source: main/trunk/ibisph-view/src/main/webapp/WEB-INF/config/spring/common.xml @ 19890

Last change on this file since 19890 was 19890, checked in by GarthBraithwaite_STG, 4 years ago

view - TEMP COMMIT. Changed webapp context prefix path to base request path so it is not confused with just the context path. put font icon ref into general. added contextnav css back into layout for topic indexes. css file import ordering tweaks.

File size: 27.8 KB
1<?xml version="1.0" encoding="UTF-8"?>
4        IBIS-PH View System's common Spring properties. This Spring application
5        context file contains properties are commonly used by more than one module/
6        packages within the system.  These common properties include core base
7        XML/XSLT paths and other resources used by the apps controllers.
10        <property name="someName"><null/></property>
11        <property name="someName" value="${some_system_property_name}"/>
12        <value type="">  Beans can't have a type.
14        If property starts with all CAPS - something like XMLPath which has a setter
15        like setXMLPath then the property needs to be name="XMLPath" (the bean naming
16        more than one first letters capped rule) otherwise it's lowercase then mixed
17        case like normal properties.
19        Use the "parent" attribute for child objects that are of the same type.  This basically
20        does a clone on an object so that the existing parent object's objects are copied
21        to the child - thus providing a populated base class that all child objects can
22        be implicitly populated without explicitly setting the properties.
25        All paths shall have a trailing "/".  Sub paths should never have a leading "/"
26        but will always have the trailing "/".  Base paths can have a leading "/" as
27        this represents the root of the file system.
30<beans default-lazy-init="false" default-autowire="no"
31        xmlns=""
32        xmlns:xsi=""
33        xsi:schemaLocation=""
35        <!--  C O N T E X T S   A N D   P A T H S -->
36        <!-- NOTE: Spring 3.0 provides a default servlet context bean that can be
37                used to access ServletContext properties via EL: #{servletContext.servletContextName}.
38        -->
39        <bean id="commonContentBasePath" class="org.ibisph.model.StringHolder">
40                <description>
41                        Base "Content" file path used by most internal XML and JSON file
42                        access bean configurations.  This provides a mechanism to easily
43                        locate files to a directory outside of the webapp.  This default
44                        location is the relative webapp.
45                </description>
46                <constructor-arg value=""/>
47        </bean>
49        <bean id="commonContextAndPathService" class="org.ibisph.web.ContextAndPathService"/>
51        <bean id="commonContentBasePathURL" class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
52                <property name="targetObject" ref="commonContextAndPathService"/>
53                <property name="targetMethod" value="getPathURL"/>
54                <property name="arguments"><list><value>#{commonContentBasePath.string}</value></list></property>
55        </bean>
57        <bean id="commonXMLBasePathURL" class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
58                <property name="targetObject" ref="commonContextAndPathService"/>
59                <property name="targetMethod" value="getPathURL"/>
60                <property name="arguments"><list><value>#{commonContentBasePath.string}xml/</value></list></property>
61        </bean>
62        <bean id="commonRestrictedXMLBasePathURL" class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
63                <property name="targetObject" ref="commonContextAndPathService"/>
64                <property name="targetMethod" value="getPathURL"/>
65                <property name="arguments"><list><value>#{commonContentBasePath.string}WEB-INF/xml/</value></list></property>
66        </bean>
67        <bean id="commonXSLTBasePathURL" class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
68                <property name="targetObject" ref="commonContextAndPathService"/>
69                <property name="targetMethod" value="getPathURL"/>
70                <property name="arguments"><list><value>xslt/</value></list></property>
71        </bean>
73        <bean id="commonWebAppBaseRequestPath" class="org.ibisph.model.StringHolder">
74                <description>
75                        Base application request URL path injected into the common webapp
76                        base request path model map for the XSLT code to prefix all content
77                        web page requests.  It is also used for the user self registering
78                        bean etc. 
80                        The path is optional.  It is only used in those instances when the
81                        servlet's request URL is not sufficient to get HTTP requsts to the
82                        webapp (e.g. when the webapp is behind a proxy or the webapp's
83                        context is different etc.).  When specified the value is the complete
84                        root URL prefix value consisting of the protocol, server name/address
85                        (with port if applicable), and the outside application context path. 
