Context Navigation

SiteSpecific.xml @ 25616

Last change on this file since 25616 was 25616, checked in by GarthBraithwaite_STG, 10 months ago
301 - removed ip json requests as they were never used anyway.
File size: 18.5 KB

Line
1	<?xml version="1.0" encoding="UTF-8"?>
2
3	<beans default-lazy-init="false" default-autowire="no"
4	xmlns="http://www.springframework.org/schema/beans"
5	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
6	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"
7	>
8	<!--
9	This file has 3 functions:
10	1) Specify/load the application's spring bean definition files.
11	2) Provide the dispatcher servlet URL to controller mappings.
12	3) Override any spring bean definitions as per adopter's specific needs.
13	Note that the properties file should be configured in this file IF
14	they are needed/used.
15	-->
16
17	<!--
18	SPRING APPLICATION CONTENT DEFINITION FILES / SPRING BEAN IMPORTS
19	Specifies the Spring application context definition files which are
20	responsible for creating the application's objects. To keep these
21	definitions more maintainable the bean definitions are stored in their
22	own file (beans are grouped by functionality). There are two available
23	mechanisms to load these files:
24	1) web.xml - can specify a list of bean files to load. Note that this
25	mechanism is the same - the difference is that it only specifies
26	this file.
27	2) This file can be used with the spring bean "import" mechanism. This
28	mechanism works the same way the XSLT import works with the last
29	import taking precedence (which for imports is typically not a problem
30	as they should be independent). However, the 2nd part of this file
31	allows for an adopter to override any bean definition OR the adopter
32	can put all their overrides in a separate file and import that file
33	last etc.
34
35	IMPORTANT IMPORT NOTES:
36	Some beans have dependencies on other beans so inclusion of 1 file
37	may result in the need for additional file(s). The request dispatcher
38	URL to controller mappings require that all controller objects be
39	defined. In either case if a bean references another bean and that
40	bean/object is not defined the application will not start (you will
41	see an error in the output log about bean definition missing/not found).
42
43	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
44	!!! IMPORTANT - SECURITY CONFIGURATION !!!
45	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
46	When making security config changes consult ALL the notes and comments
47	within the security files and the admin webapp's security_notes.txt
48	file. At some point someone will document this but for now these
49	comments should provide enough help for a java web developer to be
50	able to connect the dots.
51
52	If doing secure URLs at least two security definitions need to be
53	specified: the general (security.xml) and the specific security
54	configuration (security-xxx.xml) which supplements.
55	-->
56	<import resource="common.xml"/>
57	<import resource="filter.xml"/>
58
59	<import resource="security.xml"/>
60	<import resource="security-pre_authenticated.xml"/>
61	<import resource="security-db_authentication.xml"/>
62	<import resource="security-xml_authentication.xml"/>
63	<!--
64	<import resource="security-no_authentication.xml"/>
65	<import resource="https.xml"/>
66	-->
67
68	<import resource="indicator.xml"/>
69	<import resource="query.xml"/>
70	<import resource="query-definition.xml"/>
71	<import resource="publication.xml"/>
72	<import resource="community.xml"/>
73	<import resource="topic.xml"/>
74	<import resource="secure.xml"/>
75	<import resource="user.xml"/>
76
77	<import resource="view.xml"/>
78
79
80	<bean id="siteSpecificDispatcherServletURLMap" class="java.util.HashMap">
81	<description>
82	Defines the mapping of URL patterns to the appropriate IBIS-PH
83	Controller. The definitions are defined here and referenced in the
84	dispacther_servlet.xml file because the ds.xml load occurs after
85	this bean file is processed which would require an adopter to have
86	to maintain and track the d_s.xml file. Keeping them in this file
87	also is the right place as this file contains the bean imports.
88
89	IMPORTANT IMPORT NOTE:
90	The request URLs to controller mapping MUST match the specified
91	controller. Otherwise the application will not start and the log
92	will show an undefined bean error in the log. Make sure that the
93	imports match the needed controller.
94
95	For example if secure query is wanted then the secure.xml spring bean
96	controller definition file would need to imported. The "secure" type
97	requests would then need to be mapped to the respective controller.
98
99	Note the first part of the controller name corresponds with the
100	Spring bean definition file that includes that controller's
101	definition (this is the case with all IBIS-PH Spring bean defs -
102	they all have a prefix that is associated with the bean XML file.
103
104	ORDERING: The best practice is to be order most specific to least.
105	</description>
106	<constructor-arg>
107	<map>
108	<!-- D E F A U L T H T M L C O N T E N T -->
109	<entry key="/*/.html" value-ref="viewHTMLContentConventionController"/>
110
111	<!-- Note these will only get hit for defined web.xml blanket
112	mappings so requests like indicator/ or query/
113	but NOT about/ or topic/ as these have no web.xml mapping.
114	-->
115	<entry key="/*/" value-ref="viewHTMLContentConventionController"/>
116
117	<!-- T O P I C -->
118	<entry key="/topic/**" value-ref="topicHTMLContentConventionController"/>
119
120	<!-- C O M M U N I T Y -->
121	<entry key="/community/indicators/**" value-ref="communityIndicatorsController"/>
122	<entry key="/community/facts/**" value-ref="communityFactsController"/>
123	<entry key="/community/initiatives/**" value-ref="communityInitiativesController"/>
124
125	<!-- I N D I C A T O R -->
126	<entry key="/indicator/index/Alphabetical.html" value-ref="indicatorAlphabeticalIndexController"/>
127	<entry key="/indicator/index/DataSource.html" value-ref="indicatorDataSourceIndexController"/>
128	<entry key="/indicator/index/Organization.html" value-ref="indicatorOrgUnitIndexController"/>
129	<entry key="/indicator/index/Set.html" value-ref="indicatorIndicatorSetIndexController"/>
130	<entry key="/indicator/index/Table.html" value-ref="indicatorTableIndexController"/>
131	<entry key="/indicator/index/Demographic.html" value-ref="indicatorDemographicIndexController"/>
132
133	<entry key="/indicator/summary/*.html" value-ref="indicatorSummaryViewController"/>
134	<entry key="/indicator/view/*.html" value-ref="indicatorViewController"/>
135	<entry key="/indicator/complete/*.html" value-ref="indicatorCompleteViewController"/>
136	<entry key="/indicator/facts/*.html" value-ref="indicatorImportantFactsController"/>
137	<entry key="/indicator/services/*.html" value-ref="indicatorServicesController"/>
138	<entry key="/indicator/related//.html" value-ref="indicatorRelatedIndicatorsController"/>
139	<entry key="/indicator/resources/*.html" value-ref="indicatorResourcesController"/>
140
141	<entry key="/indicator/contentblocks/*.html" value-ref="indicatorContentBlocksController"/>
142
143	<entry key="/indicator/preview/*.html" value-ref="indicatorPreviewController"/>
144	<entry key="/indicator/view/preview/*.html" value-ref="indicatorViewPreviewController"/>
145
146	<!-- Q U E R Y -->
147	<entry key="/query/selection/**" value-ref="querySelectionController"/>
148	<entry key="/query/configuration/**" value-ref="queryConfigurationController"/>
149	<entry key="/query/builder/**" value-ref="queryBuilderController"/>
150	<entry key="/query/submit/*/.html" value-ref="querySubmitController"/>
151	<entry key="/query/result/*/.html" value-ref="queryResultController"/>
152	<entry key="/query/result/*/.xls" value-ref="queryResultController"/> <!-- put here so can plug in Excel specifici controller in the future. -->
153	<entry key="/query/result/*/.xml" value-ref="queryIBISQResultController"/>
154
155	<entry key="/query/contentblocks/**" value-ref="queryResultContentBlocksController"/>
156
157
158	<!-- Q U E R Y D E F I N I T I O N -->
159	<entry key="/query/definition/list/*" value-ref="queryDefinitionListController"/>
160	<entry key="/query/definition/index/*" value-ref="queryDefinitionIndexController"/>
161	<entry key="/query/definition/detail//" value-ref="queryDefinitionDetailController"/>
162
163	<entry key="/query/definition/result//" value-ref="queryDefinitionResultController"/>
164	<entry key="/query/definition/builder//" value-ref="queryDefinitionBuilderController"/>
165	<entry key="/query/definition/contentblocks/**" value-ref="queryDefinitionResultContentBlocksController"/>
166
167	<entry key="/query/definition/save" value-ref="queryDefinitionSaveController"/>
168	<entry key="/query/definition/delete/*" value-ref="queryDefinitionDeleteController"/>
169	<entry key="/query/definition/set_apply" value-ref="queryModuleToApplyQueryDefinitionController"/>
170
171	<!-- IMPORTANT NOTICE: If there are sensitive datasets that are
172	exposed via a Query Module and the IBISPH-VIEW to IBIS-Q
173	then this proxy should either a) be removed from this file
174	or b) have the proxy's application URL point to an invalid
175	URL or c) protect the request via spring security. Also
176	make sure that all of those sensitive dataset URL requests
177	are protected and that the backend IBIS-Q CGI application
178	is not made available except to the ibisph-view webapp.
179	-->
180	<entry key="/query/proxy*" value-ref="queryQueryApplicationProxyController"/>
181
182
183	<!-- S E C U R E -->
184	<entry key="/secure" value-ref="secureSelectionController"/>
185	<entry key="/secure/test.jsp" value-ref="secureTestController"/>
186	<entry key="/secure/selection/*.html" value-ref="secureSelectionController"/>
187	<entry key="/secure/query/selection/**" value-ref="secureQuerySelectionController"/>
188	<entry key="/secure/query/builder/**" value-ref="secureQueryBuilderController"/>
189	<entry key="/secure/query/submit/*/.html" value-ref="secureQuerySubmitController"/>
190	<entry key="/secure/query/result/*/.html" value-ref="secureQueryResultController"/>
191	<entry key="/secure/query/result/*/.xls" value-ref="secureQueryResultController"/>
192	<entry key="/secure/query/result/*/.xml" value-ref="secureQueryIBISQResultController"/>
193	<entry key="/secure/query/configuration/**" value-ref="queryConfigurationController"/>
194
195	<entry key="/secure/query/definition/result//" value-ref="secureQueryDefinitionResultController"/>
196	<entry key="/secure/query/definition/builder//" value-ref="secureQueryDefinitionBuilderController"/>
197
198	<!-- U S E R P R O F I L E -->
199	<entry key="/user/Login.html" value-ref="userLoginController"/>
200	<entry key="/user/Selections.html" value-ref="userSelectionsController"/>
201
202	<entry key="/user/Registration.html" value-ref="userEditRegistrationController"/>
203	<entry key="/user/registration/save" value-ref="userSaveRegistrationController"/>
204	<entry key="/user/registration/verify/**" value-ref="userVerifyRegistrationController"/>
205
206	<entry key="/user/Access.html" value-ref="userAccessController"/>
207	<entry key="/user/status" value-ref="userStatusController"/>
208	<entry key="/user/access/email" value-ref="userEmailAccessController"/>
209
210
211	<!-- G E N E R I C T R A S F O R M A T I O N -->
212	<!--
213	This controller is needed for adhoc system reports to work.
214	At one point it was thought to not enable this controller as
215	it could be a potential security risk because it would bypass
216	the spring security mechanism. However, this is NOT the case
217	as the controller only can access xml files within its
218	configuration limitation or via the xmlURL request parameter.
219	In either case if there were sensitive data in these files
220	they should NEVER be placed in a non secured, public facing
221	webapp/directory.
222
223	To be safe, it is probably still best to remove this request
224	from production deployements. It should only be enabled for
225	local query module development and testing environment where
226	the QM developer wants to test their XML files.
227	-->
228	<entry key="/view.html" value-ref="viewHTTPXMLXSLTRequestParameterController"/>
229
230	<!-- F I L E C O N T E N T S T R E A M E R -->
231	<entry key="/contentfile/WEB-INF/**" value-ref="viewAccessDeniedController"/>
232	<entry key="/contentfile/**" value-ref="viewGetFileController"/>
233
234	</map>
235	</constructor-arg>
236	</bean>
237
238
239	<!--
240	ADOPTER BEAN DEFINITION OVERRIDES AND PROPERTY OVERRIDES
241	This section provides the adopter a mechanism to override bean definitions
242	and property values. Theses bean definitions should be listed AFTER ALL
243	imported bean files.
244	-->
245
246	<!-- uncomment if wanting ss props in the webapps dir. Make sure to ref this bean below...
247	<bean id="siteSpecificWebappsRootURL" class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
248	<property name="targetObject" ref="commonContextAndPathService"/>
249	<property name="targetMethod" value="getPathURL"/>
250	<property name="arguments"><list><value>..</value></list></property>
251	</bean>
252	-->
253
254	<bean id="siteSpecificPropertyOverrides" class="org.springframework.beans.factory.config.PropertyOverrideConfigurer">
255	<description>
256	Defines optional special property file(s) that contain property
257	overrides. These differ in that the beanID:propertyName is on the
258	left side with the right containing the value to be injected into
259	the bean. Property files are only able to provide string and numeric
260	type data values/value overrides. These property files are optional
261	and might not want to be/need to be used by an adopter to keep their
262	configuration files more concise and simpler - the property values
263	can simply be placed in this file. Where property files are of
264	value is when being deployed to different servers where each server
265	has it's own file path, IBISQ url, JNDI name, etc.
