IDEMPIERE-3136:all stuff relate library of idempiere

update jetty to 9.3.10
This commit is contained in:
hieplq 2016-07-08 15:40:24 +07:00
parent 99e4596159
commit 91c52aeded
12 changed files with 1180 additions and 121 deletions

View File

@ -31,12 +31,20 @@
tofile="../jettyhome/etc/jetty.xml" filtering="yes" overwrite="yes"/> tofile="../jettyhome/etc/jetty.xml" filtering="yes" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-ssl-template.xml" <copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-ssl-template.xml"
tofile="../jettyhome/etc/jetty-ssl.xml" filtering="yes" overwrite="yes"/> tofile="../jettyhome/etc/jetty-ssl.xml" filtering="yes" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-selector-template.xml"
tofile="../jettyhome/etc/jetty-selector.xml" filtering="yes" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-deployer.xml" <copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-deployer.xml"
tofile="../jettyhome/etc/jetty-deployer.xml" filtering="no" overwrite="yes"/> tofile="../jettyhome/etc/jetty-deployer.xml" filtering="no" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-https.xml" <copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-https.xml"
tofile="../jettyhome/etc/jetty-https.xml" filtering="no" overwrite="yes"/> tofile="../jettyhome/etc/jetty-https.xml" filtering="no" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-ssl-context-template.xml"
tofile="../jettyhome/etc/jetty-ssl-context.xml" filtering="yes" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-http-template.xml"
tofile="../jettyhome/etc/jetty-http.xml" filtering="yes" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-alpn.xml"
tofile="../jettyhome/etc/jetty-alpn.xml" filtering="no" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-http2.xml"
tofile="../jettyhome/etc/jetty-http2.xml" filtering="no" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-plus.xml"
tofile="../jettyhome/etc/jetty-plus.xml" filtering="no" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/hazelcast-template.xml" <copy file="../org.adempiere.server-feature/hazelcast-template.xml"
tofile="../hazelcast.xml" filtering="yes" overwrite="yes"/> tofile="../hazelcast.xml" filtering="yes" overwrite="yes"/>
</target> </target>

View File

@ -45,6 +45,10 @@
tofile="jettyhome/etc/jetty-ssl.xml" filtering="yes" overwrite="yes"/> tofile="jettyhome/etc/jetty-ssl.xml" filtering="yes" overwrite="yes"/>
<copy file="jettyhome/etc/jetty-selector-template.xml" <copy file="jettyhome/etc/jetty-selector-template.xml"
tofile="jettyhome/etc/jetty-selector.xml" filtering="yes" overwrite="yes"/> tofile="jettyhome/etc/jetty-selector.xml" filtering="yes" overwrite="yes"/>
<copy file="jettyhome/etc/jetty-ssl-context-template.xml"
tofile="jettyhome/etc/jetty-ssl-context.xml" filtering="yes" overwrite="yes"/>
<copy file="jettyhome/etc/jetty-http-template.xml"
tofile="jettyhome/etc/jetty-http.xml" filtering="yes" overwrite="yes"/>
<copy file="hazelcast-template.xml" <copy file="hazelcast-template.xml"
tofile="hazelcast.xml" filtering="yes" overwrite="yes"/> tofile="hazelcast.xml" filtering="yes" overwrite="yes"/>

View File

@ -0,0 +1,31 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<Configure id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
<Call name="addConnectionFactory">
<Arg>
<New class="org.eclipse.jetty.server.SslConnectionFactory">
<Arg name="next">alpn</Arg>
<Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg>
</New>
</Arg>
</Call>
<Call name="addConnectionFactory">
<Arg>
<New id="alpn" class="org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory">
<Arg type="String">
<Property name="jetty.alpn.protocols" deprecated="alpn.protocols" default="" />
</Arg>
<Set name="defaultProtocol">
<Property name="jetty.alpn.defaultProtocol" deprecated="alpn.defaultProtocol" />
</Set>
</New>
</Arg>
</Call>
<!-- ALPN debugging on System.err -->
<Set class="org.eclipse.jetty.alpn.ALPN" name="debug" type="boolean"><Property name="jetty.alpn.debug" default="true" /></Set>
</Configure>

View File

@ -1,23 +1,42 @@
<?xml version="1.0"?> <?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<!-- =============================================================== -->
<!-- Create the deployment manager -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<!-- The deplyment manager handles the lifecycle of deploying web -->
<!-- applications. Apps are provided by instances of the -->
<!-- AppProvider interface. -->
<!-- =============================================================== -->
<Configure id="Server" class="org.eclipse.jetty.server.Server"> <Configure id="Server" class="org.eclipse.jetty.server.Server">
<!-- =========================================================== --> <Call name="addBean">
<!-- Configure the deployment manager --> <Arg>
<!-- =========================================================== --> <New id="DeploymentManager" class="org.eclipse.jetty.deploy.DeploymentManager">
<Call name="addBean"> <Set name="contexts">
<Arg> <Ref refid="Contexts" />
<New id="DeploymentManager" class="org.eclipse.jetty.deploy.DeploymentManager"> </Set>
<Set name="contexts"> <Call name="setContextAttribute">
<Ref refid="Contexts" /> <Arg>org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern</Arg>
</Set> <Arg>.*/[^/]*servlet-api-[^/]*\.jar$|.*/javax.servlet.jsp.jstl-.*\.jar$|.*/org.apache.taglibs.taglibs-standard-impl-.*\.jar$</Arg>
<Call name="setContextAttribute"> </Call>
<Arg>org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern</Arg>
<Arg>.*/jsp-api-[^/]*\.jar$|.*/jsp-[^/]*\.jar$</Arg>
</Call>
</New>
</Arg>
</Call>
<!-- Add a customize step to the deployment lifecycle -->
<!-- uncomment and replace DebugBinding with your extended AppLifeCycle.Binding class
<Call name="insertLifeCycleNode">
<Arg>deployed</Arg>
<Arg>starting</Arg>
<Arg>customise</Arg>
</Call>
<Call name="addLifeCycleBinding">
<Arg>
<New class="org.eclipse.jetty.deploy.bindings.DebugBinding">
<Arg>customise</Arg>
</New>
</Arg>
</Call> -->
</New>
</Arg>
</Call>
</Configure> </Configure>

