svn commit: r1761304 [1/2] - in /ofbiz/trunk: applications/accounting/webapp
Locked
svn commit: r1761304 [1/2] - in /ofbiz/trunk: applications/accounting/webapp
 
|
Author: jacopoc
Date: Sun Sep 18 08:08:30 2016 New Revision: 1761304 URL: http://svn.apache.org/viewvc?rev=1761304&view=rev Log: Implemented: removed the "controller" related logic, that is now provided by the new ControlFilter, from the ContextFilter; modified existing applications to use the two filters in a chain; removed from the other specialized filters all the logic that was duplicated or extended from ContextFilter. A web application, in order to leverage the OFBiz framework, requires that a series of objects are in its contexts (servlet context, session and request) such as "delegator", "delegatorName", "dispatcher", "security" etc. etc... This setup is performed by the logic contained in the servlet filter implemented by the ContextFilter class. The execution of this logic is required for the application to run properly. However, before this commit, in the ContextFilter there was other logic, related to access control and redirection rules (some of them performed in coordination with the ControlServlet), making it difficult to deploy this filter in all the web applications, especially the ones that implement special handling of paths. In fact, this filter was deployed in most but not all the web application in the OFBiz codebase: specifically it was not deployed in web applications that require the execution of other filters (e.g. CatalogUrlFilter, etc...) like the ones in the "ecommerce" and "solr" components. Removed: ofbiz/trunk/applications/commonext/webapp/WEB-INF/web.xml Modified: ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/web.xml ofbiz/trunk/applications/accounting/webapp/ap/WEB-INF/web.xml ofbiz/trunk/applications/accounting/webapp/ar/WEB-INF/web.xml ofbiz/trunk/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml ofbiz/trunk/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentUrlFilter.java ofbiz/trunk/applications/content/webapp/content/WEB-INF/web.xml ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/web.xml ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml ofbiz/trunk/applications/marketing/webapp/sfa/WEB-INF/web.xml ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/web.xml ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/CatalogUrlFilter.java ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContentUrlFilter.java ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContextFilter.java ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/web.xml ofbiz/trunk/applications/product/webapp/facility/WEB-INF/web.xml ofbiz/trunk/applications/workeffort/webapp/ical/WEB-INF/web.xml ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/web.xml ofbiz/trunk/framework/resources/templates/web.xml ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/view/JspViewHandler.java ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/web.xml ofbiz/trunk/specialpurpose/assetmaint/webapp/assetmaint/WEB-INF/web.xml ofbiz/trunk/specialpurpose/assetmaint/webapp/ismgr/WEB-INF/web.xml ofbiz/trunk/specialpurpose/bi/webapp/bi/WEB-INF/web.xml ofbiz/trunk/specialpurpose/birt/webapp/accounting/WEB-INF/web.xml ofbiz/trunk/specialpurpose/birt/webapp/birt/WEB-INF/web.xml ofbiz/trunk/specialpurpose/birt/webapp/facility/WEB-INF/web.xml ofbiz/trunk/specialpurpose/birt/webapp/ordermgr/WEB-INF/web.xml ofbiz/trunk/specialpurpose/cmssite/webapp/cmssite/WEB-INF/web.xml ofbiz/trunk/specialpurpose/ebay/webapp/ebay/WEB-INF/web.xml ofbiz/trunk/specialpurpose/ebaystore/webapp/ebaystore/WEB-INF/web.xml ofbiz/trunk/specialpurpose/ecommerce/src/main/java/org/apache/ofbiz/ecommerce/webapp/view/JspViewHandler.java ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/WEB-INF/web.xml ofbiz/trunk/specialpurpose/ecommerce/webapp/ecomseo/WEB-INF/web.xml ofbiz/trunk/specialpurpose/example/webapp/example/WEB-INF/web.xml ofbiz/trunk/specialpurpose/exampleext/webapp/exampleext/WEB-INF/web.xml ofbiz/trunk/specialpurpose/hhfacility/webapp/hhfacility/WEB-INF/web.xml ofbiz/trunk/specialpurpose/lucene/webapp/content/WEB-INF/web.xml ofbiz/trunk/specialpurpose/myportal/webapp/myportal/WEB-INF/web.xml ofbiz/trunk/specialpurpose/oagis/webapp/oagis/WEB-INF/web.xml ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/web.xml ofbiz/trunk/specialpurpose/scrum/webapp/demotest/WEB-INF/web.xml ofbiz/trunk/specialpurpose/scrum/webapp/scrum/WEB-INF/web.xml ofbiz/trunk/specialpurpose/solr/src/main/java/org/apache/ofbiz/solr/webapp/OFBizSolrContextFilter.java ofbiz/trunk/specialpurpose/solr/src/main/java/org/apache/ofbiz/solr/webapp/OFBizSolrRedirectServlet.java ofbiz/trunk/specialpurpose/solr/webapp/solr/WEB-INF/web.xml ofbiz/trunk/specialpurpose/webpos/webapp/webpos/WEB-INF/web.xml Modified: ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -45,29 +45,30 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/accounting/webapp/ap/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/ap/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/accounting/webapp/ap/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/accounting/webapp/ap/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -41,29 +41,30 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> <listener><listener-class>org.apache.ofbiz.webapp.control.LoginEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/accounting/webapp/ar/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/ar/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/accounting/webapp/ar/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/accounting/webapp/ar/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -45,29 +45,30 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -40,31 +40,32 @@ </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/static:/js</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> - + <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> <listener><listener-class>org.apache.ofbiz.webapp.control.LoginEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentUrlFilter.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentUrlFilter.java?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentUrlFilter.java (original) +++ ofbiz/trunk/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentUrlFilter.java Sun Sep 18 08:08:30 2016 @@ -21,9 +21,10 @@ package org.apache.ofbiz.content.content import java.io.IOException; +import javax.servlet.Filter; import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; import javax.servlet.RequestDispatcher; -import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; @@ -38,10 +39,15 @@ import org.apache.ofbiz.entity.Delegator import org.apache.ofbiz.entity.GenericValue; import org.apache.ofbiz.entity.util.EntityQuery; import org.apache.ofbiz.webapp.WebAppUtil; -import org.apache.ofbiz.webapp.control.ContextFilter; -public class ContentUrlFilter extends ContextFilter { +public class ContentUrlFilter implements Filter { public final static String module = ContentUrlFilter.class.getName(); + private FilterConfig config; + + @Override + public void init(FilterConfig filterConfig) throws ServletException { + this.config = filterConfig; + } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { @@ -49,13 +55,6 @@ public class ContentUrlFilter extends Co HttpServletResponse httpResponse = (HttpServletResponse) response; Delegator delegator = (Delegator) httpRequest.getSession().getServletContext().getAttribute("delegator"); - //Get ServletContext - ServletContext servletContext = config.getServletContext(); - - WebAppUtil.setCharacterEncoding(request); - - //Set request attribute and session - UrlServletHelper.setRequestAttributes(request, delegator, servletContext); String urlContentId = null; String pathInfo = UtilHttp.getFullRequestUrl(httpRequest); if (UtilValidate.isNotEmpty(pathInfo)) { @@ -83,7 +82,6 @@ public class ContentUrlFilter extends Co urlBuilder.append("/" + WebAppUtil.CONTROL_MOUNT_POINT); urlBuilder.append("/" + config.getInitParameter("viewRequest") + "?contentId=" + urlContentId); - WebAppUtil.setAttributesFromRequestBody(request); //Set view query parameters UrlServletHelper.setViewQueryParameters(request, urlBuilder); Debug.logInfo("[Filtered request]: " + pathInfo + " (" + urlBuilder + ")", module); @@ -98,4 +96,9 @@ public class ContentUrlFilter extends Co // we're done checking; continue on chain.doFilter(request, response); } + + @Override + public void destroy() { + + } } Modified: ofbiz/trunk/applications/content/webapp/content/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/webapp/content/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/content/webapp/content/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/content/webapp/content/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -45,29 +45,30 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -40,29 +40,30 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -43,30 +43,32 @@ under the License. <param-name>commonManufacturingDecoratorLocation</param-name> <param-value>component://manufacturing/widget/manufacturing/CommonScreens.xml</param-value> </context-param> + <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -40,26 +40,27 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> + <param-name>redirectPath</param-name> + <param-value>/control/main</param-value> </init-param> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> - <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> - <param-name>redirectPath</param-name> - <param-value>/control/main</param-value> - </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> <url-pattern>/*</url-pattern> Modified: ofbiz/trunk/applications/marketing/webapp/sfa/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/marketing/webapp/sfa/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/marketing/webapp/sfa/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/marketing/webapp/sfa/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -40,29 +40,30 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -40,30 +40,30 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> - <!-- Beware, if you use the Birt component, allowedPaths are not defined here anymore but in Birt web.xml--> <param-value>/error:/control:/products:/select:/index.html:/index.jsp:/default.html:/default.jsp:/js</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -39,31 +39,32 @@ under the License. <param-value>component://party/widget/partymgr/CommonScreens.xml</param-value> </context-param> - <filter> + <filter> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> + <init-param> + <param-name>allowedPaths</param-name> + <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/static</param-value> + </init-param> + <init-param> + <param-name>redirectPath</param-name> + <param-value>/control/main</param-value> + </init-param> + </filter> + <filter> <display-name>ContextFilter</display-name> <filter-name>ContextFilter</filter-name> <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> - <init-param> - <param-name>allowedPaths</param-name> - <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/static</param-value> - </init-param> - <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> - <param-name>redirectPath</param-name> - <param-value>/control/main</param-value> - </init-param> - </filter> - <filter-mapping> - <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> - </filter-mapping> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> + <filter-mapping> + <filter-name>ContextFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> <listener><listener-class>org.apache.ofbiz.webapp.control.LoginEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/CatalogUrlFilter.