Author: shijh
Date: Sat Sep 17 13:02:36 2016
New Revision: 1761214
URL: http://svn.apache.org/viewvc?rev=1761214&view=rev
Log:
Implemented: To follow Jacopo's change (rev. 1760725) on ControlFilter, cleaned
up the OFBizSolrContextFilter and setup a filter chain in web.xml.
Modified:
ofbiz/trunk/specialpurpose/solr/config/SolrUiLabels.xml
ofbiz/trunk/specialpurpose/solr/src/main/java/org/apache/ofbiz/solr/webapp/OFBizSolrContextFilter.java
ofbiz/trunk/specialpurpose/solr/webapp/solr/WEB-INF/web.xml
Modified: ofbiz/trunk/specialpurpose/solr/config/SolrUiLabels.xml
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/solr/config/SolrUiLabels.xml?rev=1761214&r1=1761213&r2=1761214&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/solr/config/SolrUiLabels.xml (original)
+++ ofbiz/trunk/specialpurpose/solr/config/SolrUiLabels.xml Sat Sep 17 13:02:36
2016
@@ -45,4 +45,29 @@ under the License.
<property key="SolrMissingProductCategoryId">
<value xml:lang="en">Missing product category id.</value>
</property>
+
+ <property key="SolrErrorManageLoginFirst">
+ <value xml:lang="en">To manage Solr in OFBiz, you have to login first
and have the permission to do so.</value>
+ </property>
+ <property key="SolrErrorNoManagePermission">
+ <value xml:lang="en">To manage Solr in OFBiz, you should have the
permission to do so.</value>
+ </property>
+ <property key="SolrErrorUpdateLoginFirst">
+ <value xml:lang="en">To update a Solr index in OFBiz, you have to
login first and have the permission to do so.</value>
+ </property>
+ <property key="SolrErrorNoUpdatePermission">
+ <value xml:lang="en">To update Solr in OFBiz, you should have the
permission to do so.</value>
+ </property>
+ <property key="SolrErrorReplicateLoginFirst">
+ <value xml:lang="en">To enable/disable replication of a Solr index in
OFBiz, you have to login first and have the permission to do so.</value>
+ </property>
+ <property key="SolrErrorNoReplicatePermission">
+ <value xml:lang="en">To enable/disable replication of a Solr index in
OFBiz, you should have the permission to do so.</value>
+ </property>
+ <property key="SolrErrorViewFileLoginFirst">
+ <value xml:lang="en">To view files of a Solr index in OFBiz, you have
to login first and have the permission to do so.</value>
+ </property>
+ <property key="SolrErrorNoViewFilePermission">
+ <value xml:lang="en">To view files of a Solr index in OFBiz, you
should have the permission to do so.</value>
+ </property>
</resource>
\ No newline at end of file
Modified:
ofbiz/trunk/specialpurpose/solr/src/main/java/org/apache/ofbiz/solr/webapp/OFBizSolrContextFilter.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/solr/src/main/java/org/apache/ofbiz/solr/webapp/OFBizSolrContextFilter.java?rev=1761214&r1=1761213&r2=1761214&view=diff
==============================================================================
---
ofbiz/trunk/specialpurpose/solr/src/main/java/org/apache/ofbiz/solr/webapp/OFBizSolrContextFilter.java
(original)
+++
ofbiz/trunk/specialpurpose/solr/src/main/java/org/apache/ofbiz/solr/webapp/OFBizSolrContextFilter.java
Sat Sep 17 13:02:36 2016
@@ -18,11 +18,10 @@
*******************************************************************************/
package org.apache.ofbiz.solr.webapp;
-import static org.apache.ofbiz.base.util.UtilGenerics.checkMap;
-
import java.io.IOException;
import java.io.OutputStream;
import java.util.HashMap;
+import java.util.Locale;
import java.util.Map;
import java.util.Properties;
import javax.servlet.FilterChain;
@@ -42,18 +41,15 @@ import org.apache.ofbiz.base.conversion.
import org.apache.ofbiz.base.conversion.JSONConverters.MapToJSON;
import org.apache.ofbiz.base.lang.JSON;
import org.apache.ofbiz.base.util.Debug;
-import org.apache.ofbiz.base.util.StringUtil;
import org.apache.ofbiz.base.util.UtilHttp;
import org.apache.ofbiz.base.util.UtilMisc;
-import org.apache.ofbiz.base.util.UtilObject;
+import org.apache.ofbiz.base.util.UtilProperties;
import org.apache.ofbiz.base.util.UtilTimer;
import org.apache.ofbiz.base.util.UtilValidate;
import org.apache.ofbiz.entity.GenericValue;
import org.apache.ofbiz.security.Security;
import org.apache.ofbiz.webapp.WebAppUtil;
-import org.apache.ofbiz.webapp.control.ContextFilter;
import org.apache.ofbiz.webapp.control.LoginWorker;
-import org.apache.ofbiz.webapp.website.WebSiteWorker;
/**
* OFBizSolrContextFilter - Restricts access to solr urls.
@@ -61,18 +57,14 @@ import org.apache.ofbiz.webapp.website.W
public class OFBizSolrContextFilter extends SolrDispatchFilter {
public static final String module = OFBizSolrContextFilter.class.getName();
-
- protected ContextFilter contextFilter = null;
- protected FilterConfig config = null;
+ private static final String resource = "SolrUiLabels";
+
/**
* @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
*/
public void init(FilterConfig config) throws ServletException {
super.init(config);
- this.config = config;
- contextFilter = new ContextFilter();
- contextFilter.init(config);
}
/**
@@ -81,238 +73,95 @@ public class OFBizSolrContextFilter exte
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
-
- // set the ServletContext in the request for future use
- httpRequest.setAttribute("servletContext", config.getServletContext());
+ Locale locale = UtilHttp.getLocale(httpRequest);
- // set the webSiteId in the session
- if
(UtilValidate.isEmpty(httpRequest.getSession().getAttribute("webSiteId"))){
- httpRequest.getSession().setAttribute("webSiteId",
WebSiteWorker.getWebSiteId(httpRequest));
- }
-
- // set the filesystem path of context root.
- httpRequest.setAttribute("_CONTEXT_ROOT_",
config.getServletContext().getRealPath("/"));
-
- // set the server root url
- httpRequest.setAttribute("_SERVER_ROOT_URL_",
UtilHttp.getServerRootUrl(httpRequest));
-
- // request attributes from redirect call
- String reqAttrMapHex = (String)
httpRequest.getSession().getAttribute("_REQ_ATTR_MAP_");
- if (UtilValidate.isNotEmpty(reqAttrMapHex)) {
- byte[] reqAttrMapBytes = StringUtil.fromHexString(reqAttrMapHex);
- Map<String, Object> reqAttrMap =
checkMap(UtilObject.getObject(reqAttrMapBytes), String.class, Object.class);
- if (reqAttrMap != null) {
- for (Map.Entry<String, Object> entry: reqAttrMap.entrySet()) {
- httpRequest.setAttribute(entry.getKey(), entry.getValue());
+ // set the ServletContext in the request for future use
+ httpRequest.setAttribute("servletContext",
request.getServletContext());
+
+ // check if the request is from an authorized user
+ String servletPath = httpRequest.getServletPath();
+ if (UtilValidate.isNotEmpty(servletPath) &&
(servletPath.startsWith("/admin/") || servletPath.endsWith("/update")
+ || servletPath.endsWith("/update/json") ||
servletPath.endsWith("/update/csv") || servletPath.endsWith("/update/extract")
+ || servletPath.endsWith("/replication") ||
servletPath.endsWith("/file") || servletPath.endsWith("/file/"))) {
+ HttpSession session = httpRequest.getSession();
+ GenericValue userLogin = (GenericValue)
session.getAttribute("userLogin");
+ Security security = (Security) request.getAttribute("security");
+ if (security == null) {
+ security = (Security)
httpRequest.getServletContext().getAttribute("security");
+ if (security != null) {
+ request.setAttribute("security", security);
}
}
- httpRequest.getSession().removeAttribute("_REQ_ATTR_MAP_");
- }
-
- // ----- Context Security -----
- // check if we are disabled
- String disableSecurity =
config.getInitParameter("disableContextSecurity");
- if (disableSecurity != null && "Y".equalsIgnoreCase(disableSecurity)) {
- chain.doFilter(httpRequest, httpResponse);