86                </description>
87                <constructor-arg value="http://localhost/ibisph-view/"/>
88        </bean>
91        <!-- F I L E   S E R V I C E S -->
92        <bean id="commonXMLFilePathModelService" class="org.ibisph.model.URLPathGetModelService">
93                <description>
94                        This is the main component of the primary model for most view app
95                        requests.  Most view app requests are XML/XSLT transformations.
96                        The XML/XSLT transformation process can be a parsed XML document, a
97                        complete XML string, or a URI string that is a complete file path and
98                        name that points to an XML file.  For most requests, the primary XML
99                        file is specified as part of the request URL.  Each specific model
100                        map is coded/configured to determine a specific XML file.  This
101                        service is constructed with a base file path URL.  The model map uses
102                        this service to concat its base path with the model map's more
103                        specific filename to build the complete XML file path and name to be
104                        used in the transformation. 
105                </description>
106                <property name="basePath" ref="commonXMLBasePathURL"/>
107        </bean>
108        <bean id="commonVerifiedXMLFilePathModelService" class="org.ibisph.model.VerifiedURLPathGetModelService">
109                <property name="basePath" ref="commonXMLBasePathURL"/>
110        </bean>
111        <bean id="commonXSLTFilePathModelService" class="org.ibisph.model.VerifiedURLPathGetModelService">
112                <property name="basePath" ref="commonXSLTBasePathURL"/>
113        </bean>
115        <bean id="commonDocumentDAOService" class="org.ibisph.xml.service.FileStoredDocumentDAO">
116                <description>
117                        Provides a local disk based document get, save, delete service. 
118                        This service also implements GetModelService so get(filename) works
119                        and can be used in place of the commonXMLFilePathModelService
120                        defined above when an actual XML document is wanted. 
122                        SPEED NOTE: This results in an "DOM4j DOCUMENT".  As such it *MIGHT* 
123                        be best to only use this for the a model when the XML needs to be
124                        traversed etc.  Speed appears to be slower compared to having the
125                        XSLT access a file via the "document()" call.
126                </description>
127                <property name="basePath"     ref="commonXMLBasePathURL"/>
128                <property name="escapeTextWhenSaving" value="true"/>
129                <property name="dateFormat"   ref="commonDateFormat"/>
130                <property name="outputFormat" ref="commonXMLOutputFormat"/>
131        </bean>
132        <bean id="commonRestrictedDocumentDAOService" class="org.ibisph.xml.service.FileStoredDocumentDAO">
133                <description>
134                        Provides "restricted" disk based document get, save, delete service. 
135                        This is mainly used for the user profile XML files.
136                </description>
137                <property name="basePath"     ref="commonRestrictedXMLBasePathURL"/>
138                <property name="escapeTextWhenSaving" value="true"/>
139                <property name="dateFormat"   ref="commonDateFormat"/>
140                <property name="outputFormat" ref="commonXMLOutputFormat"/>
141        </bean>
144        <!--  L O C A L S,  D A T E,  F O R M A T S  -->
145        <bean id="commonLocale" class="java.util.Locale">
146                <constructor-arg value="en"/>
147                <constructor-arg value="US"/>
148        </bean>
150        <!-- Date Format Patterns:
151                To specify the time format use a time pattern string. In this pattern, all
152                ASCII letters are reserved as pattern letters, which are defined as the following:
154                 Symbol   Meaning                 Presentation        Example
155                 ======   =====================   =================   ===================
156                 G        era designator          (Text)              AD
157                 y        year                    (Number)            1996
158                 M        month in year           (Text & Number)     July & 07
159                 d        day in month            (Number)            10
160                 h        hour in am/pm (1~12)    (Number)            12
161                 H        hour in day (0~23)      (Number)            0