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/CatalogUrlFilter.java?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/CatalogUrlFilter.java (original) +++ ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/CatalogUrlFilter.java Sun Sep 18 08:08:30 2016 @@ -23,9 +23,10 @@ import java.util.Collections; import java.util.LinkedList; import java.util.List; +import javax.servlet.Filter; import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; import javax.servlet.RequestDispatcher; -import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; @@ -45,9 +46,8 @@ import org.apache.ofbiz.entity.util.Enti import org.apache.ofbiz.entity.util.EntityUtil; import org.apache.ofbiz.product.product.ProductContentWrapper; import org.apache.ofbiz.webapp.WebAppUtil; -import org.apache.ofbiz.webapp.control.ContextFilter; -public class CatalogUrlFilter extends ContextFilter { +public class CatalogUrlFilter implements Filter { public final static String module = CatalogUrlFilter.class.getName(); @@ -56,21 +56,20 @@ public class CatalogUrlFilter extends Co protected static String defaultLocaleString = null; protected static String redirectUrl = null; - + + protected FilterConfig config; + + @Override + public void init(FilterConfig filterConfig) throws ServletException { + this.config = filterConfig; + } + @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; Delegator delegator = (Delegator) httpRequest.getSession().getServletContext().getAttribute("delegator"); - //Get ServletContext - ServletContext servletContext = config.getServletContext(); - - WebAppUtil.setCharacterEncoding(request); - - //Set request attribute and session - UrlServletHelper.setRequestAttributes(request, delegator, servletContext); - // set initial parameters String initDefaultLocalesString = config.getInitParameter("defaultLocaleString"); String initRedirectUrl = config.getInitParameter("redirectUrl"); @@ -324,7 +323,6 @@ public class CatalogUrlFilter extends Co UrlServletHelper.setViewQueryParameters(request, urlBuilder); if (UtilValidate.isNotEmpty(productId) || UtilValidate.isNotEmpty(productCategoryId) || UtilValidate.isNotEmpty(urlContentId)) { Debug.logInfo("[Filtered request]: " + pathInfo + " (" + urlBuilder + ")", module); - WebAppUtil.setAttributesFromRequestBody(request); RequestDispatcher dispatch = request.getRequestDispatcher(urlBuilder.toString()); dispatch.forward(request, response); return; @@ -337,7 +335,12 @@ public class CatalogUrlFilter extends Co // we're done checking; continue on chain.doFilter(request, response); } - + + @Override + public void destroy() { + + } + public static String makeCategoryUrl(HttpServletRequest request, String previousCategoryId, String productCategoryId, String productId, String viewSize, String viewIndex, String viewSort, String searchString) { Delegator delegator = (Delegator) request.getAttribute("delegator"); try { Modified: ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContentUrlFilter.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContentUrlFilter.java?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContentUrlFilter.java (original) +++ ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContentUrlFilter.java Sun Sep 18 08:08:30 2016 @@ -20,13 +20,12 @@ package org.apache.ofbiz.product.category; import java.io.IOException; -import java.util.LinkedList; import java.util.List; -import java.util.Set; +import javax.servlet.Filter; import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; import javax.servlet.RequestDispatcher; -import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; @@ -34,23 +33,24 @@ import javax.servlet.http.HttpServletReq import javax.servlet.http.HttpServletResponse; import org.apache.ofbiz.base.util.Debug; -import org.apache.ofbiz.base.util.UtilCodec; import org.apache.ofbiz.base.util.UtilHttp; import org.apache.ofbiz.base.util.UtilMisc; import org.apache.ofbiz.base.util.UtilValidate; import org.apache.ofbiz.common.UrlServletHelper; import org.apache.ofbiz.entity.Delegator; import org.apache.ofbiz.entity.GenericValue; -import org.apache.ofbiz.entity.condition.EntityCondition; -import org.apache.ofbiz.entity.condition.EntityOperator; import org.apache.ofbiz.entity.util.EntityUtil; -import org.apache.ofbiz.webapp.control.ContextFilter; -public class SeoContentUrlFilter extends ContextFilter { +public class SeoContentUrlFilter implements Filter { public final static String module = SeoContentUrlFilter.class.getName(); protected static String defaultLocaleString = null; protected static String redirectUrl = null; - public static String defaultViewRequest = "contentViewInfo"; + private FilterConfig config; + + @Override + public void init(FilterConfig filterConfig) throws ServletException { + this.config = filterConfig; + } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { @@ -58,10 +58,6 @@ public class SeoContentUrlFilter extends HttpServletResponse httpResponse = (HttpServletResponse) response; Delegator delegator = (Delegator) httpRequest.getSession().getServletContext().getAttribute("delegator"); - // Get ServletContext - ServletContext servletContext = config.getServletContext(); - // Set request attribute and session - UrlServletHelper.setRequestAttributes(request, delegator, servletContext); String urlContentId = null; String pathInfo = UtilHttp.getFullRequestUrl(httpRequest); if (UtilValidate.isNotEmpty(pathInfo)) { @@ -105,61 +101,8 @@ public class SeoContentUrlFilter extends chain.doFilter(request, response); } - public static String makeContentAltUrl(HttpServletRequest request, HttpServletResponse response, String contentId, String viewContent) { - if (UtilValidate.isEmpty(contentId)) { - return null; - } - Delegator delegator = (Delegator) request.getAttribute("delegator"); - String url = null; - try { - List<EntityCondition> expr = new