source: main/adopters/ky/branches/2.3/src/main/webapps/ehl-view/WEB-INF/web.xml @ 10898

Last change on this file since 10898 was 10898, checked in by Garth Braithwaite, 6 years ago

ky epht - split content to epht content. Converted to html_content struct. moved belt images to content.

File size: 18.4 KB
Line 
1<?xml version="1.0" encoding="UTF-8"?>
2
3<!--
4        This file contains the standard Java Web Application Server application
5        definitions for the IBIS-PH View application.  See the admin app's
6        web.xml for detailed comments that describes how requests flow, spring
7        configuration, JNDI resources - info about webapp configuration.
8-->
9
10<web-app 
11        xmlns="http://java.sun.com/xml/ns/javaee"
12        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
13    xsi:schemaLocation="
14                http://java.sun.com/xml/ns/javaee
15                http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd
16        "
17        version="2.5"
18>
19
20        <icon>
21                <small-icon>image/application.ico</small-icon>
22                <large-icon>image/application.ico</large-icon>
23        </icon>
24        <display-name>IBIS-PH - Public View</display-name>
25        <description>
26                Indicator Based Information System for Public Health (IBIS-PH).  This
27                system provides internet access for the public to view health indicator
28                data and to create and execute custom data queries.  The data presented
29                are stored in XML files with the HTML view being created by XSLTs and
30                controlled via Java controllers built on the Spring framework.
31        </description>
32        <distributable/>
33
34
35        <!-- =========================================== J N D I   R E S O U R C E S -->
36        <!-- For a detailed discussion of JDBC and MAIL JNDI resources, see the
37                comments within the admin app's web.xml.  This gist is the resource
38                refs provide a definition mechanism that allows the app to startup
39                (won't run that portion of code that relys on the resource but the
40                app can at least start).  The app server then simply needs to have
41                the resource defined and properly exposed for the app to work.  This
42                "exposing" can be done by either a global resource definition, a local
43                context definition, or a context resource link.
44        -->
45        <resource-ref>
46                <description>
47                        Resource reference to the app server container managed JNDI database connection
48                        factory.  The jdbc definition is only used by some view app deployments.  It
49                        is needed when an adopter want to use db stored user authentication or if some
50                        of the XML content is to be stored in a db blob type table.  In all other cases
51                        when the db is not used this value defined below does not hurt anything so no
52                        need to comment it out.
53                </description>
54                <res-ref-name>jdbc/doh_ibisph</res-ref-name>
55                <res-type>javax.sql.DataSource</res-type>
56                <res-auth>Container</res-auth>
57        </resource-ref>
58        <resource-ref>
59                <description>
60                        Resource reference to the app server container managed JNDI JavaMail factory.
61                        IMPORTANT: for the app to start the mail*.jar file needs to be handled.  This
62                        involves either within the app server container or within the app itself.
63                        See installation notes for more info.
64                </description>
65                <res-ref-name>mail/doh_ibisph</res-ref-name>
66                <res-type>javax.mail.Session</res-type>
67                <res-auth>Container</res-auth>
68        </resource-ref>
69
70
71        <!-- ========================================== C O N T E X T - P A R A M S -->
72        <!-- Values used by the listeners -->
73        <context-param>
74                <description>
75                        Specifies where to get the logback (application logging)
76                        configuration file.
77                </description>
78                <param-name>logbackConfigLocation</param-name>
79                <param-value>/WEB-INF/config/logback.xml</param-value>
80        </context-param>
81
82        <context-param>
83                <description>
84                        Specifies the Spring application context definition file which is
85                        responsible for creating the application objects.  The application
86                        context Spring bean definition file uses a series of imports with
87                        the last import being the SiteSpecific.xml which provides the actual
88                        security, dispatcher servlet url mappings, and allows for any bean
89                        definition to be overridden.  This ss.xml file also handles the
90                        SiteSpecific.properties file.  These properties are again bean
91                        overrides and are not the typical name/value pair .property to file.
92                </description>
93                <param-name>contextConfigLocation</param-name>
94                <param-value>/WEB-INF/config/spring/SiteSpecific.xml</param-value>
95        </context-param>
96
97
98        <!-- ===================================================== L I S T E N E R S -->
99        <listener>
100                <listener-class>org.ibisph.log.ConfigureLogbackListener</listener-class>
101        </listener>
102
103        <listener>
104                <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
105        </listener>
106
107        <listener>
108                <description>
109                        Publishes events for session creation and destruction through the app
110                        context.  Optional unless concurrent session control is being used.
111                </description>
112                <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
113        </listener>
114
115
116        <!-- ========================================================= F I L T E R S -->
117        <filter>
118                <filter-name>standardFilters</filter-name>
119                <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
120                <init-param>
121                        <param-name>targetBeanName</param-name>
122                        <param-value>filterChainProxy</param-value>
123                </init-param> 
124        </filter>
125        <filter>
126                <filter-name>securityFilters</filter-name>
127                <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
128                <init-param>
129                        <param-name>targetBeanName</param-name>
130                        <param-value>securityFilterChainProxy</param-value>
131                </init-param> 
132        </filter>
133
134
135        <!-- ========================================= F I L T E R   M A P P I N G S -->
136        <!-- The standard filters provide response compression (gzip), header
137                modifications for stuffing graphic types and cookie values, and to
138                handle other request/response manipulations.  The security filters
139                provide authentication and authorization protection for the web URL/
140                resource via Spring Security filters.  Both types of filtering are
141                handled at a high level with Spring's delegating filter.  Spring's
142                delegating proxy filter provides 2 important capabilities not found in
143                standard web.xml filter mappings: 1) more flexible URL to filter
144                mappings, and 2) the ability to configure filters using spring
145                injection.  Each filter definition has the detailed filter mappings
146                which makes this web.xml simpler and allows the filters to all be
147                contained in one area and easier to maintain.
148        -->
149        <filter-mapping>
150                <filter-name>securityFilters</filter-name>
151                <url-pattern>*</url-pattern>
152        </filter-mapping>
153        <filter-mapping>
154                <filter-name>standardFilters</filter-name>
155                <url-pattern>*</url-pattern>
156        </filter-mapping>
157
158
159        <!-- ======================================================= S E R V L E T S -->
160        <servlet>
161                <description>
162                        Main servlet used to handle IBIS-PH requests.  This servlet is provided
163                        as part of the Spring MVC framework.  The main purpose of this servlet
164                        is to map a URL pattern to the appropriate controller so that the
165                        incoming request can be routed to the appropriate code that builds the
166                        model and view.  This servlet then renders the view back to the user.
167
168                        The contextConfigLocation is needed to point to a Spring bean file that
169                        contains the servlet mappings.  All other beans are defined at the
170                        application context level but these mappings can not be defined at
171                        that level as the servlet needs to be able to locate them and this is
172                        the prescribed mechanism.  Plus if there were more than 1 MVC servlet
173                        then the servlets would not know which mapping to use.  For IBIS-PH
174                        the actual URL to controller mapping property map is defined in the
175                        SiteSpecific.xml file for centralized management.
176                </description>
177                <servlet-name>dispatcherServlet</servlet-name>
178                <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
179                <init-param>
180                        <param-name>contextConfigLocation</param-name>
181                        <param-value>/WEB-INF/config/spring/dispatcher_servlet.xml</param-value>
182                </init-param>
183                <load-on-startup>10</load-on-startup>
184        </servlet>
185
186        <servlet>
187                <description>
188                        AWT based captcha servlet that generates a simple random AWT
189                        generated text graphic (streams back) and puts the associated
190                        random text into the user's session for validation.
191                </description>
192                <servlet-name>captchaServlet</servlet-name>
193                <servlet-class>org.ibisph.web.servlet.AWTCaptchaServlet</servlet-class>
194        </servlet>
195
196        <servlet>
197                <description>
198                        Converts posted SVG to an image.
199                </description>
200                <servlet-name>svgToImageServlet</servlet-name>
201                <servlet-class>org.ibisph.web.servlet.SVGToRasterServlet</servlet-class>
202        </servlet>
203
204        <!-- ======================================= S E R V L E T   M A P P I N G S -->
205        <!-- Servlet and filter URL mappings have the same exact URL mapping
206                limitations.  It is possible to route all requests to the Spring request
207                dispatcher servlet which has a more robust URL to controller mapping. 
208                However, this approach is problematic for static content and jsps.
209                If getPathInfo is used then only the suffix portion that matches is
210                provided to the Java code.  The means that if *.html is the servlet
211                mapping then null is what getPathInfo() returns.  getRequestURI()
212                doesn't decode and contains context and servlet paths.  Some postings
213                say that getPathInfo is problematic.
214
215                The approach taken below is to route all .html type requests to the app
216                as the app does not serve up static html files.  The more specific action
217                type requests that do not end with .html are then specified.  This approach
218                relies on the specific url mappings in the spring configs.  Another way
219                to do this is to list all the known types of requests that *might* ever be
220                used. 
221
222                If an adopter implements different requests then the appropriate mapping
223                will need to be added/removed etc. as will all the other configs.
224                Note that these requests do NOT need to be removed if unused.  This
225                simply maps these types of requests to the dispatcher servlet where its
226                own, more specific URL matching patterns can be applied.
227        -->
228        <servlet-mapping>
229                <servlet-name>dispatcherServlet</servlet-name>
230
231                <url-pattern>*.html</url-pattern>
232
233                <url-pattern>/community/*</url-pattern>
234                <url-pattern>/indicator/*</url-pattern>
235                <url-pattern>/query/*</url-pattern>
236                <url-pattern>/secure/*</url-pattern>
237                <url-pattern>/user/*</url-pattern>
238
239                <!--
240                        Default publishing URL mapping that even if direct publishing is
241                        configured in the admin app does no harm as these URLs are never hit.
242                -->
243                <url-pattern>/publish/*</url-pattern>
244
245                <!--
246                        Below are static content mappings that should route to a simple
247                        static content controller.  This mechanism allows adopters that
248                        have their content stored outside of the webapp to appear to a
249                        web crawler as though the content is local to the webapp.  For
250                        example UT has their content outside of the view app but they
251                        want their static PDF files to be indexed and searchable within
252                        their IBIS view webapp.  This provides for that.
253
254
255================ VERSIONED UNTIL v2.4
256                -->
257                <url-pattern>/view/*</url-pattern>
258
259                <!-- can be useful for debugging but not good for prod as it is a potential security hole
260                <url-pattern>/view</url-pattern>
261                -->
262        </servlet-mapping>
263
264        <servlet-mapping>
265                <servlet-name>captchaServlet</servlet-name>
266                <url-pattern>/captcha/*</url-pattern>
267        </servlet-mapping>
268
269        <servlet-mapping>
270                <servlet-name>svgToImageServlet</servlet-name>
271                <url-pattern>/svgtoimage/*</url-pattern>
272        </servlet-mapping>
273
274
275        <!-- =================================================== J S P   C O N F I G -->
276        <jsp-config>
277                <jsp-property-group>
278                        <description>Property group for common configuration for all the JSP's</description>
279                        <display-name>default</display-name>
280                        <url-pattern>*.jsp</url-pattern>
281                        <el-ignored>false</el-ignored>
282                        <page-encoding>ISO-8859-1</page-encoding>
283                        <scripting-invalid>false</scripting-invalid>
284                        <trim-directive-whitespaces>true</trim-directive-whitespaces>
285                </jsp-property-group>
286        </jsp-config>
287
288
289        <!-- =========================================== S E S S I O N   C O N F I G -->
290        <session-config>
291                <!-- Inactive timeout value for a user's session.  Value is in minutes. -->
292                <session-timeout>30</session-timeout>
293
294                <!-- Servlet 3.0 value (Tomcat7) that makes it more difficult for browser scripting
295                to steal the user's session id
296                <cookie-config>
297                        <http-only>true</http-only>
298                </cookie-config>
299                -->
300        </session-config>
301
302
303        <!-- ============================================= M I M E   M A P P I N G S -->
304        <mime-mapping><extension></extension>    <mime-type>text/html</mime-type></mime-mapping>
305        <mime-mapping><extension>htm</extension> <mime-type>text/html</mime-type></mime-mapping>
306        <mime-mapping><extension>html</extension><mime-type>text/html</mime-type></mime-mapping>
307        <mime-mapping><extension>xml</extension> <mime-type>text/xml</mime-type></mime-mapping>
308        <mime-mapping><extension>css</extension> <mime-type>text/css</mime-type></mime-mapping>
309        <mime-mapping><extension>ico</extension> <mime-type>image/vnd.microsoft.icon</mime-type></mime-mapping>
310        <mime-mapping><extension>js</extension>  <mime-type>text/javascript</mime-type></mime-mapping>
311        <mime-mapping><extension>json</extension><mime-type>application/json</mime-type></mime-mapping>
312        <mime-mapping><extension>jsp</extension> <mime-type>text/html</mime-type></mime-mapping>
313        <mime-mapping><extension>log</extension> <mime-type>text/plain</mime-type></mime-mapping>
314        <mime-mapping><extension>gif</extension> <mime-type>image/gif</mime-type></mime-mapping>
315        <mime-mapping><extension>jpg</extension> <mime-type>image/jpeg</mime-type></mime-mapping>
316        <mime-mapping><extension>jpeg</extension><mime-type>image/jpeg</mime-type></mime-mapping>
317        <mime-mapping><extension>png</extension> <mime-type>image/png</mime-type></mime-mapping>
318        <mime-mapping><extension>tiff</extension><mime-type>image/tiff</mime-type></mime-mapping>
319        <mime-mapping><extension>tif</extension> <mime-type>image/tiff</mime-type></mime-mapping>
320        <mime-mapping><extension>svg</extension> <mime-type>image/svg+xml</mime-type></mime-mapping>
321        <mime-mapping><extension>svgz</extension><mime-type>image/svg+xml</mime-type></mime-mapping>
322        <mime-mapping><extension>pdf</extension> <mime-type>application/pdf</mime-type></mime-mapping>
323        <mime-mapping><extension>xls</extension> <mime-type>application/vnd.ms-excel</mime-type></mime-mapping>
324
325               
326        <!-- =============================== D E F A U L T / W E L C O M E   P A G E -->
327        <!-- The list can not handle home/Welcome.html type requests when the servlet
328                mapping is NOT path based.  It can accept jsp and servlets but has a problem
329                with normal looking *.html requests.  Note that the index.htm file is NOT
330                index.html which is the standard/default.  The reason for this is that the
331                app is configured for anything that is like *.html which results in the app
332                trying to process the /index.html request via the HTML_CONTENT controller.
333        -->
334        <welcome-file-list>
335                <welcome-file>index.jsp</welcome-file>
336        </welcome-file-list>
337
338        <!-- ======================================= H T T P   E R R O R   P A G E S -->
339        <!-- Note the error-code definitions are not currently used 7/2012 - left
340                for postairity.  The exception-type definitions provide the main error
341                handling mechanism.
342        -->
343        <error-page><error-code>401</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=You are not authorized to view the requested resource.</location></error-page>
344        <error-page><error-code>403</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=You are trying to view a restricted resource.  The request was understood by the server but a response was refused.</location></error-page>
345        <error-page><error-code>404</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=Requested resource was not found.  It has either moved or is unavailable.</location></error-page>
346        <error-page><error-code>405</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=The page tried to use a method which is not supported for this URL.</location></error-page>
347        <error-page><error-code>406</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=The requested resource exists, but not in a format/type that your browser will accept.</location></error-page>
348        <error-page><error-code>407</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=The proxy server needs authorization before it can proceed.</location></error-page>
349        <error-page><error-code>408</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=Request timed out.  The resource is in use or is temporarily unavailable or there is a network problem.</location></error-page>
350        <error-page><error-code>414</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=The requested URI (URL) is too long for the server to handle.</location></error-page>
351        <error-page><error-code>415</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=The server can not process the request because the request body is in an unsupported media format.</location></error-page>
352
353        <error-page><error-code>500</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=An unexpected error occurred inside the server that prevented it from fulfilling the request.</location></error-page>
354        <error-page><error-code>501</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=Requested function is not implemented by this application on this server.</location></error-page>
355        <error-page><error-code>502</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=Bad internet gateway.  A server acting as a gateway or proxy did not receive a valid response from an upstream server.</location></error-page>
356        <error-page><error-code>503</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=The service (server) is temporarily unavailable but should be restored in the future.</location></error-page>
357        <error-page><error-code>504</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=A gateway timout error has occured.  A server acting as a gateway or proxy did not receive a valid response in time.</location></error-page>
358        <error-page><error-code>505</error-code><location>/WEB-INF/jsp/error/detail.jsp?message=The server does not support the version of the HTTP protocol used in the request.</location></error-page>
359
360        <error-page><exception-type>java.io.IOException</exception-type><location>/WEB-INF/jsp/error/detail.jsp?message=Requested resource was not found.  It has either moved or is unavailable.</location></error-page>
361        <error-page><exception-type>java.lang.Throwable</exception-type><location>/WEB-INF/jsp/error/detail.jsp?message=Uncaught System Run Time Exception</location></error-page>
362</web-app>
363
Note: See TracBrowser for help on using the repository browser.