Example 1 with SecurityRoleRef
use of org.apache.tomcat.util.descriptor.web.SecurityRoleRef in project tomcat by apache.
the class ContextConfig method configureContext.
private void configureContext(WebXml webxml) {
// As far as possible, process in alphabetical order so it is easy to
// check everything is present
// Some validation depends on correct public ID
context.setPublicId(webxml.getPublicId());
// Everything else in order
context.setEffectiveMajorVersion(webxml.getMajorVersion());
context.setEffectiveMinorVersion(webxml.getMinorVersion());
for (Entry<String, String> entry : webxml.getContextParams().entrySet()) {
context.addParameter(entry.getKey(), entry.getValue());
}
context.setDenyUncoveredHttpMethods(webxml.getDenyUncoveredHttpMethods());
context.setDisplayName(webxml.getDisplayName());
context.setDistributable(webxml.isDistributable());
for (ContextLocalEjb ejbLocalRef : webxml.getEjbLocalRefs().values()) {
context.getNamingResources().addLocalEjb(ejbLocalRef);
}
for (ContextEjb ejbRef : webxml.getEjbRefs().values()) {
context.getNamingResources().addEjb(ejbRef);
}
for (ContextEnvironment environment : webxml.getEnvEntries().values()) {
context.getNamingResources().addEnvironment(environment);
}
for (ErrorPage errorPage : webxml.getErrorPages().values()) {
context.addErrorPage(errorPage);
}
for (FilterDef filter : webxml.getFilters().values()) {
if (filter.getAsyncSupported() == null) {
filter.setAsyncSupported("false");
}
context.addFilterDef(filter);
}
for (FilterMap filterMap : webxml.getFilterMappings()) {
context.addFilterMap(filterMap);
}
context.setJspConfigDescriptor(webxml.getJspConfigDescriptor());
for (String listener : webxml.getListeners()) {
context.addApplicationListener(listener);
}
for (Entry<String, String> entry : webxml.getLocaleEncodingMappings().entrySet()) {
context.addLocaleEncodingMappingParameter(entry.getKey(), entry.getValue());
}
// Prevents IAE
if (webxml.getLoginConfig() != null) {
context.setLoginConfig(webxml.getLoginConfig());
}
for (MessageDestinationRef mdr : webxml.getMessageDestinationRefs().values()) {
context.getNamingResources().addMessageDestinationRef(mdr);
}
// messageDestinations were ignored in Tomcat 6, so ignore here
context.setIgnoreAnnotations(webxml.isMetadataComplete());
for (Entry<String, String> entry : webxml.getMimeMappings().entrySet()) {
context.addMimeMapping(entry.getKey(), entry.getValue());
}
context.setRequestCharacterEncoding(webxml.getRequestEncoding());
// Name is just used for ordering
for (ContextResourceEnvRef resource : webxml.getResourceEnvRefs().values()) {
context.getNamingResources().addResourceEnvRef(resource);
}
for (ContextResource resource : webxml.getResourceRefs().values()) {
context.getNamingResources().addResource(resource);
}
context.setResponseCharacterEncoding(webxml.getResponseEncoding());
boolean allAuthenticatedUsersIsAppRole = webxml.getSecurityRoles().contains(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS);
for (SecurityConstraint constraint : webxml.getSecurityConstraints()) {
if (allAuthenticatedUsersIsAppRole) {
constraint.treatAllAuthenticatedUsersAsApplicationRole();
}
context.addConstraint(constraint);
}
for (String role : webxml.getSecurityRoles()) {
context.addSecurityRole(role);
}
for (ContextService service : webxml.getServiceRefs().values()) {
context.getNamingResources().addService(service);
}
for (ServletDef servlet : webxml.getServlets().values()) {
Wrapper wrapper = context.createWrapper();
if (servlet.getLoadOnStartup() != null) {
wrapper.setLoadOnStartup(servlet.getLoadOnStartup().intValue());
}
if (servlet.getEnabled() != null) {
wrapper.setEnabled(servlet.getEnabled().booleanValue());
}
wrapper.setName(servlet.getServletName());
Map<String, String> params = servlet.getParameterMap();
for (Entry<String, String> entry : params.entrySet()) {
wrapper.addInitParameter(entry.getKey(), entry.getValue());
}
wrapper.setRunAs(servlet.getRunAs());
Set<SecurityRoleRef> roleRefs = servlet.getSecurityRoleRefs();
for (SecurityRoleRef roleRef : roleRefs) {
wrapper.addSecurityReference(roleRef.getName(), roleRef.getLink());
}
wrapper.setServletClass(servlet.getServletClass());
MultipartDef multipartdef = servlet.getMultipartDef();
if (multipartdef != null) {
if (multipartdef.getMaxFileSize() != null && multipartdef.getMaxRequestSize() != null && multipartdef.getFileSizeThreshold() != null) {
wrapper.setMultipartConfigElement(new MultipartConfigElement(multipartdef.getLocation(), Long.parseLong(multipartdef.getMaxFileSize()), Long.parseLong(multipartdef.getMaxRequestSize()), Integer.parseInt(multipartdef.getFileSizeThreshold())));
} else {
wrapper.setMultipartConfigElement(new MultipartConfigElement(multipartdef.getLocation()));
}
}
if (servlet.getAsyncSupported() != null) {
wrapper.setAsyncSupported(servlet.getAsyncSupported().booleanValue());
}
wrapper.setOverridable(servlet.isOverridable());