LinkedList<EntityCondition>(); - expr.add(EntityCondition.makeCondition("caContentAssocTypeId", EntityOperator.EQUALS, "ALTERNATIVE_URL")); - expr.add(EntityCondition.makeCondition("caThruDate", EntityOperator.EQUALS, null)); - expr.add(EntityCondition.makeCondition("contentIdStart", EntityOperator.EQUALS, contentId)); - Set<String> fieldsToSelect = UtilMisc.toSet("contentIdStart", "drObjectInfo", "dataResourceId", "caFromDate", "caThruDate", "caCreatedDate"); - List<GenericValue> contentAssocDataResources = delegator.findList("ContentAssocDataResourceViewTo", EntityCondition.makeCondition(expr), fieldsToSelect, - UtilMisc.toList("-caFromDate"), null, true); - if (contentAssocDataResources.size() > 0) { - GenericValue contentAssocDataResource = EntityUtil.getFirst(contentAssocDataResources); - url = contentAssocDataResource.getString("drObjectInfo"); - url = UtilCodec.getDecoder("url").decode(url); - String mountPoint = request.getContextPath(); - if (!(mountPoint.equals("/")) && !(mountPoint.equals(""))) { - url = mountPoint + url; - } - } - } catch (Exception e) { - Debug.logWarning("[Exception] : " + e.getMessage(), module); - } - - if (UtilValidate.isEmpty(url)) { - if (UtilValidate.isEmpty(viewContent)) { - viewContent = defaultViewRequest; - } - url = makeContentUrl(request, response, contentId, viewContent); - } - return url; - } - - public static String makeContentUrl(HttpServletRequest request, HttpServletResponse response, String contentId, String viewContent) { - if (UtilValidate.isEmpty(contentId)) { - return null; - } - StringBuilder urlBuilder = new StringBuilder(); - urlBuilder.append(request.getSession().getServletContext().getContextPath()); - if (urlBuilder.length() == 0 || urlBuilder.charAt(urlBuilder.length() - 1) != '/') { - urlBuilder.append("/"); - } - if (UtilValidate.isNotEmpty(SeoControlServlet.controlServlet)) { - urlBuilder.append(SeoControlServlet.controlServlet + "/"); - } + @Override + public void destroy() { - if (UtilValidate.isNotEmpty(viewContent)) { - urlBuilder.append(viewContent); - } else { - urlBuilder.append(defaultViewRequest); - } - urlBuilder.append("?contentId=" + contentId); - return urlBuilder.toString(); } } Modified: ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContextFilter.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContextFilter.java?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContextFilter.java (original) +++ ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContextFilter.java Sun Sep 18 08:08:30 2016 @@ -18,8 +18,6 @@ *******************************************************************************/ package org.apache.ofbiz.product.category; -import static org.apache.ofbiz.base.util.UtilGenerics.checkMap; - import java.io.IOException; import java.net.URL; import java.util.Collection; @@ -29,6 +27,7 @@ import java.util.List; import java.util.Map; import java.util.Set; +import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.RequestDispatcher; @@ -39,42 +38,29 @@ import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.ofbiz.webapp.WebAppUtil; import org.apache.oro.text.regex.Pattern; import org.apache.oro.text.regex.Perl5Matcher; import org.apache.ofbiz.base.util.Debug; import org.apache.ofbiz.base.util.StringUtil; import org.apache.ofbiz.base.util.UtilHttp; -import org.apache.ofbiz.base.util.UtilMisc; -import org.apache.ofbiz.base.util.UtilObject; import org.apache.ofbiz.base.util.UtilValidate; -import org.apache.ofbiz.entity.Delegator; -import org.apache.ofbiz.entity.DelegatorFactory; -import org.apache.ofbiz.entity.GenericEntityException; -import org.apache.ofbiz.entity.GenericValue; -import org.apache.ofbiz.entity.condition.EntityCondition; -import org.apache.ofbiz.entity.util.EntityUtil; -import org.apache.ofbiz.security.Security; -import org.apache.ofbiz.service.LocalDispatcher; import org.apache.ofbiz.webapp.control.ConfigXMLReader; import org.apache.ofbiz.webapp.control.ConfigXMLReader.ControllerConfig; -import org.apache.ofbiz.webapp.control.ContextFilter; import org.apache.ofbiz.webapp.control.ControlFilter; import org.apache.ofbiz.webapp.control.WebAppConfigurationException; -import org.apache.ofbiz.webapp.website.WebSiteWorker; /** * SeoContextFilter - Restricts access to raw files and configures servlet objects. */ -public class SeoContextFilter extends ContextFilter { +public class SeoContextFilter implements Filter { public static final String module = SeoContextFilter.class.getName(); - protected Set<String> WebServlets = new HashSet<String>(); + protected Set<String> WebServlets = new HashSet<>(); + private FilterConfig config; public void init(FilterConfig config) throws ServletException { - super.init(config); - + this.config = config; Map<String, ? extends ServletRegistration> servletRegistrations = config.getServletContext().getServletRegistrations(); for (String key : servletRegistrations.keySet()) { Collection<String> servlets = servletRegistrations.get(key).getMappings(); @@ -114,68 +100,6 @@ public class SeoContextFilter extends Co } Set<String> uris = requestMaps.keySet(); - // NOTE: the following part is copied from org.apache.ofbiz.webapp.control.ContextFilter.doFilter method, please update this if framework is updated. - // Debug.logInfo("Running ContextFilter.doFilter", module); - - // ----- Servlet Object Setup ----- - // set the cached class loader for more speedy running in this thread - - // set the ServletContext in the request for future use - httpRequest.setAttribute("servletContext", config.getServletContext()); - - // set the webSiteId in the session - if (UtilValidate.isEmpty(httpRequest.getSession().getAttribute("webSiteId"))) { - httpRequest.getSession().setAttribute("webSiteId", WebSiteWorker.getWebSiteId(httpRequest)); - } - - // set the filesystem path of context root. - httpRequest.setAttribute("_CONTEXT_ROOT_", config.getServletContext().getRealPath("/")); - - // set the server root url - String serverRootUrl = UtilHttp.getServerRootUrl(httpRequest); - httpRequest.setAttribute("_SERVER_ROOT_URL_", serverRootUrl); - - // request attributes from redirect call - String reqAttrMapHex = (String) httpRequest.getSession().getAttribute("_REQ_ATTR_MAP_"); - if (UtilValidate.isNotEmpty(reqAttrMapHex)) { - byte[] reqAttrMapBytes = StringUtil.fromHexString(reqAttrMapHex); - Map<String, Object> reqAttrMap = checkMap(UtilObject.getObject(reqAttrMapBytes), String.class, Object.class); - if (reqAttrMap != null) { - for (Map.Entry<String, Object> entry : reqAttrMap.entrySet()) { - httpRequest.setAttribute(entry.getKey(), entry.getValue()); - } - } - httpRequest.getSession().removeAttribute("_REQ_ATTR_MAP_"); - } - - // ----- Context Security ----- - // check if we are disabled - String disableSecurity = config.getInitParameter("disableContextSecurity"); - if (disableSecurity != null && "Y".equalsIgnoreCase(disableSecurity)) { - chain.doFilter(httpRequest, httpResponse); - return; - } - - // check if we are told to redirect everthing - String redirectAllTo = config.getInitParameter("forceRedirectAll"); - if (UtilValidate.isNotEmpty(redirectAllTo)) { - // little trick here so we don't loop on ourself - if (httpRequest.getSession().getAttribute("_FORCE_REDIRECT_") == null) { - httpRequest.getSession().setAttribute("_FORCE_REDIRECT_", "true"); - Debug.logWarning("Redirecting user to: " + redirectAllTo, module); - - if (!redirectAllTo.toLowerCase().startsWith("http")) { - redirectAllTo = httpRequest.getContextPath() + redirectAllTo; - } - httpResponse.sendRedirect(redirectAllTo); - return; - } else { - httpRequest.getSession().removeAttribute("_FORCE_REDIRECT_"); - chain.doFilter(httpRequest, httpResponse); - return; - } - } - // test to see if we have come through the control servlet already, if not do the processing String requestPath = null; String contextUri = null; @@ -222,23 +146,6 @@ public class SeoContextFilter extends Co String requestUri = UtilHttp.getRequestUriFromTarget(httpRequest.getRequestURI()); - // Verbose Debugging - if (Debug.verboseOn()) { - for (String allow : allowList) { - Debug.logVerbose("[Allow]: " + allow, module); - } - Debug.logVerbose("[View Name]: " + viewName, module); - Debug.logVerbose("[Request Uri]: " + requestUri, module); - Debug.logVerbose("[Request path]: " + requestPath, module); - Debug.logVerbose("[Request info]: " + requestInfo, module); - Debug.logVerbose("[Servlet path]: " + httpRequest.getServletPath(), module); - Debug.logVerbose( - "[Not In AllowList]: " + (!allowList.contains(requestPath) && !allowList.contains(requestInfo) && !allowList.contains(httpRequest.getServletPath()) && !allowList.contains(requestUri) && !allowList.contains("/" + viewName)), - module); - Debug.logVerbose("[Not In controller]: " + (UtilValidate.isEmpty(requestPath) && UtilValidate.isEmpty(httpRequest.getServletPath()) && !uris.contains(viewName)), - module); - } - // check to make sure the requested url is allowed if (!allowList.contains(requestPath) && !allowList.contains(requestInfo) && !allowList.contains(httpRequest.getServletPath()) && !allowList.contains(requestUri) && !allowList.contains("/" + viewName) @@ -288,72 +195,16 @@ public class SeoContextFilter extends Co } } - // check if multi tenant is enabled - boolean useMultitenant = EntityUtil.isMultiTenantEnabled(); - if (useMultitenant) { - // get tenant delegator by domain name - String serverName = httpRequest.getServerName(); - try { - // if tenant was specified, replace delegator with the new per-tenant delegator and set tenantId to session attribute - Delegator delegator = WebAppUtil.getDelegator(config.getServletContext()); - - // to access entity "tenant" we need the default delegator - Delegator defaultdelegator = DelegatorFactory.getDelegator("default"); - - // take the tenantId from the current delegator - String tenantId = delegator.getDelegatorTenantId(); - - List<GenericValue> tenants = defaultdelegator.findList("Tenant", EntityCondition.makeCondition("tenantId", tenantId), null, UtilMisc.toList("-createdStamp"), null, false); - if (UtilValidate.isNotEmpty(tenants)) { - GenericValue tenant = EntityUtil.getFirst(tenants); - - // if the request path is a root mount then redirect to the initial path - if (UtilValidate.isNotEmpty(requestPath) && requestPath.equals(contextUri)) { - String initialPath = tenant.getString("initialPath"); - if (UtilValidate.isNotEmpty(initialPath) && !"/".equals(initialPath)) { - ((HttpServletResponse) response).sendRedirect(initialPath); - return; - } - } - - // make that tenant active, setup a new delegator and a new dispatcher - String tenantDelegatorName = delegator.getDelegatorBaseName() + "#" + tenantId; - httpRequest.getSession().setAttribute("delegatorName", tenantDelegatorName); - - // after this line the delegator is replaced with the new per-tenant delegator - delegator = DelegatorFactory.getDelegator(tenantDelegatorName); - config.getServletContext().setAttribute("delegator", delegator); - - // clear web context objects - config.getServletContext().setAttribute("security", null); - config.getServletContext().setAttribute("dispatcher", null); - - // initialize security - Security security = WebAppUtil.getSecurity(config.getServletContext()); - // initialize the services dispatcher - LocalDispatcher dispatcher = WebAppUtil.getDispatcher(config.getServletContext()); - - // set web context objects - request.setAttribute("dispatcher", dispatcher); - request.setAttribute("security", security); - - request.setAttribute("userTenantId", tenantId); - } - - // NOTE DEJ20101130: do NOT always put the delegator name in the user's session because the user may - // have logged in and specified a tenant, and even if no Tenant record with a matching domainName field - // is found this will