use of org.apache.wicket.markup.html.SecurePackageResourceGuard in project wicket by apache.
the class VelocityTemplateApplication method init.
/**
* @see org.apache.wicket.protocol.http.WebApplication#init()
*/
@Override
protected void init() {
getDebugSettings().setDevelopmentUtilitiesEnabled(true);
IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
if (packageResourceGuard instanceof SecurePackageResourceGuard) {
SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
// allow velocity macros resources
guard.addPattern("+*.vm");
}
// initialize velocity
try {
Velocity.init();
} catch (Exception e) {
throw new WicketRuntimeException(e);
}
}
use of org.apache.wicket.markup.html.SecurePackageResourceGuard in project oc-explorer by devgateway.
the class FormsWebApplication method init.
/**
* <ul>
* <li>making the wicket components injectable by activating the
* SpringComponentInjector</li>
* <li>mounting the test page</li>
* <li>logging spring service method output to showcase working integration
* </li>
* </ul>
*/
@Override
protected void init() {
super.init();
// add allowed woff2 extension
IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
if (packageResourceGuard instanceof SecurePackageResourceGuard) {
SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
guard.addPattern("+*.woff2");
guard.addPattern("+*.xlsx");
}
// this ensures that spring DI works for wicket components and pages
// see @SpringBean annotation
getComponentInstantiationListeners().add(new SpringComponentInjector(this, applicationContext));
// this will scan packages for pages with @MountPath annotations and automatically create URLs for them
new AnnotatedMountScanner().scanPackage(BASE_PACKAGE_FOR_PAGES).mount(this);
getApplicationSettings().setUploadProgressUpdatesEnabled(true);
getApplicationSettings().setAccessDeniedPage(Homepage.class);
// deactivate ajax debug mode
// getDebugSettings().setAjaxDebugModeEnabled(false);
configureBootstrap();
configureSummernote();
optimizeForWebPerformance();
// http://.../wicket/internal/debug/diskDataStore
if (usesDevelopmentConfig()) {
DebugDiskDataStore.register(this);
}
SessionFinderHolder.setSessionFinder(sessionFinderService);
}
use of org.apache.wicket.markup.html.SecurePackageResourceGuard in project midpoint by Evolveum.
the class MidPointApplication method init.
@Override
public void init() {
super.init();
getCspSettings().blocking().disabled();
getJavaScriptLibrarySettings().setJQueryReference(new PackageResourceReference(MidPointApplication.class, // todo no jquery.js is found
"../../../../../webjars/AdminLTE/2.4.18/bower_components/jquery/dist/jquery.min.js"));
getComponentInstantiationListeners().add(new SpringComponentInjector(this, applicationContext, true));
systemConfigurationChangeDispatcher.registerListener(new DeploymentInformationChangeListener(this));
SystemConfigurationType config = getSystemConfigurationIfAvailable();
if (config != null) {
deploymentInfo = config.getDeploymentInformation();
}
ResourceSettings resourceSettings = getResourceSettings();
resourceSettings.setParentFolderPlaceholder("$-$");
resourceSettings.setHeaderItemComparator(new PriorityFirstComparator(true));
SecurePackageResourceGuard guard = (SecurePackageResourceGuard) resourceSettings.getPackageResourceGuard();
guard.addPattern("+*.woff2");
List<IStringResourceLoader> resourceLoaders = resourceSettings.getStringResourceLoaders();
resourceLoaders.add(0, new MidPointStringResourceLoader(localizationService));
IResourceStreamLocator locator = new CachingResourceStreamLocator(new MidPointResourceStreamLocator(resourceSettings.getResourceFinders()));
resourceSettings.setResourceStreamLocator(locator);
resourceSettings.setThrowExceptionOnMissingResource(false);
getMarkupSettings().setStripWicketTags(true);
getMarkupSettings().setStripComments(true);
if (RuntimeConfigurationType.DEVELOPMENT.equals(getConfigurationType())) {
getDebugSettings().setAjaxDebugModeEnabled(true);
getDebugSettings().setDevelopmentUtilitiesEnabled(true);
initializeDevelopmentSerializers();
mount(new MountedMapper("/inspector", InspectorPage.class, new PageParametersEncoder()));
mount(new MountedMapper("/liveSession", LiveSessionsPage.class, new PageParametersEncoder()));
mount(new MountedMapper("/pageStore", PageStorePage.class, new PageParametersEncoder()));
}
// pretty url for resources (e.g. images)
mountFiles(ImgResources.BASE_PATH, ImgResources.class);
// exception handling an error pages
ApplicationSettings appSettings = getApplicationSettings();
appSettings.setAccessDeniedPage(PageError401.class);
appSettings.setInternalErrorPage(PageError.class);
appSettings.setPageExpiredErrorPage(PageError.class);
mount(new MountedMapper(MOUNT_INTERNAL_SERVER_ERROR, PageError.class, new PageParametersEncoder()));
mount(new MountedMapper(MOUNT_UNAUTHORIZED_ERROR, PageError401.class, new PageParametersEncoder()));
mount(new MountedMapper(MOUNT_FORBIDEN_ERROR, PageError403.class, new PageParametersEncoder()));
mount(new MountedMapper(MOUNT_NOT_FOUND_ERROR, PageError404.class, new PageParametersEncoder()));
mount(new MountedMapper(MOUNT_GONE_ERROR, PageError410.class, new PageParametersEncoder()));
getRequestCycleListeners().add(new LoggingRequestCycleListener(this));
getAjaxRequestTargetListeners().add(new AjaxRequestTarget.IListener() {
@Override
public void updateAjaxAttributes(AbstractDefaultAjaxBehavior behavior, AjaxRequestAttributes attributes) {
// check whether behavior will use POST method, if not then don't put CSRF token there
if (!isPostMethodTypeBehavior(behavior, attributes)) {
return;
}
CsrfToken csrfToken = SecurityUtils.getCsrfToken();
if (csrfToken == null) {
return;
}
String parameterName = csrfToken.getParameterName();
String value = csrfToken.getToken();
attributes.getExtraParameters().put(parameterName, value);
}
});
getSessionListeners().add((ISessionListener) asyncWebProcessManager);
// descriptor loader, used for customization
new PageMounter().loadData(this);
descriptorLoader.loadData();
if (applicationContext != null) {
Map<String, MidPointApplicationConfiguration> map = applicationContext.getBeansOfType(MidPointApplicationConfiguration.class);
if (map != null) {
map.forEach((key, value) -> value.init(this));
}
}
// for schrodinger selenide library
initializeSchrodinger();
ServletContext servletContext = getServletContext();
if (servletContext != null) {
taskManager.setWebContextPath(servletContext.getContextPath());
}
}
Aggregations