162                 m        minute in hour          (Number)            30
163                 s        second in minute        (Number)            55
164                 S        millisecond             (Number)            978
165                 E        day in week             (Text)              Tuesday
166                 D        day in year             (Number)            189
167                 F        day of week in month    (Number)            2 (2nd Wed in July)
168                 w        week in year            (Number)            27
169                 W        week in month           (Number)            2
170                 a        am/pm marker            (Text)              PM
171                 k        hour in day (1~24)      (Number)            24
172                 K        hour in am/pm (0~11)    (Number)            0
173                 z        time zone               (Text)              Pacific Standard Time
174                 '        escape for text         (Delimiter)
175                 ''       single quote            (Literal)           '
177                Examples Using the US Locale:
179                Format Pattern                    Result
180                ==============================    ======================================
181                "yyyy.MM.dd G 'at' hh:mm:ss z"    1996.07.10 AD at 15:08:56 PDT
182                "EEE, MMM d, ''yy"                Wed, July 10, '96
183                "h:mm a"                          12:08 PM
184                "hh 'o''clock' a, zzzz"           12 o'clock PM, Pacific Daylight Time
185                "K:mm a, z"                       0:00 PM, PST
186                "yyyyy.MMMMM.dd GGG hh:mm aaa"    1996.July.10 AD 12:08 PM
188                "dd.MM.yy"                        09.04.98
189                "H:mm"                            18:15
190                "H:mm:ss:SSS"                     18:15:55:624
191                "K:mm a,z"                        6:15 PM,PDT
193                Serial Number: yyyy-MM-dd-HH-mm-ss-SS
194        -->
195        <bean id="commonDateFormat" class="java.text.SimpleDateFormat">
196                <constructor-arg value="EEE, d MMM yyyy HH:mm:ss z"/>
197                <constructor-arg type="java.util.Locale" ref="commonLocale"/>
198        </bean>
199        <bean id="commonBackupFileDateSerialNumberDateFormat" class="java.text.SimpleDateFormat">
200                <constructor-arg value="yyyy-MM-dd-HH-mm-ss-SS"/>
201                <constructor-arg type="java.util.Locale" ref="commonLocale"/>
202        </bean>
205        <!--  M O D E L   M A P   R E S O U R C E S -->
206        <bean id="commonCurrentUserService" class="org.ibisph.user.service.CurrentUser"/>
208        <bean id="commonXMLModelMapKey" class="org.ibisph.model.StringHolder">
209                <constructor-arg value="XML"/>
210        </bean>
212        <bean id="commonSimpleBlankXMLModelMap" class="org.ibisph.modelmap.SimpleGetModelMap">
213                <description>
214                        Provides an XML model map for those XSLT/XML transformations where
215                        an XML documnt/file does not exist - like the user/* pages.
216                </description>
217                <property name="modelMapKey" value="#{commonXMLModelMapKey.string}"/>
218                <property name="model"><value><![CDATA[<?xml version="1.0" encoding="UTF-8"?><BLANK/>]]></value></property>
219        </bean>
221        <bean id="commonXMLServiceModelMapProperties" abstract="true">
222                <description>
223                        Core XML model map properties used by IP, Query, CP and other beans.
224                </description>
225                <property name="modelMapKey" value="#{commonXMLModelMapKey.string}"/>
226                <property name="getModelService" ref="commonXMLFilePathModelService"/>
227        </bean>
230        <!-- S T A T I C / C A C H E D   X M L   M O D E L   M A P S -->
231        <!-- The ModelFromFilePathAndNameService has an option to cache and clear
232                the cache XML docs.  As of 11/1/2018 the caching is not set.  At some
233                future point this caching can be set to true.  This should only be done
234                once a data admin publish request is implemented that clears the cached
235                XML doc object e.g. reloads it. 
237                Currently, because there is not a reload the cache when published mechanism,
238                this implmentation is not efficienet.  Previous versions used the XLST
239                file/document.  It is now coded to use java to load the doc for each req
240                simply so that the future configurations and XSLT does not have to be
241                reworked.
242        -->
243        <bean id="commonAncillaryValuesModelMap" class="org.ibisph.modelmap.ModelFromFilePathAndNameService">
244                <description>Document version of the published AncillaryValues XML.</description>
245                <property name="modelMapKey"     value="AncillaryValues"/>
246                <property name="getModelService" ref="commonDocumentDAOService"/>
247                <property name="filePathAndName" value="ancillary_values.xml"/>
248        </bean>
249        <bean id="commonDataSourcesModelMap" class="org.ibisph.modelmap.ModelFromFilePathAndNameService">
250                <description>Document version of the published DataSources XML.</description>
251                <property name="modelMapKey"     value="DataSources"/>
252                <property name="getModelService" ref="commonDocumentDAOService"/>
253                <property name="filePathAndName" value="data_sources.xml"/>
254        </bean>
255        <bean id="commonDimensionsModelMap" class="org.ibisph.modelmap.ModelFromFilePathAndNameService">
256                <description>Document version of the published Dimensions XML.</description>
257                <property name="modelMapKey"     value="Dimensions"/>
258                <property name="getModelService" ref="commonDocumentDAOService"/>
259                <property name="filePathAndName" value="dimensions.xml"/>
260        </bean>
261        <bean id="commonMeasuresModelMap" class="org.ibisph.modelmap.ModelFromFilePathAndNameService">
262                <description>Document version of the published Measures XML.</description>
263                <property name="modelMapKey"     value="Measures"/>
264                <property name="getModelService" ref="commonDocumentDAOService"/>
265                <property name="filePathAndName" value="measures.xml"/>
266        </bean>
267        <bean id="commonValueTypesModelMap" class="org.ibisph.modelmap.ModelFromFilePathAndNameService">
268                <description>Document version of the published ValueTypes XML.</description>
269                <property name="modelMapKey"     value="ValueTypes"/>
270                <property name="getModelService" ref="commonDocumentDAOService"/>
271                <property name="filePathAndName" value="value_types.xml"/>
272        </bean>
273        <bean id="commonValueAttributesModelMap" class="org.ibisph.modelmap.ModelFromFilePathAndNameService">
274                <description>Document version of the published ValueAttributes XML.</description>
275                <property name="modelMapKey"     value="ValueAttributes"/>
276                <property name="getModelService" ref="commonDocumentDAOService"/>
277                <property name="filePathAndName" value="value_attributes.xml"/>
278        </bean>
279        <bean id="commonChartsModelMap" class="org.ibisph.modelmap.ModelFromFilePathAndNameService">
280                <description>Document version of the published Charts XML.</description>
281                <property name="modelMapKey"     value="Charts"/>
282                <property name="getModelService" ref="commonDocumentDAOService"/>
283                <property name="filePathAndName" value="charts.xml"/>
284        </bean>
285        <bean id="commonMapsModelMap" class="org.ibisph.modelmap.ModelFromFilePathAndNameService">
286                <description>Document version of the published Maps XML.</description>
287                <property name="modelMapKey"     value="Maps"/>
288                <property name="getModelService" ref="commonDocumentDAOService"/>
289                <property name="filePathAndName" value="maps.xml"/>
290        </bean>
291        <bean id="commonOrgUnitsModelMap" class="org.ibisph.modelmap.ModelFromFilePathAndNameService">
292                <description>
293                        Injects the XML doc.  This helps with speed as the doc
294                        is only read/parsed once.  Con of this approach is that
295                        bean needs an event listener to reload when published.
296                </description>
297                <property name="modelMapKey"     value="OrgUnits"/>
298                <property name="getModelService" ref="commonDocumentDAOService"/>
299                <property name="filePathAndName" value="org_units.xml"/>
300        </bean>
303        <!-- P A T H   A N D   R E Q U E S T   M O D E L   M A P S -->
304        <bean id="commonContentBasePathModelMap" class="org.ibisph.modelmap.SimpleGetModelMap">
305                <description>
306                        Used by XSLT to dynamically access the 2ndardy XML
307                        files as well as leaflet map and kendo json files.
308                        Injected into the main Page.xslt.
309                </description>
310                <property name="modelMapKey" value="ContentBasePath"/>
311                <property name="model"       ref="commonContentBasePathURL"/>
312        </bean>
314        <bean id="commonWebAppBasePathModelMap" class="org.ibisph.web.modelmap.WebAppBaseRequestPathFromHTTPRequest">
315                <description>
316                        Complete remote/external webapp HTTP request base path prefix used
317                        to access internet content and webapp requests (e.g. prefix used
318                        for all requests from a user's browswer).  This model map is injected
319                        into all XSLT type page requests so that the code can build the
320                        explicit, fully qualified request paths.
322                        If the webappBaseRequestPath is blank then this model map will use
323                        webapp's base servlet request context URL value. 
324                </description>
325                <property name="webappBaseRequestPath" value="#{commonWebAppBaseRequestPath.string}"/>
326                <property name="modelMapKey" value="WebAppBaseRequestPath"/>
327        </bean>
329        <bean id="commonHTTPRequestParametersModelMap" class="org.ibisph.web.modelmap.HTTPRequestParameters">
330                <description>
331                        Provides a simple mechanism to pass URL req params to the XSLT
332                        code.  Note that this does NOT differentiate between GET and
333                        POST so might have to remove this in some special cases - like
334                        not needed for the query module builder post etc.
335                </description>
336                <property name="modelMapKey" value="HTTPRequestParameters"/>
337        </bean>
338        <bean id="commonHTTPRequestPathSegmentsModelMap" class="org.ibisph.web.modelmap.PathSegmentsFromHTTPRequest">
339                <description>
340                        Provides the path segments to the view.  This is needed
341                        for context menu file name and the request path bread
342                        crumbs.
343                </description>
344                <property name="modelMapKey" value="PathSegments"/>
345        </bean>
346        <bean id="commonModifiedDateModelMap" class="org.ibisph.modelmap.AddModelDateModelToModelMap">
347                <property name="sourceModelModelMapKey"   value="#{commonXMLModelMapKey.string}"/>
348                <property name="formattedDateModelMapKey" value="XMLModifedDate"/>
349                <property name="dateFormat"               ref="commonDateFormat"/>
350                <property name="sourceModelDateXPathList">
351                        <list>
352                                <value>LAST_MODIFIED</value>
353                                <value>MODIFIED_DATE</value>
354                        </list>
355                </property>
356        </bean>
358        <bean id="commonUserProfileModelMap" class="org.ibisph.user.modelmap.CurrentUserDocument">
359                <property name="modelMapKey"        value="UserProfile"/>
360                <property name="currentUserService" ref="commonCurrentUserService"/>
361        </bean>
364        <!-- C O N T R O L L E R   R E S O U R C E S -->
365        <bean id="commonNoCacheHTTPResponseHeaders" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
366                <description>
367                        no cache type headers
368                </description>
369                <property name="properties">
370                        <props>
371                                <prop key="Pragma">no-cache</prop>
372                                <prop key="Expires">Fri, 12 Dec 1980 23:23:23 GMT</prop>
373                                <prop key="Cache-Control">no-cache, private, s-maxage=0, max-age=0, must-revalidate, proxy-revalidate, no-store</prop>
374                                <prop key="Cache-Control">post-check=0, pre-check=0</prop>
375                        </props>
376                </property>
377        </bean>
378        <bean id="commonHTTPResponseHeaders" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
379                <description>
380                        common security headers.  See:
383                        Note: ajax json requests are typically blocked by most browsers (CORS).
384                        e.g. file:, http:, https:, ftp: are all not acceptable if outside of
385                        the current domain when making a XMLHttpRequest. 
386                        see:
389                        Can also set header name="Access-Control-Allow-Origin" value="*"
390                </description>
391                <property name="properties">
392                        <props>
393                                <prop key="X-XSS-Protection">1</prop>
394                                <prop key="X-Content-Type-Options">nosniff</prop>
395                                <prop key="X-Frame-Options">DENY</prop>
396                                <prop key="Strict-Transport-Security">max-age=31536000</prop>
397                        </props>
398                </property>
399        </bean> 
401        <bean id="commonModelMapListController" abstract="true" class="org.ibisph.web.springmvc.ModelMapListProcessingController">
402                <description>
403                        Provides base of all HTML page type controllers.  Defines the
404                        ModelMapListProcessingController class, the additional modelmaps that
405                        most pages use, and the HTTPResponseHeaders (typically setup to
406                        handle XSS security).
407                </description>
408                <property name="additionalModelMapList">
409                        <list>
410                                <ref bean="commonContentBasePathModelMap"/>
411                                <ref bean="commonWebAppBasePathModelMap"/>
412                                <ref bean="commonHTTPRequestPathSegmentsModelMap"/>
413                                <ref bean="commonHTTPRequestParametersModelMap"/>
414                                <ref bean="commonOrgUnitsModelMap"/>
415                                <ref bean="commonUserProfileModelMap"/>
416                                <ref bean="commonModifiedDateModelMap"/>
417                        </list>
418                </property>
419                <property name="HTTPResponseHeaders" ref="commonHTTPResponseHeaders"/>
420        </bean>
424        <!--  X M L   R E S O U R C E S  -->
425        <bean id="commonXMLEncodingScheme" class="org.ibisph.model.StringHolder">
426                <description>
427                        XML encoding scheme used when creating an XML file and Request character
428                        encoding.  Both of these should work: "UTF-8", "ISO-8859-1", however, UTF-8
429                        had some problems with some data.  ISO-8859-1 is an 8 bit subset of the 16
430                        bit unicode UTF-8 character set and is used for western english characters.
431                </description>
432                <constructor-arg value="ISO-8859-1"/>
433        </bean>
435        <bean id="commonXMLOutputFormat" class="">
436                <property name="encoding"   value="#{commonXMLEncodingScheme.string}"/>
437                <property name="indentSize" value="1"/>     <!-- count of indents -->
438                <property name="indent"     value="&#09;"/> <!-- tab value: &#09; = horizontal tab or spaces etc -->
439                <property name="newlines"   value="true"/>  <!-- if true puts next element on new line -->
440                <property name="padText"    value="false"/> <!-- if true just adds extra blank line inbetween... -->
441                <property name="trimText"   value="true"/>  <!-- strips white space.  Do NOT set to true for IPs as embedded CRs will be lost -->
442        </bean>
445        <!--  X S L T   T R A N S F O R M A T I O N   R E S O U R C E S  -->
446        <!-- The main function is to set the XSLT transformation factory to be used.
447                This mechanism allows for a pluggable XSLT engine to be explicitly used.
448                This can be set as a system property but doing so can impact other apps
449                that are installed on the same app server which require/rely on other
450                versions of an XSLT processor (typically XALAN).  If the factory is not
451                explicitly set then the app server's/JVM's default XSLT engine will be
452                used (via JAXP - typically XALAN which will NOT work for IBIS as of 2008). 
454                NOTES:
455                - This factory must be XSLT v2.0 (at this point Saxon is the best
456                solution - XALAN 2.x will NOT work for IBIS as it is v1.x). 
458                - Removed the IBIS transformer factory type classes in late 2008 as they
459                were not needed.  If XALAN ever goes to 2.0 and adopters want to use then
460                those objects can be resurrected or new XALAN objects can be created as
461                needed.
463                PRODUCTION: It is highly recommended to use the caching Saxon XSLT engine:
464                <bean id="commonXSLTTransformerFactory" class="org.ibisph.xslt.CachedSaxonTransformerFactory"/>
466                XSLT DEVELOPMENT: Use the normal, thread safe non caching Saxon XSLT
467                Transformation Factory.  This avoids having to restart the app or touch
468                the core XSLT file.
469                <bean id="commonXSLTTransformerFactory" class="net.sf.saxon.TransformerFactoryImpl"/>
470        -->
471        <bean id="commonXSLTTransformerFactory" class="org.ibisph.xslt.CachedSaxonTransformerFactory"/>
472        <bean id="commonXSLTTransformation" class="org.ibisph.xslt.Transformation">
473                <constructor-arg ref="commonXSLTTransformerFactory"/>
474        </bean>
475        <bean id="commonXSLTTransformationView" class="org.ibisph.xml.springmvc.XSLTXMLTransformationView">
476                <description>
477                        Core transformation view that almost all views use/extend from.
478                </description>
479                <constructor-arg ref="commonXSLTTransformation"/>
480                <property name="XMLModelMapKey"     value="#{commonXMLModelMapKey.string}"/>
481                <property name="XSLTURLModelMapKey" value="XSLT"/>
482                <property name="XSLTURLGetModelService" ref="commonXSLTFilePathModelService"/> 
483        </bean>
486        <bean id="commonXSSStringValidator" class="org.ibisph.util.ExclusionRegexFindStringValidator">
487                <description>
488                        Series of regex that attempts to detect XSS - injected javascript.  For
489                        IBIS the main issue is that you could embed some script into a saved
490                        query and a user could then share that saved query def with another
491                        user.  When that user opens the saved query it could execute some
492                        script that could do a few things.  However, this is quickly found as
493                        the victim can report it and the admin can see exactly which user is
494                        the offender and take action. 
496                        This validator will catch very basic XSS and is provided mostly for
497                        IT departments to feel better about things.  To do this right the
498                        text MUST be processed as HTML and parsed to being valid etc.
499                </description>
500                <property name="regEx">
501                        <list>
502                                <value>javascript:|&lt;\s*script.*?\s*&gt;</value>
503                        </list>
504                </property>
505        </bean>
507        <bean id="commonXMLStringCleaner" class="org.ibisph.util.ReplacementStringCleaner">
508                <description>Cleans/replaces characters.  Stubbed out for now...</description>
509                <property name="replacementCharsMap">
510                        <map>
511                                <entry key="‘" value="'"/>
512                                <entry key="’" value="'"/>
513                        </map>
514                </property> 
515        </bean>
518        <!--  E X C E P T I O N   R E S O L V E R  -->
520        <!-- Exception Resolvers are typically a list of exceptions with associated
521                views to be used to display an error for a given type of exception. 
522                Note that the resolver is ONLY used for exceptions thrown/uncaught
523                within controller objects e.g. objects controlled by the Request Dispatcher
524                servlet/container.  For "view" related errors a HandlerInterceptor
525                is needed see:
529                Other types of errors that happen outside of the servlet (like filter
530                errors) are also not able to be handled.  Many of these errors that occur
531                within the IBIS applications are view related and due to the fact that
532                the web.xml error handling can be used to handle ALL types of errors,
533                there's not much value in an ErrorResolver.  As if 2010, all errors
534                simply go through to the container which will then use the web.xml
535                which uses a centralized error jsp to handle all errors.  The error
536                page logs the error and returns an error page to the user.  The two
537                major down sides to this centralized JSP approach is that 1) the error
538                JSP has to be bullet proof, and 2) the error handling is limited to
539                what can be done within a JSP.  The pro to this approach is that it
540                is all centralized and handled consistently.
541        -->
543        <!-- Below is a basic ExceptionResolver that many Spring MVC apps implement.
544                Specific exceptions are handled by the simple exception to view resolver
545                This resolver needs to be used first and MUST not be configured to do the
546                general error handling as the next resolver will not be called.  Note that
547                this can be setup to handle everything but it's was easier to understand
548                and control doing this way.
550        <bean id="commonSpecificExceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
551                <property name="order" value="1"/>
552                <property name="defaultStatusCode" value="700"/>
553                <property name="defaultErrorView" value="/WEB-INF/jsp/error/detail.jsp"/>
554                <property name="exceptionAttribute" value="Exception"/>
555                <property name="mappedHandlers">
556                        <set><value>java.lang.Throwable</value><ref local="commonDefault.ExceptionHandler"/></set>
557                </property>
558                <property name="exceptionMappings">
559                        <props>
560                                <prop key="org.ibisph.web.springmvc.controller.query.NullModuleException">Query.NullModuleDocument.View</prop>
561                                <prop key="java.lang.Exception ">Query.NullModuleDocument.View</prop>
562                        </props>
563                </property>
564        </bean>
566        For many years a simple logging type ExceptionResolver was used.  The code
567        below is left in case the logging exception handler is wanted by an adopter.
569        <bean id="commonDefaultExceptionHandler" class="org.ibisph.web.springmvc.LoggingControllerExceptionHandler">
570                <property name="order" value="1"/>
571        </bean>
572        -->
Note: See TracBrowser for help on using the repository browser.