change the user's delegator back to the base one instead of the one for the - // tenant specified on login - // httpRequest.getSession().setAttribute("delegatorName", delegator.getDelegatorName()); - } catch (GenericEntityException e) { - Debug.logWarning(e, "Unable to get Tenant", module); - } - } // we're done checking; continue on chain.doFilter(httpRequest, httpResponse); } + @Override + public void destroy() { + + } + /** * Forward a uri according to forward pattern regular expressions. Note: this is developed for Filter usage. * Modified: ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -40,29 +40,30 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/imagemanagement:/products</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/product/webapp/facility/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/facility/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/product/webapp/facility/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/product/webapp/facility/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -45,29 +45,30 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/ShippingAPI.dll</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> Modified: ofbiz/trunk/applications/workeffort/webapp/ical/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/workeffort/webapp/ical/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/workeffort/webapp/ical/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/workeffort/webapp/ical/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -39,32 +39,32 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> - <param-value> - /error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images - </param-value> - </init-param> - <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> + <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> + <listener> <listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class> </listener> Modified: ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/web.xml (original) +++ ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -42,28 +42,27 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> - <param-value> - /error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images - </param-value> - </init-param> - <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> + <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> <url-pattern>/*</url-pattern> Modified: ofbiz/trunk/framework/resources/templates/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/resources/templates/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/framework/resources/templates/web.xml (original) +++ ofbiz/trunk/framework/resources/templates/web.xml Sun Sep 18 08:08:30 2016 @@ -35,17 +35,21 @@ </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param><param-name>disableContextSecurity</param-name><param-value>N</param-value></init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> - <init-param><param-name>errorCode</param-name><param-value>403</param-value></init-param> <init-param><param-name>redirectPath</param-name><param-value>/control/main</param-value></init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping><filter-name>ControlFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping> <filter-mapping><filter-name>ContextFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> Modified: ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java (original) +++ ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java Sun Sep 18 08:08:30 2016 @@ -22,7 +22,6 @@ import static org.apache.ofbiz.base.util import java.io.IOException; import java.util.Enumeration; -import java.util.List; import java.util.Map; import javax.servlet.Filter; @@ -52,18 +51,17 @@ import org.apache.ofbiz.webapp.WebAppUti import org.apache.ofbiz.webapp.website.WebSiteWorker; /** - * ContextFilter - Restricts access to raw files and configures servlet objects. + * ContextFilter - Configures objects for OFBiz applications */ public class ContextFilter implements Filter { - public static final String module = ContextFilter.class.getName(); - public static final String FORWARDED_FROM_SERVLET = "_FORWARDED_FROM_SERVLET_"; + private static final String module = ContextFilter.class.getName(); protected FilterConfig config = null; - protected boolean debug = false; // default charset used to decode requests body data if no encoding is specified in the request private String defaultCharacterEncoding; + private boolean isMultitenant; /** * @see javax.servlet.Filter#init(javax.servlet.FilterConfig) @@ -74,12 +72,6 @@ public class ContextFilter implements Fi // puts all init-parameters in ServletContext attributes for easier parametrization without code changes this.putAllInitParametersInAttributes(); - // set debug - this.debug = "true".equalsIgnoreCase(config.getInitParameter("debug")); - if (!debug) { - debug = Debug.verboseOn(); - } - defaultCharacterEncoding = config.getServletContext().getInitParameter("charset"); if (UtilValidate.isEmpty(defaultCharacterEncoding)) { defaultCharacterEncoding = "UTF-8"; @@ -93,6 +85,9 @@ public class ContextFilter implements Fi // initialize the services dispatcher WebAppUtil.getDispatcher(config.getServletContext()); + // check if multi tenant is enabled + isMultitenant = EntityUtil.isMultiTenantEnabled(); + // this will speed up the initial sessionId generation new java.security.SecureRandom().nextLong(); } @@ -104,7 +99,6 @@ public class ContextFilter implements Fi HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; - // ----- Servlet Object Setup ----- // set the ServletContext in the request for future use @@ -134,129 +128,17 @@ public class ContextFilter implements Fi httpRequest.getSession().removeAttribute("_REQ_ATTR_MAP_"); } - // ----- Context Security ----- - // check if we are disabled - String disableSecurity = config.getInitParameter("disableContextSecurity"); - if (disableSecurity != null && "Y".equalsIgnoreCase(disableSecurity)) { - chain.doFilter(httpRequest, httpResponse); - return; - } - - // check if we are told to redirect everthing - String redirectAllTo = config.getInitParameter("forceRedirectAll"); - if (UtilValidate.isNotEmpty(redirectAllTo)) { - // little trick here so we don't loop on ourself - if (httpRequest.getSession().getAttribute("_FORCE_REDIRECT_") == null) { - httpRequest.getSession().setAttribute("_FORCE_REDIRECT_", "true"); - Debug.logWarning("Redirecting user to: " + redirectAllTo, module); - - if (!redirectAllTo.toLowerCase().startsWith("http")) { - redirectAllTo = httpRequest.getContextPath() + redirectAllTo; - } - httpResponse.sendRedirect(redirectAllTo); - return; - } else { - httpRequest.getSession().removeAttribute("_FORCE_REDIRECT_"); - chain.doFilter(httpRequest, httpResponse); - return; - } - } - - // test to see if we have come through the control servlet already, if not do the processing - String requestPath = null; - String contextUri = null; - if (httpRequest.getAttribute(ContextFilter.FORWARDED_FROM_SERVLET) == null) { - // Debug.logInfo("In ContextFilter.doFilter, FORWARDED_FROM_SERVLET is NOT set", module); - String allowedPath = config.getInitParameter("allowedPaths"); - String redirectPath = config.getInitParameter("redirectPath"); - String errorCode = config.getInitParameter("errorCode"); - - List<String> allowList = null; - if ((allowList = StringUtil.split(allowedPath, ":")) != null) { - allowList.add("/"); // No path is allowed. - allowList.add(""); // No path is allowed. - } - - if (debug) Debug.logInfo("[Domain]: " + httpRequest.getServerName() + " [Request]: " + httpRequest.getRequestURI(), module); - - requestPath = httpRequest.getServletPath(); - if (requestPath == null) requestPath = ""; - if (requestPath.lastIndexOf("/") > 0) { - if (requestPath.indexOf("/") == 0) { - requestPath = "/" + requestPath.substring(1, requestPath.indexOf("/", 1)); - } else { - requestPath = requestPath.substring(1, requestPath.indexOf("/")); - } - } - - String requestInfo = httpRequest.getServletPath(); - if (requestInfo == null) requestInfo = ""; - if (requestInfo.lastIndexOf("/") >= 0) { - requestInfo = requestInfo.substring(0, requestInfo.lastIndexOf("/")) + "/*"; - } - - StringBuilder contextUriBuffer = new StringBuilder(); - if (httpRequest.getContextPath() != null) { - contextUriBuffer.append(httpRequest.getContextPath()); - } - if (httpRequest.getServletPath() != null) { - contextUriBuffer.append(httpRequest.getServletPath()); - } - if (httpRequest.getPathInfo() != null) { - contextUriBuffer.append(httpRequest.getPathInfo()); - } - contextUri = contextUriBuffer.toString(); - - // Verbose Debugging - if (Debug.verboseOn()) { - if (allowList != null) { - for (String allow: allowList) { - Debug.logVerbose("[Allow]: " + allow, module); - } - } - Debug.logVerbose("[Request path]: " + requestPath, module); - Debug.logVerbose("[Request info]: " + requestInfo, module); - Debug.logVerbose("[Servlet path]: " + httpRequest.getServletPath(), module); - } - - // check to make sure the requested url is allowed - if (allowList != null && - (!allowList.contains(requestPath) && !allowList.contains(requestInfo) && !allowList.contains(httpRequest.getServletPath())) - ) { - String filterMessage = "[Filtered request]: " + contextUri; - - if (redirectPath == null) { - int error = 404; - if (UtilValidate.isNotEmpty(errorCode)) { - try { - error = Integer.parseInt(errorCode); - } catch (NumberFormatException nfe) { - Debug.logWarning(nfe, "Error code specified would not parse to Integer : " + errorCode, module); - } - } - filterMessage = filterMessage + " (" + error + ")"; - httpResponse.sendError(error, contextUri); - request.setAttribute("filterRequestUriError", contextUri); - } else { - filterMessage = filterMessage + " (" + redirectPath + ")"; - if (!redirectPath.toLowerCase().startsWith("http")) { - redirectPath = httpRequest.getContextPath() + redirectPath; - } - httpResponse.sendRedirect(redirectPath); - } - Debug.logWarning(filterMessage, module); - return; - } - } - if (request.getCharacterEncoding() == null) { request.setCharacterEncoding(defaultCharacterEncoding); } + WebAppUtil.setAttributesFromRequestBody(request); - // check if multi tenant is enabled - boolean useMultitenant = EntityUtil.isMultiTenantEnabled(); - if (useMultitenant) { + if (!isMultitenant) { + request.setAttribute("delegator", config.getServletContext().getAttribute("delegator")); + request.setAttribute("dispatcher", config.getServletContext().getAttribute("dispatcher")); + request.setAttribute("security", config.getServletContext().getAttribute("security")); + } else { // get tenant delegator by domain name String serverName = httpRequest.getServerName(); try { @@ -275,11 +157,11 @@ public class ContextFilter implements Fi tenantId = (String) httpRequest.getAttribute("userTenantId"); } if(UtilValidate.isEmpty(tenantId)) { - tenantId = (String) httpRequest.getParameter("userTenantId"); + tenantId = httpRequest.getParameter("userTenantId"); } if (UtilValidate.isNotEmpty(tenantId)) { // if the request path is a root mount then redirect to the initial path - if (UtilValidate.isNotEmpty(requestPath) && requestPath.equals(contextUri)) { + if ("".equals(httpRequest.getContextPath()) && "".equals(httpRequest.getServletPath())) { GenericValue tenant = EntityQuery.use(baseDelegator).from("Tenant").where("tenantId", tenantId).queryOne(); String initialPath = tenant.getString("initialPath"); if (UtilValidate.isNotEmpty(initialPath) && !"/".equals(initialPath)) { @@ -306,6 +188,7 @@ public class ContextFilter implements Fi LocalDispatcher dispatcher = WebAppUtil.getDispatcher(config.getServletContext()); // set web context objects + request.setAttribute("delegator", delegator); request.setAttribute("dispatcher", dispatcher); request.setAttribute("security", security); Modified: ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (original) +++ ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java Sun Sep 18 08:08:30 2016 @@ -439,37 +439,6 @@ public class LoginWorker { } if (delegatorNameHashIndex == -1 || (currentDelegatorTenantId != null && !tenantId.equals(currentDelegatorTenantId))) { - /* don't require this, allow a user to authenticate inside the tenant as long as the userLoginId and - * password match what is in that tenant's database; instead just set things up below - try { - List<GenericValue> tenantUserLoginList = delegator.findList("TenantUserLogin", EntityCondition.makeCondition(EntityOperator.AND, "tenantId", tenantId, "userLoginId", username), null, null, null, false); - if (tenantUserLoginList != null && tenantUserLoginList.size() > 0) { - ServletContext servletContext = session.getServletContext(); - - // if so make that tenant active, setup a new delegator and a new dispatcher - String delegatorName = delegator.getDelegatorName() + "#" + tenantId; - - // after this line the delegator is replaced with the new per-tenant delegator - delegator = DelegatorFactory.getDelegator(delegatorName); - dispatcher = ContextFilter.makeWebappDispatcher(servletContext, delegator); - - // NOTE: these will be local for now and set in the request and session later, after we've verified that the user - setupNewDelegatorEtc = true; - } else { - // not associated with this tenant, can't login - String errMsg = UtilProperties.getMessage(resourceWebapp, "loginevents.unable_to_login_tenant", UtilHttp.getLocale(request)); - request.setAttribute("_ERROR_MESSAGE_", errMsg); - return "error"; - } - } catch (GenericEntityException e) { - String errMsg = "Error checking TenantUserLogin: " + e.toString(); - Debug.logError(e, errMsg, module); - request.setAttribute("_ERROR_MESSAGE_", errMsg); - return "error"; - } - */ - - // make that tenant active, setup a new delegator and a new dispatcher String delegatorName = delegator.getDelegatorBaseName() + "#" + tenantId; @@ -1130,7 +1099,7 @@ public class LoginWorker { public static boolean hasBasePermission(GenericValue userLogin, HttpServletRequest request) { Security security = (Security) request.getAttribute("security"); if (security != null) { - ServletContext context = (ServletContext) request.getAttribute("servletContext"); + ServletContext context = request.getServletContext(); String serverId = (String) context.getAttribute("_serverId"); // get a context path from the request, if it is empty then assume it is the root mount point String contextPath = request.getContextPath(); Modified: ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/view/JspViewHandler.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/view/JspViewHandler.java?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/view/JspViewHandler.java (original) +++ ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/view/JspViewHandler.java Sun Sep 18 08:08:30 2016 @@ -57,7 +57,7 @@ public class JspViewHandler extends Abst //Debug.logInfo("Requested Page : " + page, module); //Debug.logInfo("Physical Path : " + context.getRealPath(page)); - // tell the ContextFilter we are forwarding + // tell the ControlFilter we are forwarding request.setAttribute(ControlFilter.FORWARDED_FROM_SERVLET, Boolean.TRUE); RequestDispatcher rd = request.getRequestDispatcher(page); Modified: ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/web.xml (original) +++ ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -46,32 +46,27 @@ under the License. </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> - <param-value> - /ping.txt:/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/applet - </param-value> - </init-param> - <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> + <param-value>/ping.txt:/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/applet</param-value> </init-param> <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> - <init-param> - <param-name>debug</param-name> - <param-value>true</param-value> - </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> <url-pattern>/*</url-pattern> Modified: ofbiz/trunk/specialpurpose/assetmaint/webapp/assetmaint/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/webapp/assetmaint/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff ============================================================================== --- ofbiz/trunk/specialpurpose/assetmaint/webapp/assetmaint/WEB-INF/web.xml (original) +++ ofbiz/trunk/specialpurpose/assetmaint/webapp/assetmaint/WEB-INF/web.xml Sun Sep 18 08:08:30 2016 @@ -55,29 +55,30 @@ </context-param> <filter> - <display-name>ContextFilter</display-name> - <filter-name>ContextFilter</filter-name> - <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> - <init-param> - <param-name>disableContextSecurity</param-name> - <param-value>N</param-value> - </init-param> + <display-name>ControlFilter</display-name> + <filter-name>ControlFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class> <init-param> <param-name>allowedPaths</param-name> <param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value> </init-param> <init-param> - <param-name>errorCode</param-name> - <param-value>403</param-value> - </init-param> - <init-param> <param-name>redirectPath</param-name> <param-value>/control/main</param-value> </init-param> </filter> + <filter> + <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> + <filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>ControlFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter-mapping> <filter-name>ContextFilter</filter-name> - <url-pattern>/*</url-pattern> + <url-pattern>/*</url-pattern> </filter-mapping> <listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener> |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |