1 <?xml version="1.0" encoding="UTF-8"?>
3 Licensed to the Apache Software Foundation (ASF) under one or more
4 contributor license agreements. See the NOTICE file distributed with
5 this work for additional information regarding copyright ownership.
6 The ASF licenses this file to You under the Apache License, Version 2.0
7 (the "License"); you may not use this file except in compliance with
8 the License. You may obtain a copy of the License at
10 http://www.apache.org/licenses/LICENSE-2.0
12 Unless required by applicable law or agreed to in writing, software
13 distributed under the License is distributed on an "AS IS" BASIS,
14 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 See the License for the specific language governing permissions and
16 limitations under the License.
19 <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
21 <display-name>Jackrabbit JCR Server</display-name>
24 <param-name>webAppRootKey</param-name>
25 <param-value>jack23</param-value>
29 <param-name>contextConfigLocation</param-name>
30 <param-value>/WEB-INF/applicationContext-cache.xml;
31 /WEB-INF/applicationContext-security.xml;
35 <param-name>log4jConfigLocation</param-name>
36 <param-value>/WEB-INF/classes/log4j.properties</param-value>
41 <filter-name>springSecurityFilterChain</filter-name>
42 <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
44 <param-name>targetBean</param-name>
45 <param-value>springSecurityFilterChain</param-value>
49 <filter-name>springSecurityFilterChain</filter-name>
50 <url-pattern>/*</url-pattern>
55 <filter-name>Spring character encoding filter</filter-name>
56 <filter-class>org.springframework.web.filter.CharacterEncodingFilter
59 <param-name>encoding</param-name>
60 <param-value>UTF-8</param-value>
63 <param-name>forceEncoding</param-name>
64 <param-value>true</param-value>
69 <filter-name>Spring character encoding filter</filter-name>
70 <url-pattern>/*</url-pattern>
73 <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
77 <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
84 <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
90 <!-- Releases all Derby resources when the webapp is undeployed. -->
91 <!-- See https://issues.apache.org/jira/browse/JCR-1301 -->
93 org.apache.jackrabbit.j2ee.DerbyShutdown
97 <!-- ====================================================================== -->
98 <!-- R E P O S I T O R Y S T A R T U P S E R V L E T -->
99 <!-- ====================================================================== -->
101 <servlet-name>RepositoryStartup</servlet-name>
103 Repository servlet that starts the repository and registers it to JNDI ans RMI.
104 If you already have the repository registered in this appservers JNDI context,
105 or if its accessible via RMI, you do not need to use this servlet.
107 <servlet-class>org.apache.jackrabbit.j2ee.RepositoryStartupServlet</servlet-class>
110 <param-name>bootstrap-config</param-name>
111 <param-value>jackrabbit/bootstrap.properties</param-value>
113 Property file that hold the same initialization properties than
114 the init-params below. If a parameter is specified in both
115 places the one in the bootstrap-config wins.
121 <param-name>repository-config</param-name>
122 <param-value>/WEB-INF/repository/repository.xml</param-value>
123 <description>the repository config location</description>
127 <param-name>repository-home</param-name>
128 <param-value>jackrabbit/repository</param-value>
129 <description>the repository home</description>
133 <param-name>repository-name</param-name>
134 <param-value>jackrabbit.repository</param-value>
135 <description>Repository Name under which the repository is registered via JNDI/RMI</description>
140 the following 3 parameters deal with registering the repository to
141 a RMI registry. if all parameters are omitted, the repository will
146 <param-name>rmi-port</param-name>
147 <param-value>0</param-value>
149 The RMI port for registering the repository in the RMI Registry.
150 If equals 0, the default port is used.
154 <param-name>rmi-host</param-name>
155 <param-value>localhost</param-value>
157 The RMI host for registering the repository in the RMI Registry.
158 If equals "" or missing, the default host is used.
162 <param-name>rmi-uri</param-name>
163 <param-value></param-value>
165 The RMI uri for registering the repository in the RMI Registry.
166 If missing, the uri is composed using the other rmi parameters
167 and will have the format: //{rmi-host}:{rmi-port}/{repository-name}
172 JNDI environment variables for creating the initial context
173 (all init parameters starting with java.naming.* will be added to the initial context environment).
