source: main/trunk/ibisph-view/src/main/webapp/WEB-INF/config/spring/SiteSpecific.xml @ 19916

Last change on this file since 19916 was 19916, checked in by GarthBraithwaite_STG, 2 years ago

db, view - fixed prev other topic name. Implemented topic ip list. Cleaned up and moved _commity.css to Community. XML services and model map cleanup and better descrips. Removed extra "/" from dynamic IP paths when building filename. Renamed IP page.options to page.contentOptions to be consist.

File size: 19.4 KB
Line 
1<?xml version="1.0" encoding="UTF-8"?>
2
3<beans default-lazy-init="false" default-autowire="no"
4        xmlns="http://www.springframework.org/schema/beans"
5        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
6        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"
7>
8        <!--
9                This file has 3 functions:
10                1) Specify/load the application's spring bean definition files.
11                2) Provide the dispatcher servlet URL to controller mappings.
12                3) Override any spring bean definitions as per adopter's specific needs.
13                   Note that the properties file should be configured in this file IF
14                   they are needed/used.
15        -->
16
17        <!--
18                SPRING APPLICATION CONTENT DEFINITION FILES / SPRING BEAN IMPORTS
19                Specifies the Spring application context definition files which are
20                responsible for creating the application's objects.  To keep these
21                definitions more maintainable the bean definitions are stored in their
22                own file (beans are grouped by functionality).  There are two available
23                mechanisms to load these files:
24                1) web.xml - can specify a list of bean files to load.  Note that this
25                   mechanism is the same - the difference is that it only specifies
26                   this file.
27                2) This file can be used with the spring bean "import" mechanism.  This
28                   mechanism works the same way the XSLT import works with the last
29                   import taking precedence (which for imports is typically not a problem
30                   as they should be independent).  However, the 2nd part of this file
31                   allows for an adopter to override any bean definition OR the adopter
32                   can put all their overrides in a separate file and import that file
33                   last etc.
34
35                IMPORTANT IMPORT NOTES:
36                Some beans have dependencies on other beans so inclusion of 1 file
37                may result in the need for additional file(s).  The request dispatcher
38                URL to controller mappings require that all controller objects be
39                defined.  In either case if a bean references another bean and that
40                bean/object is not defined the application will not start (you will
41                see an error in the output log about bean definition missing/not found).
42               
43                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
44                !!! IMPORTANT - SECURITY CONFIGURATION !!!
45                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
46                When making security config changes consult ALL the notes and comments
47                within the security files and the admin webapp's security_notes.txt
48                file.  At some point someone will document this but for now these
49                comments should provide enough help for a java web developer to be
50                able to connect the dots.
51
52                If doing secure URLs at least two security definitions need to be
53                specified: the general (security.xml) and the specific security
54                configuration (security-xxx.xml) which supplements.
55        -->
56        <import resource="common.xml"/>
57        <import resource="filter.xml"/>
58
59        <import resource="security.xml"/>
60        <import resource="security-pre_authenticated.xml"/>
61        <import resource="security-db_authentication.xml"/>
62        <import resource="security-xml_authentication.xml"/>
63<!--
64        <import resource="security-no_authentication.xml"/>
65        <import resource="https.xml"/>
66-->
67
68        <import resource="indicator.xml"/>
69        <import resource="query.xml"/>
70        <import resource="query-definition.xml"/>
71        <import resource="publication.xml"/>
72        <import resource="community.xml"/>
73        <import resource="topic.xml"/>
74        <import resource="report.xml"/>
75        <import resource="secure.xml"/>
76        <import resource="user.xml"/>
77
78        <import resource="view.xml"/>
79
80
81        <bean id="siteSpecificDispatcherServletURLMap" class="java.util.HashMap">
82                <description>
83                        Defines the mapping of URL patterns to the appropriate IBIS-PH
84                        Controller.  The definitions are defined here and referenced in the
85                        dispacther_servlet.xml file because the ds.xml load occurs after
86                        this bean file is processed which would require an adopter to have
87                        to maintain and track the d_s.xml file.  Keeping them in this file
88                        also is the right place as this file contains the bean imports.
89                       
90                        IMPORTANT IMPORT NOTE:
91                        The request URLs to controller mapping MUST match the specified
92                        controller.  Otherwise the application will not start and the log
93                        will show an undefined bean error in the log.  Make sure that the
94                        imports match the needed controller.
95
96                        For example if secure query is wanted then the secure.xml spring bean
97                        controller definition file would need to imported.  The "secure" type
98                        requests would then need to be mapped to the respective controller.
99
100                        Note the first part of the controller name corresponds with the
101                        Spring bean definition file that includes that controller's
102                        definition (this is the case with all IBIS-PH Spring bean defs -
103                        they all have a prefix that is associated with the bean XML file.
104
105                        ORDERING: The best practice is to be order most specific to least.
106                </description>
107                <constructor-arg>
108                        <map>
109                                <!-- D E F A U L T   H T M L   C O N T E N T -->
110                                <entry key="/**/*.html" value-ref="viewHTMLContentConventionController"/>
111
112                                <!-- Note these will only get hit for defined web.xml blanket
113                                        mappings so requests like indicator/ or query/
114                                        but NOT about/ or topic/ as these have no web.xml mapping.
115                                -->
116                                <entry key="/*/"        value-ref="viewHTMLContentConventionController"/>
117
118                                <!-- I N D I C A T O R  -->
119                                <entry key="/indicator/index/Alphabetical.html"  value-ref="indicatorAlphabeticalIndexController"/>
120                                <entry key="/indicator/index/DataSource.html"    value-ref="indicatorDataSourceIndexController"/>
121                                <entry key="/indicator/index/Organization.html"  value-ref="indicatorOrgUnitIndexController"/>
122                                <entry key="/indicator/index/Set.html"           value-ref="indicatorIndicatorSetIndexController"/>
123                                <entry key="/indicator/index/Table.html"         value-ref="indicatorTableIndexController"/>
124                                <entry key="/indicator/index/Categorized.html"   value-ref="indicatorCategorizedIndexController"/>
125<!--
126                                <entry key="/indicator/default/*.html"       value-ref="indicatorDefaultViewController"/>
127-->
128                                <entry key="/indicator/summary/*.html"       value-ref="indicatorSummaryViewController"/>
129                                <entry key="/indicator/view/*.html"          value-ref="indicatorViewController"/>
130                                <entry key="/indicator/facts/*.html"         value-ref="indicatorImportantFactsController"/>
131                                <entry key="/indicator/services/*.html"      value-ref="indicatorServicesController"/>
132                                <entry key="/indicator/related/*/*.html"     value-ref="indicatorRelatedIndicatorsController"/>
133                                <entry key="/indicator/resources/*.html"     value-ref="indicatorResourcesController"/>
134                                <entry key="/indicator/complete_profile/*.html" value-ref="indicatorCompleteViewController"/>
135
136                                <entry key="/indicator/view/*.json"          value-ref="indicatorViewJSONController"/>
137                                <entry key="/indicator/*.json"               value-ref="indicatorJSONController"/>
138
139                                <entry key="/indicator/contentblocks/*.html" value-ref="indicatorContentBlocksController"/>
140
141                                <entry key="/indicator/preview/*.html"       value-ref="indicatorPreviewController"/>
142                                <entry key="/indicator/view/preview/*.html"  value-ref="indicatorViewPreviewController"/>
143
144                                <!-- C O M M U N I T Y -->
145                                <entry key="/community/indicators/**"       value-ref="communityIndicatorsReportController"/>
146                                <entry key="/community/indicator/**"        value-ref="communityIndicatorReportController"/>
147                                <entry key="/community/facts/**"            value-ref="communityFactsController"/>
148
149                                <!-- T O P I C -->
150                                <entry key="/topic/**"                      value-ref="topicHTMLContentConventionController"/>
151
152                                <!-- Q U E R Y  -->
153                                <entry key="/query/selection/**"             value-ref="querySelectionController"/>
154                                <entry key="/query/configuration/**"         value-ref="queryConfigurationController"/>
155                                <entry key="/query/builder/**"               value-ref="queryBuilderController"/>