View File

@ -0,0 +1,51 @@
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<!-- ============================================================= -->
<!-- Configure the Jetty Server instance with an ID "Server" -->
<!-- by adding a HTTP connector. -->
<!-- This configuration must be used in conjunction with jetty.xml -->
<!-- ============================================================= -->
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<!-- =========================================================== -->
<!-- Add a HTTP Connector. -->
<!-- Configure an o.e.j.server.ServerConnector with a single -->
<!-- HttpConnectionFactory instance using the common httpConfig -->
<!-- instance defined in jetty.xml -->
<!-- -->
<!-- Consult the javadoc of o.e.j.server.ServerConnector and -->
<!-- o.e.j.server.HttpConnectionFactory for all configuration -->
<!-- that may be set here. -->
<!-- =========================================================== -->
<Call name="addConnector">
<Arg>
<New id="httpConnector" class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server"><Ref refid="Server" /></Arg>
<Arg name="acceptors" type="int"><Property name="jetty.http.acceptors" deprecated="http.acceptors" default="-1"/></Arg>
<Arg name="selectors" type="int"><Property name="jetty.http.selectors" deprecated="http.selectors" default="-1"/></Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<Item>
<New class="org.eclipse.jetty.server.HttpConnectionFactory">
<Arg name="config"><Ref refid="httpConfig" /></Arg>
</New>
</Item>
<Item>
<New class="org.eclipse.jetty.http2.server.HTTP2CServerConnectionFactory">
<Arg name="config"><Ref refid="httpConfig" /></Arg>
</New>
</Item>
</Array>
</Arg>
<Set name="host"><Property name="jetty.http.host" deprecated="jetty.host" default="@ADEMPIERE_APPS_SERVER@"/></Set>
<Set name="port"><Property name="jetty.http.port" deprecated="jetty.port" default="@ADEMPIERE_WEB_PORT@" /></Set>
<Set name="idleTimeout"><Property name="jetty.http.idleTimeout" deprecated="http.timeout" default="123000"/></Set>
<Set name="soLingerTime"><Property name="jetty.http.soLingerTime" deprecated="http.soLingerTime" default="-1"/></Set>
<Set name="acceptorPriorityDelta"><Property name="jetty.http.acceptorPriorityDelta" deprecated="http.acceptorPriorityDelta" default="0"/></Set>
<Set name="acceptQueueSize"><Property name="jetty.http.acceptQueueSize" deprecated="http.acceptQueueSize" default="0"/></Set>
</New>
</Arg>
</Call>
</Configure>

View File

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<!-- ============================================================= -->
<!-- Configure a HTTP2 on the ssl connector. -->
<!-- ============================================================= -->
<Configure id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
<Call name="addConnectionFactory">
<Arg>
<New class="org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory">
<Arg name="config"><Ref refid="sslHttpConfig"/></Arg>
<Set name="maxConcurrentStreams"><Property name="jetty.http2.maxConcurrentStreams" deprecated="http2.maxConcurrentStreams" default="1024"/></Set>
<Set name="initialStreamSendWindow"><Property name="jetty.http2.initialStreamSendWindow" default="65535"/></Set>
</New>
</Arg>
</Call>
<Ref refid="sslContextFactory">
<Set name="CipherComparator">
<Get class="org.eclipse.jetty.http2.HTTP2Cipher" name="COMPARATOR"/>
</Set>
<Set name="useCipherSuitesOrder">true</Set>
</Ref>
<!-- remove http/1.1 from first list and push in end list -->
<Call name="removeConnectionFactory">
<Arg name="config">http/1.1</Arg>
</Call>
<Call name="addConnectionFactory">
<Arg>
<New class="org.eclipse.jetty.server.HttpConnectionFactory">
<Arg name="config"><Ref refid="sslHttpConfig" /></Arg>
</New>
</Arg>
</Call>
</Configure>

View File

@ -1,5 +1,5 @@
<?xml version="1.0"?> <?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<!-- ============================================================= --> <!-- ============================================================= -->
<!-- Configure a HTTPS connector. --> <!-- Configure a HTTPS connector. -->
@ -8,7 +8,7 @@
<!-- ============================================================= --> <!-- ============================================================= -->
<Configure id="sslConnector" class="org.eclipse.jetty.server.ServerConnector"> <Configure id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
<Call name="addConnectionFactory"> <Call name="addIfAbsentConnectionFactory">
<Arg> <Arg>
<New class="org.eclipse.jetty.server.SslConnectionFactory"> <New class="org.eclipse.jetty.server.SslConnectionFactory">
<Arg name="next">http/1.1</Arg> <Arg name="next">http/1.1</Arg>
@ -24,5 +24,4 @@
</New> </New>
</Arg> </Arg>
</Call> </Call>
</Configure> </Configure>

View File

@ -0,0 +1,25 @@
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<!-- =============================================================== -->
<!-- Configure extended support for webapps -->
<!-- =============================================================== -->
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<!-- =========================================================== -->
<!-- Add plus Configuring classes to all webapps for this Server -->
<!-- =========================================================== -->
<Call class="org.eclipse.jetty.webapp.Configuration$ClassList" name="setServerDefault">
<Arg><Ref refid="Server" /></Arg>
<Call name="addAfter">
<Arg name="afterClass">org.eclipse.jetty.webapp.FragmentConfiguration</Arg>
<Arg>
<Array type="String">
<Item>org.eclipse.jetty.plus.webapp.EnvConfiguration</Item>
<Item>org.eclipse.jetty.plus.webapp.PlusConfiguration</Item>
</Array>
</Arg>
</Call>
</Call>
</Configure>

View File

@ -0,0 +1,310 @@
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<!-- ============================================================= -->
<!-- SSL ContextFactory configuration -->
<!-- ============================================================= -->
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.keyStorePath" deprecated="jetty.keystore" default="etc/keystore"/></Set>
<Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" deprecated="jetty.keystore.password" default="@ADEMPIERE_KEYSTOREPASS@"/></Set>
<Set name="KeyStoreType"><Property name="jetty.sslContext.keyStoreType" default="JKS"/></Set>
<Set name="KeyStoreProvider"><Property name="jetty.sslContext.keyStoreProvider"/></Set>
<Set name="KeyManagerPassword"><Property name="jetty.sslContext.keyManagerPassword" deprecated="jetty.keymanager.password" default="@ADEMPIERE_KEYSTOREPASS@"/></Set>
<Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.trustStorePath" deprecated="jetty.truststore" default="etc/keystore"/></Set>
<Set name="TrustStorePassword"><Property name="jetty.sslContext.trustStorePassword" deprecated="jetty.truststore.password"/></Set>
<Set name="TrustStoreType"><Property name="jetty.sslContext.trustStoreType"/></Set>
<Set name="TrustStoreProvider"><Property name="jetty.sslContext.trustStoreProvider"/></Set>
<Set name="EndpointIdentificationAlgorithm"></Set>
<Set name="NeedClientAuth"><Property name="jetty.sslContext.needClientAuth" deprecated="jetty.ssl.needClientAuth" default="false"/></Set>
<Set name="WantClientAuth"><Property name="jetty.sslContext.wantClientAuth" deprecated="jetty.ssl.wantClientAuth" default="false"/></Set>
<Set name="renegotiationAllowed">FALSE</Set>
<Set name="ExcludeCipherSuites">
<Array type="String">
<Item>TLS_NULL_WITH_NULL_NULL</Item>
<Item>TLS_RSA_WITH_NULL_MD5</Item>
<Item>TLS_RSA_WITH_NULL_SHA</Item>
<Item>TLS_RSA_EXPORT_WITH_RC4_40_MD5</Item>
<Item>TLS_RSA_WITH_RC4_128_MD5</Item>
<Item>TLS_RSA_WITH_RC4_128_SHA</Item>
<Item>TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5</Item>
<Item>TLS_RSA_WITH_IDEA_CBC_SHA</Item>
<Item>TLS_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>TLS_RSA_WITH_DES_CBC_SHA</Item>
<Item>TLS_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>TLS_DH_DSS_WITH_DES_CBC_SHA</Item>
<Item>TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>TLS_DH_RSA_WITH_DES_CBC_SHA</Item>
<Item>TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>TLS_DHE_DSS_WITH_DES_CBC_SHA</Item>
<Item>TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>TLS_DHE_RSA_WITH_DES_CBC_SHA</Item>
<Item>TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_DH_anon_EXPORT_WITH_RC4_40_MD5</Item>
<Item>TLS_DH_anon_WITH_RC4_128_MD5</Item>
<Item>TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>TLS_DH_anon_WITH_DES_CBC_SHA</Item>
<Item>TLS_DH_anon_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_KRB5_WITH_DES_CBC_SHA</Item>
<Item>TLS_KRB5_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_KRB5_WITH_RC4_128_SHA</Item>
<Item>TLS_KRB5_WITH_IDEA_CBC_SHA</Item>
<Item>TLS_KRB5_WITH_DES_CBC_MD5</Item>
<Item>TLS_KRB5_WITH_3DES_EDE_CBC_MD5</Item>
<Item>TLS_KRB5_WITH_RC4_128_MD5</Item>
<Item>TLS_KRB5_WITH_IDEA_CBC_MD5</Item>
<Item>TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA</Item>
<Item>TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA</Item>
<Item>TLS_KRB5_EXPORT_WITH_RC4_40_SHA</Item>
<Item>TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5</Item>
<Item>TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5</Item>
<Item>TLS_KRB5_EXPORT_WITH_RC4_40_MD5</Item>
<Item>TLS_PSK_WITH_NULL_SHA</Item>
<Item>TLS_DHE_PSK_WITH_NULL_SHA</Item>
<Item>TLS_RSA_PSK_WITH_NULL_SHA</Item>
<Item>TLS_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_DH_DSS_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_DH_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_DH_anon_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_RSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_DH_DSS_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_DH_RSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_DH_anon_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_RSA_WITH_NULL_SHA256</Item>
<Item>TLS_RSA_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_RSA_WITH_AES_256_CBC_SHA256</Item>
<Item>TLS_DH_DSS_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_DH_RSA_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_DHE_DSS_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_RSA_WITH_CAMELLIA_128_CBC_SHA</Item>
<Item>TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA</Item>
<Item>TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA</Item>
<Item>TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA</Item>
<Item>TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA</Item>
<Item>TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA</Item>
<Item>TLS_DHE_RSA_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_DH_DSS_WITH_AES_256_CBC_SHA256</Item>
<Item>TLS_DH_RSA_WITH_AES_256_CBC_SHA256</Item>
<Item>TLS_DHE_DSS_WITH_AES_256_CBC_SHA256</Item>
<Item>TLS_DHE_RSA_WITH_AES_256_CBC_SHA256</Item>
<Item>TLS_DH_anon_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_DH_anon_WITH_AES_256_CBC_SHA256</Item>
<Item>TLS_RSA_WITH_CAMELLIA_256_CBC_SHA</Item>
<Item>TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA</Item>
<Item>TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA</Item>
<Item>TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA</Item>
<Item>TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA</Item>
<Item>TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA</Item>
<Item>TLS_PSK_WITH_RC4_128_SHA</Item>
<Item>TLS_PSK_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_PSK_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_PSK_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_DHE_PSK_WITH_RC4_128_SHA</Item>
<Item>TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_DHE_PSK_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_DHE_PSK_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_RSA_PSK_WITH_RC4_128_SHA</Item>
<Item>TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_RSA_PSK_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_RSA_PSK_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_RSA_WITH_SEED_CBC_SHA</Item>
<Item>TLS_DH_DSS_WITH_SEED_CBC_SHA</Item>
<Item>TLS_DH_RSA_WITH_SEED_CBC_SHA</Item>
<Item>TLS_DHE_DSS_WITH_SEED_CBC_SHA</Item>
<Item>TLS_DHE_RSA_WITH_SEED_CBC_SHA</Item>
<Item>TLS_DH_anon_WITH_SEED_CBC_SHA</Item>
<Item>TLS_RSA_WITH_AES_128_GCM_SHA256</Item>
<Item>TLS_RSA_WITH_AES_256_GCM_SHA384</Item>
<Item>TLS_DH_RSA_WITH_AES_128_GCM_SHA256</Item>
<Item>TLS_DH_RSA_WITH_AES_256_GCM_SHA384</Item>
<Item>TLS_DH_DSS_WITH_AES_128_GCM_SHA256</Item>
<Item>TLS_DH_DSS_WITH_AES_256_GCM_SHA384</Item>
<Item>TLS_DH_anon_WITH_AES_128_GCM_SHA256</Item>
<Item>TLS_DH_anon_WITH_AES_256_GCM_SHA384</Item>
<Item>TLS_PSK_WITH_AES_128_GCM_SHA256</Item>
<Item>TLS_PSK_WITH_AES_256_GCM_SHA384</Item>
<Item>TLS_RSA_PSK_WITH_AES_128_GCM_SHA256</Item>
<Item>TLS_RSA_PSK_WITH_AES_256_GCM_SHA384</Item>
<Item>TLS_PSK_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_PSK_WITH_AES_256_CBC_SHA384</Item>
<Item>TLS_PSK_WITH_NULL_SHA256</Item>
<Item>TLS_PSK_WITH_NULL_SHA384</Item>
<Item>TLS_DHE_PSK_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_DHE_PSK_WITH_AES_256_CBC_SHA384</Item>
<Item>TLS_DHE_PSK_WITH_NULL_SHA256</Item>
<Item>TLS_DHE_PSK_WITH_NULL_SHA384</Item>
<Item>TLS_RSA_PSK_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_RSA_PSK_WITH_AES_256_CBC_SHA384</Item>
<Item>TLS_RSA_PSK_WITH_NULL_SHA256</Item>
<Item>TLS_RSA_PSK_WITH_NULL_SHA384</Item>
<Item>TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256</Item>
<Item>TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256</Item>
<Item>TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256</Item>
<Item>TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256</Item>
<Item>TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256</Item>
<Item>TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256</Item>
<Item>TLS_EMPTY_RENEGOTIATION_INFO_SCSV</Item>
<Item>TLS_ECDH_ECDSA_WITH_NULL_SHA</Item>
<Item>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</Item>
<Item>TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_ECDHE_ECDSA_WITH_NULL_SHA</Item>
<Item>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</Item>
<Item>TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_ECDH_RSA_WITH_NULL_SHA</Item>
<Item>TLS_ECDH_RSA_WITH_RC4_128_SHA</Item>
<Item>TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_ECDHE_RSA_WITH_NULL_SHA</Item>
<Item>TLS_ECDHE_RSA_WITH_RC4_128_SHA</Item>
<Item>TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_ECDH_anon_WITH_NULL_SHA</Item>
<Item>TLS_ECDH_anon_WITH_RC4_128_SHA</Item>
<Item>TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_ECDH_anon_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_ECDH_anon_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_SRP_SHA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_SRP_SHA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</Item>
<Item>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384</Item>
<Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</Item>
<Item>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384</Item>
<Item>TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256</Item>
<Item>TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384</Item>
<Item>TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256</Item>
<Item>TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384</Item>
<Item>TLS_ECDHE_PSK_WITH_RC4_128_SHA</Item>
<Item>TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA</Item>
<Item>TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384</Item>
<Item>TLS_ECDHE_PSK_WITH_NULL_SHA</Item>
<Item>TLS_ECDHE_PSK_WITH_NULL_SHA256</Item>
<Item>TLS_ECDHE_PSK_WITH_NULL_SHA384</Item>
<Item>TLS_RSA_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_RSA_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_DH_anon_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_DH_anon_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_RSA_WITH_ARIA_128_GCM_SHA256</Item>
<Item>TLS_RSA_WITH_ARIA_256_GCM_SHA384</Item>
<Item>TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256</Item>
<Item>TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384</Item>
<Item>TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256</Item>
<Item>TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384</Item>
<Item>TLS_DH_anon_WITH_ARIA_128_GCM_SHA256</Item>
<Item>TLS_DH_anon_WITH_ARIA_256_GCM_SHA384</Item>
<Item>TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256</Item>
<Item>TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384</Item>
<Item>TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256</Item>
<Item>TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384</Item>
<Item>TLS_PSK_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_PSK_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_PSK_WITH_ARIA_128_GCM_SHA256</Item>
<Item>TLS_PSK_WITH_ARIA_256_GCM_SHA384</Item>
<Item>TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256</Item>
<Item>TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384</Item>
<Item>TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256</Item>
<Item>TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384</Item>
<Item>TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384</Item>
<Item>TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384</Item>
<Item>TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384</Item>
<Item>TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384</Item>
<Item>TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256</Item>
<Item>TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384</Item>
<Item>TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256</Item>
<Item>TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384</Item>
<Item>TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256</Item>
<Item>TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384</Item>
<Item>TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256</Item>
<Item>TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384</Item>
<Item>TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256</Item>
<Item>TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384</Item>
<Item>TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256</Item>
<Item>TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384</Item>
<Item>TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256</Item>
<Item>TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384</Item>
<Item>TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256</Item>
<Item>TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384</Item>
<Item>TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384</Item>
<Item>TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384</Item>
<Item>TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384</Item>
<Item>TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256</Item>
<Item>TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384</Item>
<Item>TLS_RSA_WITH_AES_128_CCM</Item>
<Item>TLS_RSA_WITH_AES_256_CCM</Item>
<Item>TLS_RSA_WITH_AES_128_CCM_8</Item>
<Item>TLS_RSA_WITH_AES_256_CCM_8</Item>
<Item>TLS_PSK_WITH_AES_128_CCM</Item>
<Item>TLS_PSK_WITH_AES_256_CCM</Item>
<Item>TLS_PSK_WITH_AES_128_CCM_8</Item>
<Item>TLS_PSK_WITH_AES_256_CCM_8</Item>
</Array>
</Set>
<Set name="ExcludeProtocols">
<Array type="java.lang.String">
<Item>SSL</Item>
<Item>SSLv2</Item>
<Item>SSLv2Hello</Item>
<Item>SSLv3</Item>
</Array>
</Set>
<Set name="useCipherSuitesOrder"><Property name="jetty.sslContext.useCipherSuitesOrder" default="true"/></Set>
</Configure>