177 <param-name>java.naming.provider.url</param-name>
178 <param-value>http://www.apache.org/jackrabbit</param-value>
181 <param-name>java.naming.factory.initial</param-name>
182 <param-value>org.apache.jackrabbit.core.jndi.provider.DummyInitialContextFactory</param-value>
185 <load-on-startup>2</load-on-startup>
189 <!-- ====================================================================== -->
190 <!-- R E P O S I T O R Y S E R V L E T -->
191 <!-- ====================================================================== -->
193 <servlet-name>Repository</servlet-name>
195 This servlet provides other servlets and jsps a common way to access
196 the repository. The repository can be accessed via JNDI, RMI or Webdav.
198 <servlet-class>org.apache.jackrabbit.j2ee.RepositoryAccessServlet</servlet-class>
201 <param-name>bootstrap-config</param-name>
202 <param-value>jackrabbit/bootstrap.properties</param-value>
204 Property file that hold the same initialization properties than
205 the init-params below. If a parameter is specified in both
206 places the one in the bootstrap-config wins.
211 <param-name>repository.context.attribute.name</param-name>
212 <param-value>javax.jcr.Repository</param-value>
214 If this is set, the RepositoryAccessServlet expects a Repository in the ServletContext
215 attribute having this name. This allows servlets of this module to be used with repositories
216 initialized by the jackrabbit-jcr-servlet module utilities.
222 <param-name>repository-name</param-name>
223 <param-value>jackrabbit.repository</param-value>
224 <description>Repository Name that is used to retrieve it via JNDI</description>
228 JNDI environment variables for creating the initial context
229 (all init parameters starting with java.naming.* will be added to the initial context environment).
233 <param-name>java.naming.provider.url</param-name>
234 <param-value>http://www.apache.org/jackrabbit</param-value>
237 <param-name>java.naming.factory.initial</param-name>
238 <param-value>org.apache.jackrabbit.core.jndi.provider.DummyInitialContextFactory</param-value>
242 RMI url, if RMI remoting is needed
246 <param-name>rmi-uri</param-name>
247 <param-value>///jackrabbit.repository</param-value>
248 <description>The URI for the RMI connection.</description>
252 <load-on-startup>3</load-on-startup>
255 <!-- ====================================================================== -->
256 <!-- W E B D A V S E R V L E T -->
257 <!-- ====================================================================== -->
259 <servlet-name>Webdav</servlet-name>
261 The webdav servlet that connects HTTP request to the repository.
263 <servlet-class>org.apache.jackrabbit.j2ee.SimpleWebdavServlet</servlet-class>
266 <param-name>resource-path-prefix</param-name>
267 <param-value>/repository</param-value>
269 defines the prefix for spooling resources out of the repository.
274 <param-name>missing-auth-mapping</param-name>
275 <param-value>anonymous:anonymous</param-value>
277 Defines how a missing authorization header should be handled.
278 1) If this init-param is missing, a 401 response is generated.
279 This is suitable for clients (eg. webdav clients) for which
280 sending a proper authorization header is not possible if the
281 server never sent a 401.
282 2) If this init-param is present with an empty value,
283 null-credentials are returned, thus forcing an null login
285 3) If this init-param is present with the value 'guestcredentials'
286 java.jcr.GuestCredentials are used to login to the repository.
287 4) If this init-param has a 'user:password' value, the respective
288 simple credentials are generated.