156                                <entry key="/query/submit/**/*.html"         value-ref="querySubmitController"/>
157                                <entry key="/query/submit/**/*.xml"          value-ref="querySubmitAndRunToXMLController"/>
158                                <entry key="/query/result/**/*.html"         value-ref="queryResultController"/>
159                                <entry key="/query/result/**/*.xls"          value-ref="queryResultController"/>        <!-- put here so can plug in Excel specifici controller in the future. -->
160                                <entry key="/query/result/**/*.xml"          value-ref="queryIBISQResultController"/>   
161
162                                <!-- Q U E R Y   D E F I N I T I O N -->
163                                <entry key="/query/definition/list/*"        value-ref="queryDefinitionListController"/>
164                                <entry key="/query/definition/index/*"       value-ref="queryDefinitionIndexController"/>
165
166                                <entry key="/query/definition/detail/*/*"    value-ref="queryDefinitionDetailController"/>
167                                <entry key="/query/definition/result/*/*"    value-ref="queryDefinitionResultController"/>
168                                <entry key="/query/definition/builder/*/*"   value-ref="queryDefinitionBuilderController"/>
169                                <entry key="/query/definition/apply/*/*"     value-ref="queryDefinitionApplyController"/>
170                                <entry key="/query/definition/toggle/sticky" value-ref="queryDefinitionToggleStickySessionController"/>
171
172                                <entry key="/query/definition/from/builder"  value-ref="queryDefinitionFromBuilderController"/>
173                                <entry key="/query/definition/from/result"   value-ref="queryDefinitionFromResultController"/>
174                                <entry key="/query/definition/save"          value-ref="queryDefinitionSaveController"/>
175                                <entry key="/query/definition/delete/*"      value-ref="queryDefinitionDeleteController"/>
176
177
178                                <!-- S E C U R E  -->
179                                <entry key="/secure"                                value-ref="secureSelectionController"/>
180                                <entry key="/secure/test.jsp"                       value-ref="secureTestController"/>
181                                <entry key="/secure/selection/*.html"               value-ref="secureSelectionController"/>
182                                <entry key="/secure/query/selection/**"             value-ref="secureQuerySelectionController"/>
183                                <entry key="/secure/query/builder/**"               value-ref="secureQueryBuilderController"/>
184                                <entry key="/secure/query/submit/**/*.html"         value-ref="secureQuerySubmitController"/>
185                                <entry key="/secure/query/submit/**/*.xml"          value-ref="secureQuerySubmitAndRunToXMLController"/>
186                                <entry key="/secure/query/result/**/*.html"         value-ref="secureQueryResultController"/>
187                                <entry key="/secure/query/result/**/*.xls"          value-ref="secureQueryResultController"/>
188                                <entry key="/secure/query/result/**/*.xml"          value-ref="secureQueryIBISQResultController"/>     
189                                <entry key="/secure/query/configuration/**"         value-ref="queryConfigurationController"/>
190
191                                <entry key="/secure/query/definition/detail/*/*"    value-ref="secureQueryDefinitionDetailController"/>
192                                <entry key="/secure/query/definition/result/*/*"    value-ref="secureQueryDefinitionResultController"/>
193                                <entry key="/secure/query/definition/builder/*/*"   value-ref="secureQueryDefinitionBuilderController"/>
194                                <entry key="/secure/query/definition/apply/*/*"     value-ref="secureQueryDefinitionApplyController"/>
195                                <entry key="/secure/query/definition/from/builder"  value-ref="secureQueryDefinitionFromBuilderController"/>
196                                <entry key="/secure/query/definition/from/result"   value-ref="secureQueryDefinitionFromResultController"/>
197
198
199
200                                <!-- R E P O R T
201                                <entry key="/report/*/summary/*.html"       value-ref="reportIndicatorViewController"/>
202                                <entry key="/report/*/complete/*.html"      value-ref="reportIndicatorViewController"/>
203                                <entry key="/report/highligh/**/*.html"     value-ref="reportIndicatorViewController"/>
204-->
205                                <!-- R E P O R T -->
206                                <entry key="/report/*/*/*.html"                   value-ref="reportIndicatorViewController"/>
207                                <entry key="/report/*/*.html"                     value-ref="reportHTMLContentController"/>
208
209
210                                <!-- U S E R   P R O F I L E -->
211                                <entry key="/user/Login.html"               value-ref="userLoginController"/>
212                                <entry key="/user/Selections.html"          value-ref="userSelectionsController"/>
213
214                                <entry key="/user/Registration.html"        value-ref="userEditRegistrationController"/>
215                                <entry key="/user/registration/save"        value-ref="userSaveRegistrationController"/>
216                                <entry key="/user/registration/verify/**"   value-ref="userVerifyRegistrationController"/>
217
218                                <entry key="/user/Access.html"              value-ref="userAccessController"/>
219                                <entry key="/user/status"                   value-ref="userStatusController"/>
220                                <entry key="/user/access/email"             value-ref="userEmailAccessController"/>
221<!--
222                                <entry key="/user/Profile.html"             value-ref="userEditProfileController"/>
223                                <entry key="/user/profile/save"             value-ref="userSaveProfileController"/>
224                                <entry key="/user/profile/delete"           value-ref="userDeleteProfileController"/>
225-->
226
227                                <!-- M E T A D A T A   X M L   F I L E -->
228                                <entry key="/dataportal/metadata/*.html" value-ref="viewXMLAsHTMLController"/>
229
230
231                                <!-- S E A R C H
232                                <entry key="/search" value-ref="viewSearchController"/>
233-->
234
235                                <!-- G E N E R I C   T R A S F O R M A T I O N -->
236                                <!--
237                                        This controller is needed for adhoc system reports to work. 
238                                        At one point it was thought to not enable this controller as
239                                        it could be a potential security risk because it would bypass
240                                        the spring security mechanism.  However, this is NOT the case
241                                        as the controller only can access xml files within its
242                                        configuration limitation or via the xmlURL request parameter. 
243                                        In either case if there were sensitive data in these files
244                                        they should NEVER be placed in a non secured, public facing
245                                        webapp/directory. 
246
247                                        To be safe, it is probably still best to remove this request
248                                        from production deployements.  It should only be enabled for
249                                        local query module development and testing environment where
250                                        the QM developer wants to test their XML files.
251                                -->
252                                <entry key="/view.html" value-ref="viewHTTPXMLXSLTRequestParameterController"/>
253
254                                <!-- F I L E   C O N T E N T   S T R E A M E R -->
255                                <entry key="/view/WEB-INF/**" value-ref="viewAccessDeniedController"/>
256                                <entry key="/view/**"         value-ref="viewGetFileController"/>
257
258                        </map>
259                </constructor-arg>
260        </bean>
261
262
263        <!--
264                ADOPTER BEAN DEFINITION OVERRIDES AND PROPERTY OVERRIDES
265                This section provides the adopter a mechanism to override bean definitions
266                and property values.  Theses bean definitions should be listed AFTER ALL
267                imported bean files. 
268        -->
269
270        <bean id="siteSpecificPropertyOverrides" class="org.springframework.beans.factory.config.PropertyOverrideConfigurer">
271                <description>
272                        Defines optional special property file(s) that contain property
273                        overrides.  These differ in that the beanID:propertyName is on the
274                        left side with the right containing the value to be injected into
275                        the bean.  Property files are only able to provide string and numeric
276                        type data values/value overrides.  These property files are optional
277                        and might not want to be/need to be used by an adopter to keep their
278                        configuration files more concise and simpler - the property values
279                        can simply be placed in this file.  Where property files are of
280                        value is when being deployed to different servers where each server
281                        has it's own file path, IBISQ url, JNDI name, etc.
282
283                        The locations define where these override files could be located.
284                        If one exists in all directories then the last definition is the
285                        value that eventually is used.  If the file does not exist the
286                        ignore setting specifies to move on.  If false and a file is not
287                        found then the app will not start. 
288
289                        For local development in MS-Windows put a ibisph-view.properties
290                        property override file in your c:\users\your_username directory.
291                        Only include those values needed to override/supplement your
292                        current settings already specified.
293
294                        IMPORTANT NOTES: If you have the files located outside of the webapp
295                        container you need to make sure that the file privs are setup
296                        correctly.  The ${user.home} is a special environment value that
297                        should work for Windows and Linux - again make sure of file privs.
298
299                        Property files can inject string/numeric property values into an
300                        existing object/defined bean.  Beans files define objects and that
301                        object's properties/dependent objects.
302                </description>
303                <property name="ignoreResourceNotFound" value="true"/>
304                <property name="locations">
305                        <list>
306                                <value>WEB-INF/config/SiteSpecific.properties</value>
307                                <value>file:../ibisph-view_core.properties</value>
308                                <value>file:${user.home}/ibisph-view_core.properties</value>
309                        </list>
310                </property>
311        </bean>
312
313        <!-- IBISQ REQUEST URL EXAMPLE OF NOT USING THE ABOVE property override file:
314        <bean id="queryQueryApplicationRequestBasePath" class="org.ibisph.model.StringHolder">
315                <constructor-arg value="http://123.222.100.33:8080/cgi-bin/hi_iq_func.exe"/>
316        </bean>
317        -->
318
319
320        <!-- This method invoke call verifies the existance of the published
321                indicators XML file.  If it does not exist then creates it based on the
322                existing IP XML files.  This is useful for new deployments or if the XML
323                is corrupt etc.  Typically used when the adopter wants to rebuild the
324                XML (1. delete the published IPs XML file, 2. restart the app).  The
325                admin app is responsible to maintain the published IPs XML file via an
326                IP publish request so this call should not be needed.  It is provided as
327                a safety feature that some direct content adopters may want to include.
328
329                REMOTE CONTENT NOTE: this verify service is of no value as the content
330                is located on a different server and thus can NOT create, update, delete
331                this file.  For remote content the IPs XML and published IPs XML file is
332                either managed by the admin app's publishing or by an adopter manually
333                maintaining their content.
334        <bean id="siteSpecificVerifyPublishedIndicatorsXMLFileService"
335                class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"
336        >
337                <property name="targetObject">
338                        <bean class="org.ibisph.indicatorprofile.service.PublishedIndicatorsXML">
339                                <property name="publishedIndicatorsFilePathAndName" value="#{indicatorPublishedIndicatorsFilePathAndName.string}"/>
340                                <property name="indicatorProfileFilePath" value="#{indicatorProfileFilePath.string}"/>
341                                <property name="documentDAOService"       ref="commonDocumentDAOService"/>
342                        </bean>
343                </property>
344                <property name="targetMethod" value="verifyPublishedIndicatorsXMLFile"/>
345        </bean>
346        -->
347
348
349        <bean id="securityAuthenticationProviderList" class="java.util.ArrayList">
350                <description>
351                        Defines the types of provides to be used for authenticating a user.
352                        This list can be 1:n with the first being tried then the next etc
353                        until successful/all providers have been tried.
354
355                        Note that you MUST have the appropriate/associated spring bean xml
356                        file included/imported to be able to use the selected provider.
357                </description>
358                <constructor-arg>
359                        <list>
360                                <ref bean="securityPreAuthenticatedAuthenticationProvider"/>
361                                <ref bean="securityDBAuthenticationProvider"/>
362                                <ref bean="securityXMLAuthenticationProvider"/>
363                        </list>
364                </constructor-arg>
365        </bean>
366
367        <!-- For development use the standard, non caching XSLT transformer.  Default
368                common is the caching version: org.ibisph.xslt.CachedSaxonTransformerFactory.
369        -->
370        <bean id="commonXSLTTransformerFactory" class="net.sf.saxon.TransformerFactoryImpl"/>
371
372</beans>
373
Note: See TracBrowser for help on using the repository browser.