View File

@ -1,10 +1,10 @@
<?xml version="1.0"?> <?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<!-- ============================================================= --> <!-- ============================================================= -->
<!-- Base SSL configuration --> <!-- Base SSL configuration -->
<!-- This configuration needs to be used together with 1 or more --> <!-- This configuration needs to be used together with 1 or more -->
<!-- of jetty-https.xml, jetty-spdy.xml and/or jetty-http2.xml --> <!-- of jetty-https.xml or jetty-http2.xml -->
<!-- ============================================================= --> <!-- ============================================================= -->
<Configure id="Server" class="org.eclipse.jetty.server.Server"> <Configure id="Server" class="org.eclipse.jetty.server.Server">
@ -15,49 +15,27 @@
<Arg> <Arg>
<New id="sslConnector" class="org.eclipse.jetty.server.ServerConnector"> <New id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server"><Ref refid="Server" /></Arg> <Arg name="server"><Ref refid="Server" /></Arg>
<Arg name="acceptors" type="int"><Property name="ssl.acceptors" default="-1"/></Arg> <Arg name="acceptors" type="int"><Property name="jetty.ssl.acceptors" deprecated="ssl.acceptors" default="-1"/></Arg>
<Arg name="selectors" type="int"><Property name="ssl.selectors" default="-1"/></Arg> <Arg name="selectors" type="int"><Property name="jetty.ssl.selectors" deprecated="ssl.selectors" default="-1"/></Arg>
<Arg name="factories"> <Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory"> <Array type="org.eclipse.jetty.server.ConnectionFactory">
<!-- uncomment to support proxy protocol
<Item>
<New class="org.eclipse.jetty.server.ProxyConnectionFactory"/>
</Item>-->
</Array> </Array>
</Arg> </Arg>
<Set name="host"><Property name="jetty.host" default="@ADEMPIERE_APPS_SERVER@" /></Set> <Set name="host"><Property name="jetty.ssl.host" deprecated="jetty.host" default="@ADEMPIERE_APPS_SERVER@" /></Set>
<Set name="port"><Property name="ssl.port" default="@ADEMPIERE_SSL_PORT@" /></Set> <Set name="port"><Property name="jetty.ssl.port" deprecated="ssl.port" default="@ADEMPIERE_SSL_PORT@" /></Set>
<Set name="idleTimeout"><Property name="ssl.timeout" default="300000"/></Set> <Set name="idleTimeout"><Property name="jetty.ssl.idleTimeout" deprecated="ssl.timeout" default="123000"/></Set>
<Set name="soLingerTime"><Property name="ssl.soLingerTime" default="-1"/></Set> <Set name="soLingerTime"><Property name="jetty.ssl.soLingerTime" deprecated="ssl.soLingerTime" default="-1"/></Set>
<Set name="acceptorPriorityDelta"><Property name="ssl.acceptorPriorityDelta" default="0"/></Set> <Set name="acceptorPriorityDelta"><Property name="jetty.ssl.acceptorPriorityDelta" deprecated="ssl.acceptorPriorityDelta" default="0"/></Set>
<Set name="selectorPriorityDelta"><Property name="ssl.selectorPriorityDelta" default="0"/></Set> <Set name="acceptQueueSize"><Property name="jetty.ssl.acceptQueueSize" deprecated="ssl.acceptQueueSize" default="0"/></Set>
</New> </New>
</Arg> </Arg>
</Call> </Call>
<!-- ============================================================= -->
<!-- Create a TLS (SSL) Context Factory for later reuse -->
<!-- ============================================================= -->
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<Set name="CertAlias">@ADEMPIERE_KEYSTORECODEALIAS@</Set>
<Set name="KeyStorePath">@ADEMPIERE_KEYSTORE@</Set>
<Set name="KeyStorePassword"><Property name="jetty.keystore.password" default="@ADEMPIERE_KEYSTOREPASS@"/></Set>
<Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="@ADEMPIERE_KEYSTOREPASS@"/></Set>
<Set name="TrustStorePath">@ADEMPIERE_KEYSTORE@</Set>
<Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="@ADEMPIERE_KEYSTOREPASS@"/></Set>
<Set name="EndpointIdentificationAlgorithm"></Set>
<Set name="NeedClientAuth"><Property name="jetty.ssl.needClientAuth" default="false"/></Set>
<Set name="WantClientAuth"><Property name="jetty.ssl.wantClientAuth" default="false"/></Set>
<Set name="ExcludeCipherSuites">
<Array type="String">
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
</Array>
</Set>
</New>
<!-- =========================================================== --> <!-- =========================================================== -->
<!-- Create a TLS specific HttpConfiguration based on the --> <!-- Create a TLS specific HttpConfiguration based on the -->
<!-- common HttpConfiguration defined in jetty.xml --> <!-- common HttpConfiguration defined in jetty.xml -->
@ -67,7 +45,11 @@
<New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Arg><Ref refid="httpConfig"/></Arg> <Arg><Ref refid="httpConfig"/></Arg>
<Call name="addCustomizer"> <Call name="addCustomizer">
<Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg> <Arg>
<New class="org.eclipse.jetty.server.SecureRequestCustomizer">
<Arg type="boolean"><Property name="jetty.ssl.sniHostCheck" default="true"/></Arg>
</New>
</Arg>
</Call> </Call>
</New> </New>

View File

@ -1,27 +1,111 @@
<?xml version="1.0"?> <?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<!-- =============================================================== --> <!-- =============================================================== -->
<!-- Configure the Jetty Server -->
<!-- -->
<!-- Documentation of this file format can be found at: --> <!-- Documentation of this file format can be found at: -->
<!-- http://wiki.eclipse.org/Jetty/Reference/jetty.xml_syntax --> <!-- http://wiki.eclipse.org/Jetty/Reference/jetty.xml_syntax -->
<!-- -->
<!-- Additional configuration files are available in $JETTY_HOME/etc -->
<!-- and can be mixed in. See start.ini file for the default -->
<!-- configuration files. -->
<!-- -->
<!-- For a description of the configuration mechanism, see the -->
<!-- output of: -->
<!-- java -jar start.jar -? -->
<!-- =============================================================== --> <!-- =============================================================== -->
<!-- =============================================================== -->
<!-- Configure a Jetty Server instance with an ID "Server" -->
<!-- Other configuration files may also configure the "Server" -->
<!-- ID, in which case they are adding configuration to the same -->
<!-- instance. If other configuration have a different ID, they -->
<!-- will create and configure another instance of Jetty. -->
<!-- Consult the javadoc of o.e.j.server.Server for all -->
<!-- configuration that may be set here. -->
<!-- =============================================================== -->
<Configure id="Server" class="org.eclipse.jetty.server.Server"> <Configure id="Server" class="org.eclipse.jetty.server.Server">
<!-- =========================================================== --> <!-- =========================================================== -->
<!-- Server Thread Pool --> <!-- Configure the Server Thread Pool. -->
<!-- The server holds a common thread pool which is used by -->
<!-- default as the executor used by all connectors and servlet -->
<!-- dispatches. -->
<!-- -->
<!-- Configuring a fixed thread pool is vital to controlling the -->
<!-- maximal memory footprint of the server and is a key tuning -->
<!-- parameter for tuning. In an application that rarely blocks -->
<!-- then maximal threads may be close to the number of 5*CPUs. -->
<!-- In an application that frequently blocks, then maximal -->
<!-- threads should be set as high as possible given the memory -->
<!-- available. -->
<!-- -->
<!-- Consult the javadoc of o.e.j.util.thread.QueuedThreadPool -->
<!-- for all configuration that may be set here. -->
<!-- =========================================================== --> <!-- =========================================================== -->
<!-- uncomment to change type of threadpool
<Arg name="threadpool"><New id="threadpool" class="org.eclipse.jetty.util.thread.QueuedThreadPool"/></Arg>
-->
<Get name="ThreadPool"> <Get name="ThreadPool">
<Set name="minThreads">10</Set> <Set name="minThreads" type="int"><Property name="jetty.threadPool.minThreads" deprecated="threads.min" default="10"/></Set>
<Set name="maxThreads">200</Set> <Set name="maxThreads" type="int"><Property name="jetty.threadPool.maxThreads" deprecated="threads.max" default="200"/></Set>
<Set name="idleTimeout" type="int"><Property name="jetty.threadPool.idleTimeout" deprecated="threads.timeout" default="60000"/></Set>
<Set name="detailedDump">false</Set>
</Get> </Get>
<!-- =========================================================== -->
<!-- Add shared Scheduler instance -->
<!-- =========================================================== -->
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.util.thread.ScheduledExecutorScheduler"/>
</Arg>
</Call>
<!-- =========================================================== --> <!-- =========================================================== -->
<!-- Set handler Collection Structure --> <!-- Http Configuration. -->
<!-- This is a common configuration instance used by all -->
<!-- connectors that can carry HTTP semantics (HTTP, HTTPS, etc.)-->
<!-- It configures the non wire protocol aspects of the HTTP -->
<!-- semantic. -->
<!-- -->
<!-- This configuration is only defined here and is used by -->
<!-- reference from other XML files such as jetty-http.xml, -->
<!-- jetty-https.xml and other configuration files which -->
<!-- instantiate the connectors. -->
<!-- -->
<!-- Consult the javadoc of o.e.j.server.HttpConfiguration -->
<!-- for all configuration that may be set here. -->
<!-- =========================================================== -->
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Set name="secureScheme"><Property name="jetty.httpConfig.secureScheme" default="https" /></Set>
<Set name="securePort"><Property name="jetty.httpConfig.securePort" deprecated="jetty.secure.port" default="@ADEMPIERE_SSL_PORT@" /></Set>
<Set name="outputBufferSize"><Property name="jetty.httpConfig.outputBufferSize" deprecated="jetty.output.buffer.size" default="32768" /></Set>
<Set name="outputAggregationSize"><Property name="jetty.httpConfig.outputAggregationSize" deprecated="jetty.output.aggregation.size" default="8192" /></Set>
<Set name="requestHeaderSize"><Property name="jetty.httpConfig.requestHeaderSize" deprecated="jetty.request.header.size" default="8192" /></Set>
<Set name="responseHeaderSize"><Property name="jetty.httpConfig.responseHeaderSize" deprecated="jetty.response.header.size" default="8192" /></Set>
<Set name="sendServerVersion"><Property name="jetty.httpConfig.sendServerVersion" deprecated="jetty.send.server.version" default="true" /></Set>
<Set name="sendDateHeader"><Property name="jetty.httpConfig.sendDateHeader" deprecated="jetty.send.date.header" default="false" /></Set>
<Set name="headerCacheSize"><Property name="jetty.httpConfig.headerCacheSize" default="512" /></Set>
<Set name="delayDispatchUntilContent"><Property name="jetty.httpConfig.delayDispatchUntilContent" deprecated="jetty.delayDispatchUntilContent" default="true"/></Set>
<Set name="maxErrorDispatches"><Property name="jetty.httpConfig.maxErrorDispatches" default="10"/></Set>
<Set name="blockingTimeout"><Property name="jetty.httpConfig.blockingTimeout" default="-1"/></Set>
<!-- Uncomment to enable handling of X-Forwarded- style headers
<Call name="addCustomizer">
<Arg><New class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/></Arg>
</Call>
-->
</New>
<!-- =========================================================== -->
<!-- Set the default handler structure for the Server -->
<!-- A handler collection is used to pass received requests to -->
<!-- both the ContextHandlerCollection, which selects the next -->
<!-- handler by context path and virtual host, and the -->
<!-- DefaultHandler, which handles any requests not handled by -->
<!-- the context handlers. -->
<!-- Other handlers may be added to the "Handlers" collection, -->
<!-- for example the jetty-requestlog.xml file adds the -->
<!-- RequestLogHandler after the default handler -->
<!-- =========================================================== --> <!-- =========================================================== -->
<Set name="handler"> <Set name="handler">
<New id="Handlers" class="org.eclipse.jetty.server.handler.HandlerCollection"> <New id="Handlers" class="org.eclipse.jetty.server.handler.HandlerCollection">
@ -33,51 +117,36 @@
<Item> <Item>
<New id="DefaultHandler" class="org.eclipse.jetty.server.handler.DefaultHandler"/> <New id="DefaultHandler" class="org.eclipse.jetty.server.handler.DefaultHandler"/>
</Item> </Item>
<Item>
<New id="RequestLog" class="org.eclipse.jetty.server.handler.RequestLogHandler"/>
</Item>
</Array> </Array>
</Set> </Set>
</New> </New>
</Set> </Set>
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Set name="secureScheme">https</Set>
<Set name="securePort"><Property name="jetty.secure.port" default="@ADEMPIERE_SSL_PORT@" /></Set>
<Set name="outputBufferSize">32768</Set>
<Set name="requestHeaderSize">8192</Set>
<Set name="responseHeaderSize">8192</Set>
<Set name="sendServerVersion">true</Set>
<Set name="sendDateHeader">false</Set>
<Set name="headerCacheSize">512</Set>
</New>
<!-- =========================================================== --> <!-- =========================================================== -->
<!-- extra options --> <!-- extra server options -->
<!-- =========================================================== --> <!-- =========================================================== -->
<Set name="stopAtShutdown">true</Set> <Set name="stopAtShutdown"><Property name="jetty.server.stopAtShutdown" default="true"/></Set>
<Set name="stopTimeout">1000</Set> <Set name="stopTimeout">5000</Set>
<Set name="dumpAfterStart">false</Set> <Set name="dumpAfterStart"><Property name="jetty.server.dumpAfterStart" deprecated="jetty.dump.start" default="false"/></Set>
<Set name="dumpBeforeStop">false</Set> <Set name="dumpBeforeStop"><Property name="jetty.server.dumpBeforeStop" deprecated="jetty.dump.stop" default="false"/></Set>
<Call name="setAttribute">
<!-- =========================================================== --> <Arg>org.eclipse.jetty.webapp.configuration</Arg>
<!-- jetty-jndi by default --> <Arg>
<!-- =========================================================== --> <New class="org.eclipse.jetty.webapp.Configuration$ClassList">
<Call class="org.eclipse.jetty.webapp.Configuration$ClassList" name="setServerDefault"> <Arg>
<Arg><Ref refid="Server" /></Arg> <Array type="String">
<Call name="addAfter"> <Item>org.eclipse.jetty.osgi.boot.OSGiWebInfConfiguration</Item>
<Arg name="afterClass">org.eclipse.jetty.webapp.FragmentConfiguration</Arg> <Item>org.eclipse.jetty.webapp.WebXmlConfiguration</Item>
<Arg> <Item>org.eclipse.jetty.webapp.MetaInfConfiguration</Item>
<Array type="String"> <Item>org.eclipse.jetty.webapp.FragmentConfiguration</Item>
<Item>org.eclipse.jetty.plus.webapp.EnvConfiguration</Item> <Item>org.eclipse.jetty.webapp.JettyWebXmlConfiguration</Item>
<Item>org.eclipse.jetty.plus.webapp.PlusConfiguration</Item> </Array>
<Item>org.eclipse.jetty.annotations.AnnotationConfiguration</Item> </Arg>
</Array> </New>
</Arg> </Arg>
</Call>
</Call> </Call>
<Call class="java.lang.System" name="setProperty"> <Call class="java.lang.System" name="setProperty">
<Arg>java.naming.factory.initial</Arg> <Arg>java.naming.factory.initial</Arg>
<Arg><Property name="java.naming.factory.initial" default="org.eclipse.jetty.jndi.InitialContextFactory"/></Arg> <Arg><Property name="java.naming.factory.initial" default="org.eclipse.jetty.jndi.InitialContextFactory"/></Arg>
@ -86,15 +155,4 @@
<Arg>java.naming.factory.url.pkgs</Arg> <Arg>java.naming.factory.url.pkgs</Arg>
<Arg><Property name="java.naming.factory.url.pkgs" default="org.eclipse.jetty.jndi"/></Arg> <Arg><Property name="java.naming.factory.url.pkgs" default="org.eclipse.jetty.jndi"/></Arg>
</Call> </Call>
<Call name="setAttribute">
<Arg>org.eclipse.jetty.server.Request.maxFormContentSize</Arg>
<Arg>1048576</Arg>
</Call>
<!-- Call class="org.eclipse.jetty.util.log.Log" name="getRootLogger">
<Call name="setDebugEnabled">
<Arg type="boolean">true</Arg>
</Call>
</Call -->
</Configure> </Configure>

View File

@ -0,0 +1,533 @@
<?xml version="1.0" encoding="UTF-8"?>
<web-app
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
metadata-complete="false"
version="3.1">
<!-- ===================================================================== -->
<!-- This file contains the default descriptor for web applications. -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<!-- The intent of this descriptor is to include jetty specific or common -->
<!-- configuration for all webapps. If a context has a webdefault.xml -->
<!-- descriptor, it is applied before the context's own web.xml file -->
<!-- -->
<!-- A context may be assigned a default descriptor by calling -->
<!-- WebAppContext.setDefaultsDescriptor(String). -->
<!-- -->
<!-- This file is present in the jetty-webapp.jar, and is used as the -->
<!-- defaults descriptor if no other is explicitly set on a context. -->
<!-- -->
<!-- A copy of this file is also placed into the $JETTY_HOME/etc dir of -->
<!-- the distribution, and is referenced by some of the other xml files, -->
<!-- eg the jetty-deploy.xml file. -->
<!-- ===================================================================== -->
<description>
Default web.xml file.
This file is applied to a Web application before it's own WEB_INF/web.xml file
</description>
<!-- ==================================================================== -->
<!-- Removes static references to beans from javax.el.BeanELResolver to -->
<!-- ensure webapp classloader can be released on undeploy -->
<!-- ==================================================================== -->
<listener>
<listener-class>org.eclipse.jetty.servlet.listener.ELContextCleaner</listener-class>
</listener>
<!-- ==================================================================== -->
<!-- Removes static cache of Methods from java.beans.Introspector to -->
<!-- ensure webapp classloader can be released on undeploy -->
<!-- ==================================================================== -->
<listener>
<listener-class>org.eclipse.jetty.servlet.listener.IntrospectorCleaner</listener-class>
</listener>
<!-- ==================================================================== -->
<!-- Context params to control Session Cookies -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<!--
UNCOMMENT TO ACTIVATE
<context-param>
<param-name>org.eclipse.jetty.servlet.SessionDomain</param-name>
<param-value>127.0.0.1</param-value>
</context-param>
<context-param>
<param-name>org.eclipse.jetty.servlet.SessionPath</param-name>
<param-value>/</param-value>
</context-param>
<context-param>
<param-name>org.eclipse.jetty.servlet.MaxAge</param-name>
<param-value>-1</param-value>
</context-param>
-->
<!-- ==================================================================== -->
<!-- The default servlet. -->
<!-- This servlet, normally mapped to /, provides the handling for static -->
<!-- content, OPTIONS and TRACE methods for the context. -->
<!-- The following initParameters are supported: -->
<!--
* acceptRanges If true, range requests and responses are
* supported
*
* dirAllowed If true, directory listings are returned if no
* welcome file is found. Else 403 Forbidden.
*
* welcomeServlets If true, attempt to dispatch to welcome files
* that are servlets, but only after no matching static
* resources could be found. If false, then a welcome
* file must exist on disk. If "exact", then exact
* servlet matches are supported without an existing file.
* Default is true.
*
* This must be false if you want directory listings,
* but have index.jsp in your welcome file list.
*
* redirectWelcome If true, welcome files are redirected rather than
* forwarded to.
*
* gzip If set to true, then static content will be served as
* gzip content encoded if a matching resource is
* found ending with ".gz"
*
* resourceBase Set to replace the context resource base
*
* resourceCache If set, this is a context attribute name, which the servlet
* will use to look for a shared ResourceCache instance.
*
* relativeResourceBase
* Set with a pathname relative to the base of the
* servlet context root. Useful for only serving static content out
* of only specific subdirectories.
*
* pathInfoOnly If true, only the path info will be applied to the resourceBase
*
* stylesheet Set with the location of an optional stylesheet that will be used
* to decorate the directory listing html.
*
* aliases If True, aliases of resources are allowed (eg. symbolic
* links and caps variations). May bypass security constraints.
*
* etags If True, weak etags will be generated and handled.
*
* maxCacheSize The maximum total size of the cache or 0 for no cache.
* maxCachedFileSize The maximum size of a file to cache
* maxCachedFiles The maximum number of files to cache
*
* useFileMappedBuffer
* If set to true, it will use mapped file buffers to serve static content
* when using an NIO connector. Setting this value to false means that
* a direct buffer will be used instead of a mapped file buffer.
* This file sets the value to true.
*
* cacheControl If set, all static content will have this value set as the cache-control
* header.
*
-->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>org.eclipse.jetty.servlet.DefaultServlet</servlet-class>
<init-param>
<param-name>aliases</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>acceptRanges</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>dirAllowed</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>welcomeServlets</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>redirectWelcome</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>maxCacheSize</param-name>
<param-value>256000000</param-value>
</init-param>
<init-param>
<param-name>maxCachedFileSize</param-name>
<param-value>200000000</param-value>
</init-param>
<init-param>
<param-name>maxCachedFiles</param-name>
<param-value>2048</param-value>
</init-param>
<init-param>
<param-name>gzip</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>etags</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>useFileMappedBuffer</param-name>
<param-value>true</param-value>
</init-param>
<!--
<init-param>
<param-name>resourceCache</param-name>
<param-value>resourceCache</param-value>
</init-param>
-->
<!--
<init-param>
<param-name>cacheControl</param-name>
<param-value>max-age=3600,public</param-value>
</init-param>
-->
<load-on-startup>0</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- ==================================================================== -->
<!-- JSP Servlet -->
<!-- This is the jasper JSP servlet. -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<!-- The JSP page compiler and execution servlet, which is the mechanism -->
<!-- used by the jsp container to support JSP pages. Traditionally, -->
<!-- this servlet is mapped to URL pattern "*.jsp". This servlet -->
<!-- supports the following initialization parameters (default values -->
<!-- are in square brackets): -->
<!-- -->
<!-- checkInterval If development is false and reloading is true, -->
<!-- background compiles are enabled. checkInterval -->
<!-- is the time in seconds between checks to see -->
<!-- if a JSP page needs to be recompiled. [300] -->
<!-- -->
<!-- compiler Which compiler Ant should use to compile JSP -->
<!-- pages. See the Ant documentation for more -->
<!-- information. [javac] -->
<!-- -->
<!-- classdebuginfo Should the class file be compiled with -->
<!-- debugging information? [true] -->
<!-- -->
<!-- classpath What class path should I use while compiling -->
<!-- generated servlets? [Created dynamically -->
<!-- based on the current web application] -->
<!-- Set to ? to make the container explicitly set -->
<!-- this parameter. -->
<!-- -->
<!-- development Is Jasper used in development mode (will check -->
<!-- for JSP modification on every access)? [true] -->
<!-- -->
<!-- enablePooling Determines whether tag handler pooling is -->
<!-- enabled [true] -->
<!-- -->
<!-- fork Tell Ant to fork compiles of JSP pages so that -->
<!-- a separate JVM is used for JSP page compiles -->
<!-- from the one Tomcat is running in. [true] -->
<!-- -->
<!-- ieClassId The class-id value to be sent to Internet -->
<!-- Explorer when using <jsp:plugin> tags. -->
<!-- [clsid:8AD9C840-044E-11D1-B3E9-00805F499D93] -->
<!-- -->
<!-- javaEncoding Java file encoding to use for generating java -->
<!-- source files. [UTF-8] -->
<!-- -->
<!-- keepgenerated Should we keep the generated Java source code -->
<!-- for each page instead of deleting it? [true] -->
<!-- -->
<!-- logVerbosityLevel The level of detailed messages to be produced -->
<!-- by this servlet. Increasing levels cause the -->
<!-- generation of more messages. Valid values are -->
<!-- FATAL, ERROR, WARNING, INFORMATION, and DEBUG. -->
<!-- [WARNING] -->
<!-- -->
<!-- mappedfile Should we generate static content with one -->
<!-- print statement per input line, to ease -->
<!-- debugging? [false] -->
<!-- -->
<!-- -->
<!-- reloading Should Jasper check for modified JSPs? [true] -->
<!-- -->
<!-- suppressSmap Should the generation of SMAP info for JSR45 -->
<!-- debugging be suppressed? [false] -->
<!-- -->
<!-- dumpSmap Should the SMAP info for JSR45 debugging be -->
<!-- dumped to a file? [false] -->
<!-- False if suppressSmap is true -->
<!-- -->
<!-- scratchdir What scratch directory should we use when -->
<!-- compiling JSP pages? [default work directory -->
<!-- for the current web application] -->
<!-- -->
<!-- tagpoolMaxSize The maximum tag handler pool size [5] -->
<!-- -->
<!-- xpoweredBy Determines whether X-Powered-By response -->
<!-- header is added by generated servlet [false] -->
<!-- -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<servlet id="jsp">
<servlet-name>jsp</servlet-name>
<servlet-class>org.eclipse.jetty.jsp.JettyJspServlet</servlet-class>
<init-param>
<param-name>logVerbosityLevel</param-name>
<param-value>DEBUG</param-value>
</init-param>
<init-param>
<param-name>fork</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>xpoweredBy</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>compilerTargetVM</param-name>
<param-value>1.7</param-value>
</init-param>
<init-param>
<param-name>compilerSourceVM</param-name>
<param-value>1.7</param-value>
</init-param>
<!--
<init-param>
<param-name>classpath</param-name>
<param-value>?</param-value>
</init-param>
-->
<load-on-startup>0</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>jsp</servlet-name>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.jspf</url-pattern>
<url-pattern>*.jspx</url-pattern>
<url-pattern>*.xsp</url-pattern>
<url-pattern>*.JSP</url-pattern>
<url-pattern>*.JSPF</url-pattern>
<url-pattern>*.JSPX</url-pattern>
<url-pattern>*.XSP</url-pattern>
</servlet-mapping>
<!-- ==================================================================== -->
<!-- Default session configuration -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<!-- ==================================================================== -->
<!-- Default MIME mappings -->
<!-- The default MIME mappings are provided by the mime.properties -->
<!-- resource in the jetty-http.jar file. Additional or modified -->
<!-- mappings may be specified here -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<!-- UNCOMMENT TO ACTIVATE
<mime-mapping>
<extension>mysuffix</extension>
<mime-type>mymime/type</mime-type>
</mime-mapping>
-->
<!-- ==================================================================== -->
<!-- Default welcome files -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<!-- ==================================================================== -->
<!-- Default locale encodings -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<locale-encoding-mapping-list>
<locale-encoding-mapping>
<locale>ar</locale>
<encoding>ISO-8859-6</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>be</locale>
<encoding>ISO-8859-5</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>bg</locale>
<encoding>ISO-8859-5</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>ca</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>cs</locale>
<encoding>ISO-8859-2</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>da</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>de</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>el</locale>
<encoding>ISO-8859-7</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>en</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>es</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>et</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>fi</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>fr</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>hr</locale>
<encoding>ISO-8859-2</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>hu</locale>
<encoding>ISO-8859-2</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>is</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>it</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>iw</locale>
<encoding>ISO-8859-8</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>ja</locale>
<encoding>Shift_JIS</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>ko</locale>
<encoding>EUC-KR</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>lt</locale>
<encoding>ISO-8859-2</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>lv</locale>
<encoding>ISO-8859-2</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>mk</locale>
<encoding>ISO-8859-5</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>nl</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>no</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>pl</locale>
<encoding>ISO-8859-2</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>pt</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>ro</locale>
<encoding>ISO-8859-2</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>ru</locale>
<encoding>ISO-8859-5</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>sh</locale>
<encoding>ISO-8859-5</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>sk</locale>
<encoding>ISO-8859-2</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>sl</locale>
<encoding>ISO-8859-2</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>sq</locale>
<encoding>ISO-8859-2</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>sr</locale>
<encoding>ISO-8859-5</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>sv</locale>
<encoding>ISO-8859-1</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>tr</locale>
<encoding>ISO-8859-9</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>uk</locale>
<encoding>ISO-8859-5</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>zh</locale>
<encoding>GB2312</encoding>
</locale-encoding-mapping>
<locale-encoding-mapping>
<locale>zh_TW</locale>
<encoding>Big5</encoding>
</locale-encoding-mapping>
</locale-encoding-mapping-list>
<!-- ==================================================================== -->
<!-- Disable TRACE method with security constraint -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Disable TRACE</web-resource-name>
<url-pattern>/</url-pattern>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint/>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Enable everything but TRACE</web-resource-name>
<url-pattern>/</url-pattern>
<http-method-omission>TRACE</http-method-omission>
</web-resource-collection>
</security-constraint>
</web-app>