- return;
- }
-
- // check if we are told to redirect everthing
- String redirectAllTo = config.getInitParameter("forceRedirectAll");
- if (UtilValidate.isNotEmpty(redirectAllTo)) {
- // little trick here so we don't loop on ourself
- if (httpRequest.getSession().getAttribute("_FORCE_REDIRECT_") ==
null) {
- httpRequest.getSession().setAttribute("_FORCE_REDIRECT_",
"true");
- Debug.logWarning("Redirecting user to: " + redirectAllTo,
module);
-
- if (!redirectAllTo.toLowerCase().startsWith("http")) {
- redirectAllTo = httpRequest.getContextPath() +
redirectAllTo;
+ if (security == null) {
+ security =
WebAppUtil.getSecurity(httpRequest.getServletContext());
+ if (security != null) {
+ request.setAttribute("security", security);
}
- httpResponse.sendRedirect(redirectAllTo);
- return;
- } else {
- httpRequest.getSession().removeAttribute("_FORCE_REDIRECT_");
- chain.doFilter(httpRequest, httpResponse);
- return;
}
- }
-
- String servletPath = httpRequest.getServletPath();
- if (UtilValidate.isNotEmpty(servletPath) &&
servletPath.equals("/control")) {
- contextFilter.doFilter(httpRequest, httpResponse, chain);
- return;
- } else {
- // check if the request is from an authorized user
- if (UtilValidate.isNotEmpty(servletPath) &&
(servletPath.startsWith("/admin/") || servletPath.endsWith("/update")
- || servletPath.endsWith("/update/json") ||
servletPath.endsWith("/update/csv") || servletPath.endsWith("/update/extract")
- || servletPath.endsWith("/replication") ||
servletPath.endsWith("/file") || servletPath.endsWith("/file/"))) {
- HttpSession session = httpRequest.getSession();
- GenericValue userLogin = (GenericValue)
session.getAttribute("userLogin");
- Security security = (Security)
request.getAttribute("security");
- if (security == null) {
- security = (Security)
httpRequest.getServletContext().getAttribute("security");
- if (security != null) {
- request.setAttribute("security", security);
+ if (servletPath.startsWith("/admin/") &&
(UtilValidate.isEmpty(userLogin) || !LoginWorker.hasBasePermission(userLogin,
httpRequest))) {
+ response.setContentType("application/json");
+ MapToJSON mapToJson = new MapToJSON();
+ JSON json;
+ OutputStream os = null;
+ try {
+ json = mapToJson.convert(UtilMisc.toMap("ofbizLogin",
(Object) "true"));
+ os = response.getOutputStream();
+ os.write(json.toString().getBytes());
+ os.flush();
+ String message = "";
+ if (UtilValidate.isEmpty(userLogin)) {
+ message = UtilProperties.getMessage(resource,
"SolrErrorManageLoginFirst", locale);
+ } else {
+ message = UtilProperties.getMessage(resource,
"SolrErrorNoManagePermission", locale);
+ }
+ Debug.logInfo("[" +
httpRequest.getRequestURI().substring(1) + "(Domain:" + request.getScheme() +
"://" + request.getServerName() + ")] Request error: " + message, module);
+ } catch (ConversionException e) {
+ Debug.logError("Error while converting Solr ofbizLogin map
to JSON.", module);
+ } finally {
+ if (os != null) {
+ os.close();
}
}
- if (security == null) {
- security =
WebAppUtil.getSecurity(httpRequest.getServletContext());
- if (security != null) {
- request.setAttribute("security", security);
- }
+ return;
+ } else if (servletPath.endsWith("/update") ||
servletPath.endsWith("/update/json") || servletPath.endsWith("/update/csv") ||
servletPath.endsWith("/update/extract")) {
+ // NOTE: the update requests are defined in an index's
solrconfig.xml
+ // get the Solr index name from the request
+ if (UtilValidate.isEmpty(userLogin) ||
!LoginWorker.hasBasePermission(userLogin, httpRequest)) {
+ sendJsonHeaderMessage(httpRequest, httpResponse,
userLogin, "SolrErrorUpdateLoginFirst", "SolrErrorNoUpdatePermission", locale);
+ return;
}
- if (servletPath.startsWith("/admin/") &&
(UtilValidate.isEmpty(userLogin) || !LoginWorker.hasBasePermission(userLogin,
httpRequest))) {
- response.setContentType("application/json");
- MapToJSON mapToJson = new MapToJSON();
- JSON json;
- OutputStream os = null;
- try {
- json = mapToJson.convert(UtilMisc.toMap("ofbizLogin",
(Object) "true"));
- os = response.getOutputStream();
- os.write(json.toString().getBytes());
- os.flush();
- String message = "";
- if (UtilValidate.isEmpty(userLogin)) {
- message = "To manage Solr in OFBiz, you have to
login first and have the permission to do so.";
- } else {
- message = "To manage Solr in OFBiz, you have to
the permission to do so.";
- }
- Debug.logInfo("[" +
httpRequest.getRequestURI().substring(1) + "(Domain:" + request.getScheme() +
"://" + request.getServerName() + ")] Request error: " + message, module);
- } catch (ConversionException e) {
- Debug.logError("Error while converting Solr ofbizLogin
map to JSON.", module);
- } finally {
- if (os != null) {
- os.close();
- }
- }
+ } else if (servletPath.endsWith("/replication")) {
+ // get the Solr index name from the request
+ if (UtilValidate.isEmpty(userLogin) ||
!LoginWorker.hasBasePermission(userLogin, httpRequest)) {
+ sendJsonHeaderMessage(httpRequest, httpResponse,
userLogin, "SolrErrorReplicateLoginFirst", "SolrErrorNoReplicatePermission",
locale);
+ return;
+ }
+ } else if (servletPath.endsWith("/file") ||
servletPath.endsWith("/file/")) {
+ // get the Solr index name from the request
+ if (UtilValidate.isEmpty(userLogin) ||
!LoginWorker.hasBasePermission(userLogin, httpRequest)) {
+ sendJsonHeaderMessage(httpRequest, httpResponse,
userLogin, "SolrErrorViewFileLoginFirst", "SolrErrorNoViewFilePermission",
locale);
return;
- } else if (servletPath.endsWith("/update") ||
servletPath.endsWith("/update/json") || servletPath.endsWith("/update/csv") ||
servletPath.endsWith("/update/extract")) {
- // NOTE: the update requests are defined in an index's
solrconfig.xml
- // get the Solr index name from the request
- if (UtilValidate.isEmpty(userLogin) ||
!LoginWorker.hasBasePermission(userLogin, httpRequest)) {
- httpResponse.setContentType("application/json");
- MapToJSON mapToJson = new MapToJSON();
- Map<String, Object> responseHeader = new
HashMap<String, Object>();
- JSON json;
- String message = "";
- OutputStream os = null;
- try {
- os = httpResponse.getOutputStream();
- if (UtilValidate.isEmpty(userLogin)) {
-
httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
- responseHeader.put("status",
HttpServletResponse.SC_UNAUTHORIZED);
- message = "To update a Solr index in OFBiz,
you have to login first and have the permission to do so.";
- responseHeader.put("message", message);
- } else {
-
httpResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
- responseHeader.put("status",
HttpServletResponse.SC_FORBIDDEN);
- message = "To update a Solr index in OFBiz,
you have to have the permission to do so.";
- responseHeader.put("message", message);
- }
- json =
mapToJson.convert(UtilMisc.toMap("responseHeader", (Object) responseHeader));
- os.write(json.toString().getBytes());
- os.flush();
- Debug.logInfo("[" +
httpRequest.getRequestURI().substring(1) + "(Domain:" + request.getScheme() +
"://" + request.getServerName() + ")] Request error: " + message, module);
- } catch (ConversionException e) {
- Debug.logError("Error while converting
responseHeader map to JSON.", module);
- } finally {
- if (os != null) {
- os.close();
- }
- }
- return;
- }
- } else if (servletPath.endsWith("/replication")) {
- // get the Solr index name from the request
- if (UtilValidate.isEmpty(userLogin) ||
!LoginWorker.hasBasePermission(userLogin, httpRequest)) {
- httpResponse.setContentType("application/json");
- MapToJSON mapToJson = new MapToJSON();
- Map<String, Object> responseHeader = new
HashMap<String, Object>();
- JSON json;
- String message = "";
- OutputStream os = null;
- try {
- os = httpResponse.getOutputStream();
- if (UtilValidate.isEmpty(userLogin)) {
-
httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
- responseHeader.put("status",
HttpServletResponse.SC_UNAUTHORIZED);
- message = "To enable/disable replication of a
Solr index in OFBiz, you have to login first and have the permission to do so.";
- responseHeader.put("message", message);
- } else {
-
httpResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
- responseHeader.put("status",
HttpServletResponse.SC_FORBIDDEN);
- message = "To enable/disable replication of a
Solr index in OFBiz, you have to have the permission to do so.";
- responseHeader.put("message", message);
- }
- json =
mapToJson.convert(UtilMisc.toMap("responseHeader", (Object) responseHeader));
- os.write(json.toString().getBytes());
- os.flush();
- Debug.logInfo("[" +
httpRequest.getRequestURI().substring(1) + "(Domain:" + request.getScheme() +
"://" + request.getServerName() + ")] Request error: " + message, module);
- } catch (ConversionException e) {
- Debug.logError("Error while converting
responseHeader map to JSON.", module);
- } finally {
- if (os != null) {
- os.close();
- }
- }
- return;
- }
- } else if (servletPath.endsWith("/file") ||
servletPath.endsWith("/file/")) {
- // get the Solr index name from the request
- if (UtilValidate.isEmpty(userLogin) ||
!LoginWorker.hasBasePermission(userLogin, httpRequest)) {
- httpResponse.setContentType("application/json");
- MapToJSON mapToJson = new MapToJSON();
- Map<String, Object> responseHeader = new
HashMap<String, Object>();
- JSON json;
- String message = "";
- OutputStream os = null;
- try {
- os = httpResponse.getOutputStream();
- if (UtilValidate.isEmpty(userLogin)) {
-
httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
- responseHeader.put("status",
HttpServletResponse.SC_UNAUTHORIZED);
- message = "To view files of a Solr index in
OFBiz, you have to login first and have the permission to do so.";
- responseHeader.put("message", message);
- } else {
-
httpResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
- responseHeader.put("status",
HttpServletResponse.SC_FORBIDDEN);
- message = "To view files of a Solr index in
OFBiz, you have to have the permission to do so.";
- responseHeader.put("message", message);
- }
- json =
mapToJson.convert(UtilMisc.toMap("responseHeader", (Object) responseHeader));
- os.write(json.toString().getBytes());
- os.flush();
- Debug.logInfo("[" +
httpRequest.getRequestURI().substring(1) + "(Domain:" + request.getScheme() +
"://" + request.getServerName() + ")] Request error: " + message, module);
- } catch (ConversionException e) {
- Debug.logError("Error while converting
responseHeader map to JSON.", module);
- } finally {
- if (os != null) {
- os.close();
- }
- }
- return;
- }
}
}
-
- String charset = request.getCharacterEncoding();
- String rname = null;
- if (httpRequest.getRequestURI() != null) {
- rname = httpRequest.getRequestURI().substring(1);
- }
- if (rname != null && (rname.endsWith(".css") ||
rname.endsWith(".js") || rname.endsWith(".ico") || rname.endsWith(".html") ||
rname.endsWith(".png") || rname.endsWith(".jpg") || rname.endsWith(".gif"))) {
- rname = null;
- }
- UtilTimer timer = null;
- if (Debug.timingOn() && rname != null) {
- timer = new UtilTimer();
- timer.setLog(true);
- timer.timerString("[" + rname + "(Domain:" +
request.getScheme() + "://" + request.getServerName() + ")] Request Begun,
encoding=[" + charset + "]", module);
- }
- // NOTE: there's a chain.doFilter in SolrDispatchFilter's doFilter
- super.doFilter(request, response, chain);
- if (Debug.timingOn() && rname != null) timer.timerString("[" +
rname + "(Domain:" + request.getScheme() + "://" + request.getServerName() +
")] Request Done", module);
}
+
+ String charset = request.getCharacterEncoding();
+ String rname = null;
+ if (httpRequest.getRequestURI() != null) {
+ rname = httpRequest.getRequestURI().substring(1);
+ }
+ if (rname != null && (rname.endsWith(".css") || rname.endsWith(".js")
|| rname.endsWith(".ico") || rname.endsWith(".html") || rname.endsWith(".png")
|| rname.endsWith(".jpg") || rname.endsWith(".gif"))) {
+ rname = null;
+ }
+ UtilTimer timer = null;
+ if (Debug.timingOn() && rname != null) {
+ timer = new UtilTimer();
+ timer.setLog(true);
+ timer.timerString("[" + rname + "(Domain:" + request.getScheme() +
"://" + request.getServerName() + ")] Request Begun, encoding=[" + charset +
"]", module);
+ }
+ // NOTE: there's a chain.doFilter in SolrDispatchFilter's doFilter
+ super.doFilter(request, response, chain);
+ if (Debug.timingOn() && rname != null) timer.timerString("[" + rname +
"(Domain:" + request.getScheme() + "://" + request.getServerName() + ")]
Request Done", module);
}
/**
@@ -320,8 +169,6 @@ public class OFBizSolrContextFilter exte
*/
public void destroy() {
super.destroy();
- contextFilter.destroy();
- config = null;
}
/**
@@ -339,5 +186,39 @@ public class OFBizSolrContextFilter exte
cores.load();
return cores;
}
+
+ private void sendJsonHeaderMessage(HttpServletRequest httpRequest,
HttpServletResponse httpResponse, GenericValue userLogin, String
notLoginMessage, String noPermissionMessage, Locale locale) throws IOException {
+ httpResponse.setContentType("application/json");
+ MapToJSON mapToJson = new MapToJSON();
+ Map<String, Object> responseHeader = new HashMap<String, Object>();
+ JSON json;
+ String message = "";
+ OutputStream os = null;
+
+ try {
+ os = httpResponse.getOutputStream();
+ if (UtilValidate.isEmpty(userLogin)) {
+ httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ responseHeader.put("status",
HttpServletResponse.SC_UNAUTHORIZED);
+ message = UtilProperties.getMessage(resource, notLoginMessage,
locale);
+ responseHeader.put("message", message);
+ } else {
+ httpResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ responseHeader.put("status", HttpServletResponse.SC_FORBIDDEN);
+ message = UtilProperties.getMessage(resource,
noPermissionMessage, locale);
+ responseHeader.put("message", message);
+ }
+ json = mapToJson.convert(UtilMisc.toMap("responseHeader", (Object)
responseHeader));
+ os.write(json.toString().getBytes());
+ os.flush();
+ Debug.logInfo("[" + httpRequest.getRequestURI().substring(1) +
"(Domain:" + httpRequest.getScheme() + "://" + httpRequest.getServerName() +
")] Request error: " + message, module);
+ } catch (ConversionException e) {
+ Debug.logError("Error while converting responseHeader map to
JSON.", module);
+ } finally {
+ if (os != null) {
+ os.close();
+ }
+ }
+ }
}
Modified: ofbiz/trunk/specialpurpose/solr/webapp/solr/WEB-INF/web.xml
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/solr/webapp/solr/WEB-INF/web.xml?rev=1761214&r1=1761213&r2=1761214&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/solr/webapp/solr/WEB-INF/web.xml (original)
+++ ofbiz/trunk/specialpurpose/solr/webapp/solr/WEB-INF/web.xml Sat Sep 17
13:02:36 2016
@@ -17,7 +17,6 @@
-->
<web-app version="3.0">
-
<display-name>Apache OFBiz - Solr Component</display-name>
<description>Solr Component of the Apache OFBiz Project</description>
@@ -43,15 +42,15 @@
</context-param>
<filter>
- <filter-name>ContextFilter</filter-name>
-
<filter-class>org.apache.ofbiz.solr.webapp.OFBizSolrContextFilter</filter-class>
+ <filter-name>ControlFilter</filter-name>
+
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
<init-param>
<param-name>disableContextSecurity</param-name>
<param-value>N</param-value>
</init-param>
<init-param>
<param-name>allowedPaths</param-name>
-
<param-value>/control:/error:/css:/img:/js:/tpl:/favicon.ico:/admin:/admin.html:/#:/schema:/config</param-value>
+
<param-value>/control:/error:/css:/img:/js:/tpl:/favicon.ico:/admin:/admin.html:/#:/schema:/config:/:/solrdefault</param-value>
</init-param>
<init-param>
<param-name>errorCode</param-name>
@@ -63,8 +62,28 @@
</init-param>
</filter>
+ <filter>
+ <filter-name>ContextFilter</filter-name>
+
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+ </filter>
+
+ <filter>
+ <filter-name>SolrFilter</filter-name>
+
<filter-class>org.apache.ofbiz.solr.webapp.OFBizSolrContextFilter</filter-class>
+ </filter>
+
+ <filter-mapping>
+ <filter-name>ControlFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+
<filter-mapping>
<filter-name>ContextFilter</filter-name>
+ <url-pattern>/control/*</url-pattern>
+ </filter-mapping>
+
+ <filter-mapping>
+ <filter-name>SolrFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