context.addChild(wrapper);
}
for (Entry<String, String> entry : webxml.getServletMappings().entrySet()) {
context.addServletMappingDecoded(entry.getKey(), entry.getValue());
}
SessionConfig sessionConfig = webxml.getSessionConfig();
if (sessionConfig != null) {
if (sessionConfig.getSessionTimeout() != null) {
context.setSessionTimeout(sessionConfig.getSessionTimeout().intValue());
}
SessionCookieConfig scc = context.getServletContext().getSessionCookieConfig();
scc.setName(sessionConfig.getCookieName());
scc.setDomain(sessionConfig.getCookieDomain());
scc.setPath(sessionConfig.getCookiePath());
scc.setComment(sessionConfig.getCookieComment());
if (sessionConfig.getCookieHttpOnly() != null) {
scc.setHttpOnly(sessionConfig.getCookieHttpOnly().booleanValue());
}
if (sessionConfig.getCookieSecure() != null) {
scc.setSecure(sessionConfig.getCookieSecure().booleanValue());
}
if (sessionConfig.getCookieMaxAge() != null) {
scc.setMaxAge(sessionConfig.getCookieMaxAge().intValue());
}
if (sessionConfig.getSessionTrackingModes().size() > 0) {
context.getServletContext().setSessionTrackingModes(sessionConfig.getSessionTrackingModes());
}
}
for (String welcomeFile : webxml.getWelcomeFiles()) {
/*
* The following will result in a welcome file of "" so don't add
* that to the context
* <welcome-file-list>
* <welcome-file/>
* </welcome-file-list>
*/
if (welcomeFile != null && welcomeFile.length() > 0) {
context.addWelcomeFile(welcomeFile);
}
}
// Do this last as it depends on servlets
for (JspPropertyGroup jspPropertyGroup : webxml.getJspPropertyGroups()) {
String jspServletName = context.findServletMapping("*.jsp");
if (jspServletName == null) {
jspServletName = "jsp";
}
if (context.findChild(jspServletName) != null) {
for (String urlPattern : jspPropertyGroup.getUrlPatterns()) {
context.addServletMappingDecoded(urlPattern, jspServletName, true);
}
} else {
if (log.isDebugEnabled()) {
for (String urlPattern : jspPropertyGroup.getUrlPatterns()) {
log.debug("Skipping " + urlPattern + " , no servlet " + jspServletName);
}
}
}
}
for (Entry<String, String> entry : webxml.getPostConstructMethods().entrySet()) {
context.addPostConstructMethod(entry.getKey(), entry.getValue());
}
for (Entry<String, String> entry : webxml.getPreDestroyMethods().entrySet()) {
context.addPreDestroyMethod(entry.getKey(), entry.getValue());
}
}
Also used :
ContextEnvironment(org.apache.tomcat.util.descriptor.web.ContextEnvironment)
Wrapper(org.apache.catalina.Wrapper)
ContextService(org.apache.tomcat.util.descriptor.web.ContextService)
ErrorPage(org.apache.tomcat.util.descriptor.web.ErrorPage)
FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef)
ServletDef(org.apache.tomcat.util.descriptor.web.ServletDef)
SessionConfig(org.apache.tomcat.util.descriptor.web.SessionConfig)
SecurityRoleRef(org.apache.tomcat.util.descriptor.web.SecurityRoleRef)
ContextEjb(org.apache.tomcat.util.descriptor.web.ContextEjb)
FilterMap(org.apache.tomcat.util.descriptor.web.FilterMap)
SecurityConstraint(org.apache.tomcat.util.descriptor.web.SecurityConstraint)
ContextResource(org.apache.tomcat.util.descriptor.web.ContextResource)
JspPropertyGroup(org.apache.tomcat.util.descriptor.web.JspPropertyGroup)
MessageDestinationRef(org.apache.tomcat.util.descriptor.web.MessageDestinationRef)
MultipartConfigElement(javax.servlet.MultipartConfigElement)
ContextLocalEjb(org.apache.tomcat.util.descriptor.web.ContextLocalEjb)
MultipartDef(org.apache.tomcat.util.descriptor.web.MultipartDef)
SessionCookieConfig(javax.servlet.SessionCookieConfig)
ContextResourceEnvRef(org.apache.tomcat.util.descriptor.web.ContextResourceEnvRef)
Aggregations
MultipartConfigElement (javax.servlet.MultipartConfigElement)1
SessionCookieConfig (javax.servlet.SessionCookieConfig)1
Wrapper (org.apache.catalina.Wrapper)1
ContextEjb (org.apache.tomcat.util.descriptor.web.ContextEjb)1
ContextEnvironment (org.apache.tomcat.util.descriptor.web.ContextEnvironment)1
ContextLocalEjb (org.apache.tomcat.util.descriptor.web.ContextLocalEjb)1
ContextResource (org.apache.tomcat.util.descriptor.web.ContextResource)1
ContextResourceEnvRef (org.apache.tomcat.util.descriptor.web.ContextResourceEnvRef)1
ContextService (org.apache.tomcat.util.descriptor.web.ContextService)1
ErrorPage (org.apache.tomcat.util.descriptor.web.ErrorPage)1
FilterDef (org.apache.tomcat.util.descriptor.web.FilterDef)1
FilterMap (org.apache.tomcat.util.descriptor.web.FilterMap)1
JspPropertyGroup (org.apache.tomcat.util.descriptor.web.JspPropertyGroup)1
MessageDestinationRef (org.apache.tomcat.util.descriptor.web.MessageDestinationRef)1
MultipartDef (org.apache.tomcat.util.descriptor.web.MultipartDef)1
SecurityConstraint (org.apache.tomcat.util.descriptor.web.SecurityConstraint)1
SecurityRoleRef (org.apache.tomcat.util.descriptor.web.SecurityRoleRef)1
ServletDef (org.apache.tomcat.util.descriptor.web.ServletDef)1
SessionConfig (org.apache.tomcat.util.descriptor.web.SessionConfig)1
