src/main/webapp/WEB-INF/context/applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to Apereo under one or more contributor license
agreements. See the NOTICE file distributed with this work
for additional information regarding copyright ownership.
Apereo licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file
except in compliance with the License. You may obtain a
copy of the License at the following location:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
<context:property-placeholder location="classpath:configuration.properties"/>
<context:component-scan base-package="org.jasig.portlet.proxy.service"/>
<context:annotation-config/>
<!--
| Supports encrypted properties within the location(s) listed in this
| bean. The password is the environment variable "UP_JASYPT_KEY"
| (see http://www.jasypt.org/).
+-->
<bean id="propertyConfigurer" class="org.springframework.context.support.PortalPropertySourcesPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:datasource.properties</value>
<value>classpath:configuration.properties</value>
<!--
| The following optional files allow deployers to set or override most
| configuration settings in a manner that is outside the footprint of the
| build/deploy cycle and SCM.
|
| Reasons for choosing that may include:
| - Desire to keep sensitive information out of your Git repository
| - Ability to change some common settings without a full build and deploy cycle
| - Building a WAR/EAR that is environment-independent
|
| Any property defined in the above files that is referenced in the Spring context
| may be overridden in one (or both) of these files. Later files override earlier
| files.
|
| The conventional location of ${portal.home} is ${catalina.base}/portal; but you
| can (typically) override that location using a PORTAL_HOME environment variable.
| (Ultimately it depends on your setenv.sh or setenv.bat file.)
|
| The first file (global.properties) may contain properties that are shared with
| other modules (e.g. portlets) in Tomcat. Several Apereo portlets source
| global.properties automatically. The second file (web-proxy.properties) is
| (should be) sourced by this module exclusively.
+-->
<value>file:${portal.home}/global.properties</value>
<value>file:${portal.home}/web-proxy.properties</value>
</list>
</property>
</bean>
<bean class="org.apache.http.impl.conn.PoolingClientConnectionManager"
p:maxTotal="50" p:defaultMaxPerRoute="10"/>
<util:list id="replayedRequestHeaders">
<value>user-agent</value>
</util:list>
<util:list id="knownHtmlContentTypes">
<value>.*text/html.*</value>
</util:list>
<util:map id="urlRewritingActionElements">
<entry key="a"><set><value>href</value></set></entry>
<entry key="area"><set><value>href</value></set></entry>
<entry key="base"><set><value>href</value></set></entry>
<entry key="frame"><set><value>src</value></set></entry>
<entry key="iframe"><set><value>src</value></set></entry>
<entry key="q"><set><value>cite</value></set></entry>
<entry key="ins"><set><value>cite</value></set></entry>
<entry key="del"><set><value>cite</value></set></entry>
<entry key="form"><set><value>action</value></set></entry>
<entry key="meta"><set><value>url</value></set></entry>
</util:map>
<util:map id="urlRewritingResourceElements">
<entry key="link"><set><value>href</value></set></entry>
<entry key="img">
<set>
<value>src</value>
<value>lowsrc</value>
<value>usemap</value>
</set>
</entry>
<entry key="embed"><set><value>src</value></set></entry>
<entry key="script"><set><value>src</value></set></entry>
<entry key="body"><set><value>background</value></set></entry>
<entry key="applet"><set><value>codebase</value></set>
</entry>
</util:map>
<!-- CHANGE THE VALUE OF THE PASSWORD IN configuration.properties BEFORE USING THIS SERVICE!! -->
<bean id="stringEncryptionService" class="org.jasig.portlet.proxy.security.JasyptPBEStringEncryptionServiceImpl">
<property name="stringEncryptor">
<bean class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="password" value="${encryption.salt}"/>
</bean>
</property>
</bean>
<!--
| Common web config normally specified in *-portlet.xml rather than root ApplicationContext.
Specified here to avoid duplication in each *-portlet.xml file and multiple instantiations.
+-->
<!-- Message source for this context, loaded from localized "messages_xx" files -->
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource"
p:basenames="messages" p:useCodeAsDefaultMessage="true"/>
<bean id="viewSelector" class="org.jasig.portlet.proxy.mvc.ThemeNameViewSelectorImpl"/>
<!--
| View resolvers, look for a named view bean before going to JSP resolution
+-->
<bean class="org.springframework.web.servlet.view.XmlViewResolver"
p:order="0" p:location="/WEB-INF/context/views.xml"/>
<!-- Default View Resolver -->
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="cache" value="${viewResCache}"/>
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/jsp/"/>
<property name="suffix" value=".jsp"/>
<property name="alwaysInclude" value="true"/> <!-- To allow ResourceMapping to include full HTML JSP page -->
</bean>
<bean id="exceptionResolver" class="org.springframework.web.portlet.handler.SimpleMappingExceptionResolver">
<!--
| Always declare an 'exceptionResolver' bean with a 'defaultErrorView'
| because, in addition to other uses, it protects the portlet from
| failing when a bad request (due to a bug or malicious user) doesn't
| match any declared @RequestMapping. When this happens, the portlet
| throws an Exception and takes itself out of service until a portal
| restart. THIS CONDITION AFFECTS ALL USERS!
+-->
<property name="exceptionMappings">
<props>
<!-- Exception thrown when an error is raised during initialization, such as when
the encryption password is not set for password based encryptor -->
<prop key="org.jasig.portlet.proxy.security.StringEncryptionException">pswEncError</prop>
</props>
</property>
<property name="defaultErrorView" value="error"/>
</bean>
<!--
| CAS PROXY AUTHENTICATION CONFIGURATION
+-->
<!-- Ticket validation filter -->
<bean id="ticketValidationFilter"
class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter"
p:serverName="${portal.server.base.url}" p:redirectAfterValidation="false"
p:proxyReceptorUrl="/proxy/receptor" p:ticketValidator-ref="ticketValidator"
p:proxyGrantingTicketStorage-ref="proxyGrantingTicketStorage"/>
<!-- CAS proxy ticket validator -->
<bean id="ticketValidator"
class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator"
p:proxyCallbackUrl="${portal.server.base.url}/${portlet.context}/proxy/receptor"
p:proxyGrantingTicketStorage-ref="proxyGrantingTicketStorage"
p:acceptAnyProxy="true">
<constructor-arg index="0" value="${cas.server.base.url}" />
</bean>
<bean id="proxyGrantingTicketStorage"
class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl"/>
<bean id="springELProcessor" class="org.jasig.portlet.spring.SpringELProcessor">
</bean>
<!-- End of common config -->
</beans>