266
267	The locations define where these override files could be located.
268	If one exists in all directories then the last definition is the
269	value that eventually is used. If the file does not exist the
270	ignore setting specifies to move on. If false and a file is not
271	found then the app will not start.
272
273	For local development in MS-Windows put a ibisph-view.properties
274	property override file in your c:\users\your_username directory.
275	Only include those values needed to override/supplement your
276	current settings already specified.
277
278	IMPORTANT NOTES: If you have the files located outside of the webapp
279	container you need to make sure that the file privs are setup
280	correctly. The ${user.home} is a special environment value that
281	should work for Windows and Linux. Relative file paths are only
282	supported for relative paths within the webapp. For property files
283	outside of the webapp you must use a fully qualified URL value with
284	outside relative "../xyz" paths not being fully supported due to
285	the spring using whatever concreate ResourceLoader object.
286
287	Property files can only set a bean's (object) string/numeric values.
288	</description>
289	<property name="ignoreResourceNotFound" value="true"/>
290	<property name="locations">
291	<list>
292	<value>WEB-INF/config/SiteSpecific.properties</value>
293
294	<!-- if wanting prop file in the webapps dir then
295	1) uncomment the below refed bean (above).
296	2) uncomment the ref to the bean (below).
297	<value>#{siteSpecificWebappsRootURL}/nmepht-view.properties</value>
298
299	The direct relative to webapp path does NOT work - can't remember
300	why but debugging showed the path is relative to the app server
301	- not the app context (can't remember why the sub dir WEB-INF
302	works?). Must use the bean which knows about the app context.
303	<value>../relative_context_path_that does_not_work.properties</value>
304	-->
305
306	<value>file:${user.home}/ibisph-view.properties</value>
307	</list>
308	</property>
309	</bean>
310
311
312	<!-- This method invoke call verifies the existance of the published
313	indicators XML file. If it does not exist then creates it based on the
314	existing IP XML files. This is useful for new deployments or if the XML
315	is corrupt etc. Typically used when the adopter wants to rebuild the
316	XML (1. delete the published IPs XML file, 2. restart the app). The
317	admin app is responsible to maintain the published IPs XML file via an
318	IP publish request so this call should not be needed. It is provided as
319	a safety feature that some direct content adopters may want to include.
320
321	REMOTE CONTENT NOTE: this verify service is of no value as the content
322	is located on a different server and thus can NOT create, update, delete
323	this file. For remote content the IPs XML and published IPs XML file is
324	either managed by the admin app's publishing or by an adopter manually
325	maintaining their content.
326	<bean id="siteSpecificVerifyPublishedIndicatorsXMLFileService"
327	class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"
328	>
329	<property name="targetObject">
330	<bean class="org.ibisph.indicatorprofile.service.PublishedIndicatorsXML">
331	<property name="publishedIndicatorsFilePathAndName" value="#{indicatorPublishedIndicatorsFilePathAndName.string}"/>
332	<property name="indicatorProfileFilePath" value="#{indicatorProfileFilePath.string}"/>
333	<property name="documentDAOService" ref="commonPublishedDocumentDAOService"/>
334	</bean>
335	</property>
336	<property name="targetMethod" value="verifyPublishedIndicatorsXMLFile"/>
337	</bean>
338	-->
339
340
341	<bean id="securityAuthenticationProviderList" class="java.util.ArrayList">
342	<description>
343	Defines the types of provides to be used for authenticating a user.
344	This list can be 1:n with the first being tried then the next etc
345	until successful/all providers have been tried.
346
347	Note that you MUST have the appropriate/associated spring bean xml
348	file included/imported to be able to use the selected provider.
349	</description>
350	<constructor-arg>
351	<list>
352	<ref bean="securityPreAuthenticatedAuthenticationProvider"/>
353	<ref bean="securityDBAuthenticationProvider"/>
354	<ref bean="securityXMLAuthenticationProvider"/>
355	</list>
356	</constructor-arg>
357	</bean>
358
359	<!-- For development use the standard, non caching XSLT transformer. Default
360	common is the caching version: org.ibisph.xslt.CachedSaxonTransformerFactory.
361	-->
362	<bean id="commonXSLTTransformerFactory" class="net.sf.saxon.TransformerFactoryImpl"/>
363
364	</beans>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: main/branches/3.0.1/ibisph-view/src/main/webapp/WEB-INF/config/spring/SiteSpecific.xml @ 25616

Download in other formats: