core-jgi/org.adempiere.ui.zk/WEB-INF/web.xml

194 lines
5.7 KiB
XML
Raw Normal View History

2007-11-22 18:28:46 +07:00
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0">
<display-name>iDempiere Web Client</display-name>
<context-param>
<param-name>org.eclipse.jetty.servlet.SessionCookie</param-name>
<param-value>WEBUI_SESSIONID</param-value>
</context-param>
IDEMPIERE-5346 : Adding SSO support (#1571) * IDEMPIERE-5346 : Adding SSO support * IDEMPIERE-5346 : Fix as per peer review feedback. Valid user should have password not null removing #SSO_IS_ALREADY_AUTHENTICATE context variable due to security risk Cross site scripting issue on error.htm Making show role panel as system configurable Adding language selection on role panel Adding SSO support on iDempiere monitor and osgi console * IDEMPIERE-5346: Redirect to console using static URL to avoid security vulenarabilit * Committing patch from Carlos pr1571PR * IDEMPIERE-5565: fixing NPE issue on Role change * IDEMPIERE-5346: Appling pr1571PR2 from Carlos * 1. IDEMPIERE-5346: Fix idempiereMonitor goes in a loop of sign-in - Fix NPE when changing role - Fix NPE when a user with single role & sysconfig: SSO_SELECT_ROLE is 'N' * IDEMPIERE-5346 : IDempiere Monitor, use out of box login when SSO is not configured. * IDEMPIERE-5346: Adding Authorization type on User and Tenant window. Created /webui/admin page for login with application credential. * IDEMPIERE-5346: Implementing Hengsi's Code review comments Showing meaning full error when Identity Provider returns error In SSO filter, ignoreing css, zkau, images and resource URL Correcting typo in Principal name. Updated Documentation * IDEMPIERE-5346 : Fixed documentation, typo and pending review comments * IDEMPIERE-5346: Use token & SSO principal service to validate in Login.GetClient * IDEMPIERE-5346: Remove the Domain URL column and refactor the code. * IDEMPIERE-5346: Adding flag ENABLE_SSO_IDEMPIERE_MONITOR and ENABLE_SSO_OSGI_CONSOLE, using cache for SSOService, defaulting Authentication type on client to “Application and SSO” * IDEMPIERE-5346: Fixed issue of User SSO type not respected and support for Zoom URL
2023-09-21 15:43:49 +07:00
<filter>
<display-name>SSO WebUI Filter</display-name>
<filter-name>ssowebuifilter</filter-name>
<filter-class>org.adempiere.webui.sso.filter.SSOWebUIFilter</filter-class>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
<filter-name>ssowebuifilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>AtmosphereServlet</servlet-name>
<servlet-class>org.atmosphere.cpr.AtmosphereServlet</servlet-class>
<init-param>
<param-name>org.atmosphere.cpr.AtmosphereHandler</param-name>
<param-value>fi.jawsy.jawwa.zk.atmosphere.ZkAtmosphereHandler</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.cpr.AtmosphereHandler.contextRoot</param-name>
<param-value>/zkau/comet</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.cpr.broadcasterCacheClass</param-name>
<param-value>org.atmosphere.cache.SessionBroadcasterCache</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.cpr.AtmosphereInterceptor</param-name>
<param-value>org.atmosphere.client.TrackMessageSizeInterceptor</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.websocket.suppressJSR356</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>0</load-on-startup>
<!-- Remove async-supported if you are not using Servlet 3.0 -->
<async-supported>true</async-supported>
</servlet>
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>org.eclipse.jetty.servlet.DefaultServlet</servlet-class>
<init-param>
<param-name>dirAllowed</param-name>
<param-value>false</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>AtmosphereServlet</servlet-name>
<url-pattern>/zkau/comet</url-pattern>
</servlet-mapping>
2007-11-22 18:28:46 +07:00
<!-- /// -->
<!-- DSP -->
<servlet>
<description>
<![CDATA[The servlet loads the DSP pages.]]>
</description>
<servlet-name>dspLoader</servlet-name>
<servlet-class>
org.zkoss.web.servlet.dsp.InterpreterServlet
</servlet-class>
<!-- Specify class-resource, if you want to access TLD defined in jar files -->
<init-param>
<param-name>class-resource</param-name>
<param-value>true</param-value>
</init-param>
2007-11-22 18:28:46 +07:00
</servlet>
<servlet-mapping>
<servlet-name>dspLoader</servlet-name>
<url-pattern>*.dsp</url-pattern>
</servlet-mapping>
<!-- /// -->
<!-- //// -->
<!-- ZK -->
2012-10-18 17:23:46 +07:00
<listener>
<description>
Used to track the session currently used
</description>
<display-name>Update Session</display-name>
<listener-class>
org.adempiere.webui.LoggedSessionListener
</listener-class>
</listener>
2007-11-22 18:28:46 +07:00
<!-- /////////// -->
<!-- Miscellaneous -->
<session-config>
<session-timeout>60</session-timeout>
<cookie-config>
<http-only>true</http-only>
<secure>true</secure>
</cookie-config>
2007-11-22 18:28:46 +07:00
</session-config>
<!-- MIME mapping -->
<mime-mapping>
<extension>doc</extension>
<mime-type>application/vnd.ms-word</mime-type>
</mime-mapping>
<mime-mapping>
<extension>dsp</extension>
<mime-type>text/html</mime-type>
</mime-mapping>
<mime-mapping>
<extension>gif</extension>
<mime-type>image/gif</mime-type>
</mime-mapping>
<mime-mapping>
<extension>htm</extension>
<mime-type>text/html</mime-type>
</mime-mapping>
<mime-mapping>
<extension>html</extension>
<mime-type>text/html</mime-type>
</mime-mapping>
<mime-mapping>
<extension>jnlp</extension>
<mime-type>application/x-java-jnlp-file</mime-type>
</mime-mapping>
<mime-mapping>
<extension>jpeg</extension>
<mime-type>image/jpeg</mime-type>
</mime-mapping>
<mime-mapping>
<extension>jpg</extension>
<mime-type>image/jpeg</mime-type>
</mime-mapping>
<mime-mapping>
<extension>js</extension>
<mime-type>text/javascript</mime-type>
2007-11-22 18:28:46 +07:00
</mime-mapping>
<mime-mapping>
<extension>pdf</extension>
<mime-type>application/pdf</mime-type>
</mime-mapping>
<mime-mapping>
<extension>png</extension>
<mime-type>image/png</mime-type>
</mime-mapping>
<mime-mapping>
<extension>txt</extension>
<mime-type>text/plain</mime-type>
</mime-mapping>
<mime-mapping>
<extension>xls</extension>
<mime-type>application/vnd.ms-excel</mime-type>
</mime-mapping>
<mime-mapping>
<extension>xml</extension>
<mime-type>text/xml</mime-type>
</mime-mapping>
<mime-mapping>
<extension>xul</extension>
<mime-type>application/vnd.mozilla.xul-xml</mime-type>
</mime-mapping>
<mime-mapping>
<extension>zhtml</extension>
<mime-type>text/html</mime-type>
</mime-mapping>
<mime-mapping>
<extension>zip</extension>
<mime-type>application/x-zip</mime-type>
</mime-mapping>
<mime-mapping>
<extension>zul</extension>
<mime-type>text/html</mime-type>
</mime-mapping>
<welcome-file-list>
<welcome-file>index.zul</welcome-file>
</welcome-file-list>
<!-- <security-constraint> -->
<!-- <web-resource-collection> -->
<!-- <web-resource-name>all</web-resource-name> -->
<!-- <url-pattern>/*</url-pattern> -->
<!-- </web-resource-collection> -->
<!-- <user-data-constraint> -->
<!-- <transport-guarantee>CONFIDENTIAL</transport-guarantee> -->
<!-- </user-data-constraint> -->
<!-- </security-constraint> -->
2007-11-22 18:28:46 +07:00
</web-app>