleRefs();
        for (SecurityRoleRef roleRef : roleRefs) {
            wrapper.addSecurityReference(roleRef.getName(), roleRef.getLink());
        }
        wrapper.setServletClass(servlet.getServletClass());
        MultipartDef multipartdef = servlet.getMultipartDef();
        if (multipartdef != null) {
            if (multipartdef.getMaxFileSize() != null && multipartdef.getMaxRequestSize() != null && multipartdef.getFileSizeThreshold() != null) {
                wrapper.setMultipartConfigElement(new MultipartConfigElement(multipartdef.getLocation(), Long.parseLong(multipartdef.getMaxFileSize()), Long.parseLong(multipartdef.getMaxRequestSize()), Integer.parseInt(multipartdef.getFileSizeThreshold())));
            } else {
                wrapper.setMultipartConfigElement(new MultipartConfigElement(multipartdef.getLocation()));
            }
        }
        if (servlet.getAsyncSupported() != null) {
            wrapper.setAsyncSupported(servlet.getAsyncSupported().booleanValue());
        }
        wrapper.setOverridable(servlet.isOverridable());
        context.addChild(wrapper);
    }
    for (Entry<String, String> entry : webxml.getServletMappings().entrySet()) {
        context.addServletMappingDecoded(entry.getKey(), entry.getValue());
    }
    SessionConfig sessionConfig = webxml.getSessionConfig();
    if (sessionConfig != null) {
        if (sessionConfig.getSessionTimeout() != null) {
            context.setSessionTimeout(sessionConfig.getSessionTimeout().intValue());
        }
        SessionCookieConfig scc = context.getServletContext().getSessionCookieConfig();
        scc.setName(sessionConfig.getCookieName());
        scc.setDomain(sessionConfig.getCookieDomain());
        scc.setPath(sessionConfig.getCookiePath());
        scc.setComment(sessionConfig.getCookieComment());
        if (sessionConfig.getCookieHttpOnly() != null) {
            scc.setHttpOnly(sessionConfig.getCookieHttpOnly().booleanValue());
        }
        if (sessionConfig.getCookieSecure() != null) {
            scc.setSecure(sessionConfig.getCookieSecure().booleanValue());
        }
        if (sessionConfig.getCookieMaxAge() != null) {
            scc.setMaxAge(sessionConfig.getCookieMaxAge().intValue());
        }
        if (sessionConfig.getSessionTrackingModes().size() > 0) {
            context.getServletContext().setSessionTrackingModes(sessionConfig.getSessionTrackingModes());
        }
    }
    for (String welcomeFile : webxml.getWelcomeFiles()) {
        /*
             * The following will result in a welcome file of "" so don't add
             * that to the context
             * <welcome-file-list>
             *   <welcome-file/>
             * </welcome-file-list>
             */
        if (welcomeFile != null && welcomeFile.length() > 0) {
            context.addWelcomeFile(welcomeFile);
        }
    }
    // Do this last as it depends on servlets
    for (JspPropertyGroup jspPropertyGroup : webxml.getJspPropertyGroups()) {
        String jspServletName = context.findServletMapping("*.jsp");
        if (jspServletName == null) {
            jspServletName = "jsp";
        }
        if (context.findChild(jspServletName) != null) {
            for (String urlPattern : jspPropertyGroup.getUrlPatterns()) {
                context.addServletMappingDecoded(urlPattern, jspServletName, true);
            }
        } else {
            if (log.isDebugEnabled()) {
                for (String urlPattern : jspPropertyGroup.getUrlPatterns()) {
                    log.debug("Skipping " + urlPattern + " , no servlet " + jspServletName);
                }
            }
        }
    }
    for (Entry<String, String> entry : webxml.getPostConstructMethods().entrySet()) {
        context.addPostConstructMethod(entry.getKey(), entry.getValue());
    }
    for (Entry<String, String> entry : webxml.getPreDestroyMethods().entrySet()) {
        context.addPreDestroyMethod(entry.getKey(), entry.getValue());
    }
}
Also used : ContextEnvironment(org.apache.tomcat.util.descriptor.web.ContextEnvironment) Wrapper(org.apache.catalina.Wrapper) ContextService(org.apache.tomcat.util.descriptor.web.ContextService) ErrorPage(org.apache.tomcat.util.descriptor.web.ErrorPage) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) ServletDef(org.apache.tomcat.util.descriptor.web.ServletDef) SessionConfig(org.apache.tomcat.util.descriptor.web.SessionConfig) SecurityRoleRef(org.apache.tomcat.util.descriptor.web.SecurityRoleRef) ContextEjb(org.apache.tomcat.util.descriptor.web.ContextEjb) FilterMap(org.apache.tomcat.util.descriptor.web.FilterMap) SecurityConstraint(org.apache.tomcat.util.descriptor.web.SecurityConstraint) ContextResource(org.apache.tomcat.util.descriptor.web.ContextResource) JspPropertyGroup(org.apache.tomcat.util.descriptor.web.JspPropertyGroup) MessageDestinationRef(org.apache.tomcat.util.descriptor.web.MessageDestinationRef) MultipartConfigElement(javax.servlet.MultipartConfigElement) ContextLocalEjb(org.apache.tomcat.util.descriptor.web.ContextLocalEjb) MultipartDef(org.apache.tomcat.util.descriptor.web.MultipartDef) SessionCookieConfig(javax.servlet.SessionCookieConfig) ContextResourceEnvRef(org.apache.tomcat.util.descriptor.web.ContextResourceEnvRef)

Aggregations

MultipartConfigElement (javax.servlet.MultipartConfigElement)1 SessionCookieConfig (javax.servlet.SessionCookieConfig)1 Wrapper (org.apache.catalina.Wrapper)1 ContextEjb (org.apache.tomcat.util.descriptor.web.ContextEjb)1 ContextEnvironment (org.apache.tomcat.util.descriptor.web.ContextEnvironment)1 ContextLocalEjb (org.apache.tomcat.util.descriptor.web.ContextLocalEjb)1 ContextResource (org.apache.tomcat.util.descriptor.web.ContextResource)1 ContextResourceEnvRef (org.apache.tomcat.util.descriptor.web.ContextResourceEnvRef)1 ContextService (org.apache.tomcat.util.descriptor.web.ContextService)1 ErrorPage (org.apache.tomcat.util.descriptor.web.ErrorPage)1 FilterDef (org.apache.tomcat.util.descriptor.web.FilterDef)1 FilterMap (org.apache.tomcat.util.descriptor.web.FilterMap)1 JspPropertyGroup (org.apache.tomcat.util.descriptor.web.JspPropertyGroup)1 MessageDestinationRef (org.apache.tomcat.util.descriptor.web.MessageDestinationRef)1 MultipartDef (org.apache.tomcat.util.descriptor.web.MultipartDef)1 SecurityConstraint (org.apache.tomcat.util.descriptor.web.SecurityConstraint)1 SecurityRoleRef (org.apache.tomcat.util.descriptor.web.SecurityRoleRef)1 ServletDef (org.apache.tomcat.util.descriptor.web.ServletDef)1 SessionConfig (org.apache.tomcat.util.descriptor.web.SessionConfig)1