293 Optional parameter to define the value of the 'WWW-Authenticate' header
297 <param-name>authenticate-header</param-name>
298 <param-value>Basic realm="Jackrabbit Webdav Server"</param-value>
300 Defines the value of the 'WWW-Authenticate' header.
305 Parameter used to configure behaviour of webdav resources such as:
306 - distinction between collections and non-collections
310 <param-name>resource-config</param-name>
311 <param-value>/WEB-INF/config.xml</param-value>
313 Defines various dav-resource configuration parameters.
317 Optional parameter to define the behaviour of the referrer-based CSRF protection
321 <param-name>csrf-protection</param-name>
322 <param-value>host1.domain.com,host2.domain.org</param-value>
324 Defines the behaviour of the referrer based CSRF protection
325 1) If omitted or left empty the (default) behaviour is to allow only requests with
326 an empty referrer header or a referrer host equal to the server host
327 2) May also contain a comma separated list of additional allowed referrer hosts
328 3) If set to 'disabled' no referrer checking will be performed at all
332 <load-on-startup>4</load-on-startup>
335 <!-- ====================================================================== -->
336 <!-- J C R R E M O T I N G S E R V L E T -->
337 <!-- ====================================================================== -->
339 <servlet-name>JCRWebdavServer</servlet-name>
341 The servlet used to remote JCR calls over HTTP.
343 <servlet-class>org.apache.jackrabbit.j2ee.JcrRemotingServlet</servlet-class>
345 <param-name>missing-auth-mapping</param-name>
346 <param-value></param-value>
348 Defines how a missing authorization header should be handled.
349 1) If this init-param is missing, a 401 response is generated.
350 This is suitable for clients (eg. webdav clients) for which
351 sending a proper authorization header is not possible if the
352 server never sent a 401.
353 2) If this init-param is present with an empty value,
354 null-credentials are returned, thus forcing an null login
356 3) If this init-param is present with the value 'guestcredentials'
357 java.jcr.GuestCredentials are used to login to the repository.
358 4) If this init-param has a 'user:password' value, the respective
359 simple credentials are generated.
363 Optional parameter to define the value of the 'WWW-Authenticate' header
367 <param-name>authenticate-header</param-name>
368 <param-value>Basic realm="Jackrabbit Webdav Server"</param-value>
370 Defines the value of the 'WWW-Authenticate' header.
375 <param-name>resource-path-prefix</param-name>
376 <param-value>/server</param-value>
378 defines the prefix for spooling resources out of the repository.
382 Init parameters specific for JcrRemotingServlet
386 <param-name>home</param-name>
387 <param-value></param-value>
388 <description>JcrRemotingServlet: Optional home directory for JcrRemotingServlet temporary files (default: "jackrabbit")</description>
391 <param-name>temp-directory</param-name>
392 <param-value></param-value>
393 <description>JcrRemotingServlet: Optional temporary directory name (under home, default: "tmp")</description>
397 <param-name>batchread-config</param-name>
398 <param-value>/WEB-INF/batchread.properties</param-value>
399 <description>JcrRemotingServlet: Optional mapping from node type names to default depth.</description>
402 <param-name>concurrency-level</param-name>
403 <param-value>50</param-value>
404 <description>Number of concurrent requests expected. Default value is 50.</description>
407 Optional parameter to define the behaviour of the referrer-based CSRF protection
411 <param-name>csrf-protection</param-name>
412 <param-value>host1.domain.com,host2.domain.org</param-value>
414 Defines the behaviour of the referrer based CSRF protection
415 1) If omitted or left empty the (default) behaviour is to allow only requests with
416 an empty referrer header or a referrer host equal to the server host
417 2) May also contain a comma separated list of additional allowed referrer hosts
418 3) If set to 'disabled' no referrer checking will be performed at all
421 --> <load-on-startup>5</load-on-startup>
424 <!-- ====================================================================== -->
425 <!-- R M I B I N D I N G S E R V L E T -->
426 <!-- ====================================================================== -->
428 <servlet-name>RMI</servlet-name>
429 <servlet-class>org.apache.jackrabbit.servlet.remote.RemoteBindingServlet</servlet-class>
432 <!-- ====================================================================== -->
433 <!-- S E R V L E T M A P P I N G -->
434 <!-- ====================================================================== -->
436 <servlet-name>RepositoryStartup</servlet-name>
437 <url-pattern>/admin/*</url-pattern>
440 <servlet-name>Webdav</servlet-name>
441 <url-pattern>/repository/*</url-pattern>
444 <servlet-name>JCRWebdavServer</servlet-name>
445 <url-pattern>/server/*</url-pattern>
448 <servlet-name>RMI</servlet-name>
449 <url-pattern>/rmi</url-pattern>
452 <!-- ====================================================================== -->
453 <!-- W E L C O M E F I L E S -->
454 <!-- ====================================================================== -->
456 <welcome-file>index.jsp</welcome-file>
460 <exception-type>org.apache.jackrabbit.j2ee.JcrApiNotFoundException</exception-type>
461 <location>/error/classpath.jsp</location>
464 <exception-type>javax.jcr.RepositoryException</exception-type>
465 <location>/error/repository.jsp</location>