Author: jacopoc
Date: Sun Sep 18 08:08:30 2016
New Revision: 1761304

URL: http://svn.apache.org/viewvc?rev=1761304&view=rev
Log:
Implemented: removed the "controller" related logic, that is now provided by 
the 
new ControlFilter, from the ContextFilter; modified existing applications to 
use 
the two filters in a chain; removed from the other specialized filters all the 
logic that was duplicated or extended from ContextFilter.

A web application, in order to leverage the OFBiz framework, requires that a 
series of objects are in its contexts (servlet context, session and request) 
such as "delegator", "delegatorName", "dispatcher", "security" etc. etc...
This setup is performed by the logic contained in the servlet filter 
implemented 
by the ContextFilter class.
The execution of this logic is required for the application to run properly.
However, before this commit, in the ContextFilter there was other logic, 
related 
to access control and redirection rules (some of them performed in coordination 
with the ControlServlet), making it difficult to deploy this filter in all the 
web applications, especially the ones that implement special handling of paths.
In fact, this filter was deployed in most but not all the web application in 
the 
OFBiz codebase: specifically it was not deployed in web applications that 
require the execution of other filters (e.g. CatalogUrlFilter, etc...) like the 
ones in the "ecommerce" and "solr" components.


Removed:
    ofbiz/trunk/applications/commonext/webapp/WEB-INF/web.xml
Modified:
    ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/web.xml
    ofbiz/trunk/applications/accounting/webapp/ap/WEB-INF/web.xml
    ofbiz/trunk/applications/accounting/webapp/ar/WEB-INF/web.xml
    ofbiz/trunk/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml
    
ofbiz/trunk/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentUrlFilter.java
    ofbiz/trunk/applications/content/webapp/content/WEB-INF/web.xml
    ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/web.xml
    ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml
    ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml
    ofbiz/trunk/applications/marketing/webapp/sfa/WEB-INF/web.xml
    ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/web.xml
    ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml
    
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/CatalogUrlFilter.java
    
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContentUrlFilter.java
    
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContextFilter.java
    ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/web.xml
    ofbiz/trunk/applications/product/webapp/facility/WEB-INF/web.xml
    ofbiz/trunk/applications/workeffort/webapp/ical/WEB-INF/web.xml
    ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/web.xml
    ofbiz/trunk/framework/resources/templates/web.xml
    
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java
    
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
    
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/view/JspViewHandler.java
    ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/assetmaint/webapp/assetmaint/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/assetmaint/webapp/ismgr/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/bi/webapp/bi/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/birt/webapp/accounting/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/birt/webapp/birt/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/birt/webapp/facility/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/birt/webapp/ordermgr/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/cmssite/webapp/cmssite/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/ebay/webapp/ebay/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/ebaystore/webapp/ebaystore/WEB-INF/web.xml
    
ofbiz/trunk/specialpurpose/ecommerce/src/main/java/org/apache/ofbiz/ecommerce/webapp/view/JspViewHandler.java
    ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/ecommerce/webapp/ecomseo/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/example/webapp/example/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/exampleext/webapp/exampleext/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/hhfacility/webapp/hhfacility/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/lucene/webapp/content/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/myportal/webapp/myportal/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/oagis/webapp/oagis/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/scrum/webapp/demotest/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/scrum/webapp/scrum/WEB-INF/web.xml
    
ofbiz/trunk/specialpurpose/solr/src/main/java/org/apache/ofbiz/solr/webapp/OFBizSolrContextFilter.java
    
ofbiz/trunk/specialpurpose/solr/src/main/java/org/apache/ofbiz/solr/webapp/OFBizSolrRedirectServlet.java
    ofbiz/trunk/specialpurpose/solr/webapp/solr/WEB-INF/web.xml
    ofbiz/trunk/specialpurpose/webpos/webapp/webpos/WEB-INF/web.xml

Modified: ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/web.xml 
(original)
+++ ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/web.xml Sun 
Sep 18 08:08:30 2016
@@ -45,29 +45,30 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>

Modified: ofbiz/trunk/applications/accounting/webapp/ap/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/ap/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/accounting/webapp/ap/WEB-INF/web.xml (original)
+++ ofbiz/trunk/applications/accounting/webapp/ap/WEB-INF/web.xml Sun Sep 18 
08:08:30 2016
@@ -41,29 +41,30 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>
     
<listener><listener-class>org.apache.ofbiz.webapp.control.LoginEventListener</listener-class></listener>

Modified: ofbiz/trunk/applications/accounting/webapp/ar/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/ar/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/accounting/webapp/ar/WEB-INF/web.xml (original)
+++ ofbiz/trunk/applications/accounting/webapp/ar/WEB-INF/web.xml Sun Sep 18 
08:08:30 2016
@@ -45,29 +45,30 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>

Modified: ofbiz/trunk/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml 
(original)
+++ ofbiz/trunk/applications/commonext/webapp/ofbizsetup/WEB-INF/web.xml Sun 
Sep 18 08:08:30 2016
@@ -40,31 +40,32 @@
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/static:/js</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
         <url-pattern>/*</url-pattern>
     </filter-mapping>
-    
+
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>
     
<listener><listener-class>org.apache.ofbiz.webapp.control.LoginEventListener</listener-class></listener>
     

Modified: 
ofbiz/trunk/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentUrlFilter.java
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentUrlFilter.java?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- 
ofbiz/trunk/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentUrlFilter.java
 (original)
+++ 
ofbiz/trunk/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentUrlFilter.java
 Sun Sep 18 08:08:30 2016
@@ -21,9 +21,10 @@ package org.apache.ofbiz.content.content
 
 import java.io.IOException;
 
+import javax.servlet.Filter;
 import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
 import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
@@ -38,10 +39,15 @@ import org.apache.ofbiz.entity.Delegator
 import org.apache.ofbiz.entity.GenericValue;
 import org.apache.ofbiz.entity.util.EntityQuery;
 import org.apache.ofbiz.webapp.WebAppUtil;
-import org.apache.ofbiz.webapp.control.ContextFilter;
 
-public class ContentUrlFilter extends ContextFilter {
+public class ContentUrlFilter implements Filter {
     public final static String module = ContentUrlFilter.class.getName();
+    private FilterConfig config;
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+        this.config = filterConfig;
+    }
 
     @Override
     public void doFilter(ServletRequest request, ServletResponse response, 
FilterChain chain)  throws IOException, ServletException {
@@ -49,13 +55,6 @@ public class ContentUrlFilter extends Co
         HttpServletResponse httpResponse = (HttpServletResponse) response;
         Delegator delegator = (Delegator) 
httpRequest.getSession().getServletContext().getAttribute("delegator");
         
-        //Get ServletContext
-        ServletContext servletContext = config.getServletContext();
-
-        WebAppUtil.setCharacterEncoding(request);
-
-        //Set request attribute and session
-        UrlServletHelper.setRequestAttributes(request, delegator, 
servletContext);
         String urlContentId = null;
         String pathInfo = UtilHttp.getFullRequestUrl(httpRequest);
         if (UtilValidate.isNotEmpty(pathInfo)) {
@@ -83,7 +82,6 @@ public class ContentUrlFilter extends Co
                 urlBuilder.append("/" + WebAppUtil.CONTROL_MOUNT_POINT);
                 urlBuilder.append("/" + config.getInitParameter("viewRequest") 
+ "?contentId=" + urlContentId);
 
-                WebAppUtil.setAttributesFromRequestBody(request);
                 //Set view query parameters
                 UrlServletHelper.setViewQueryParameters(request, urlBuilder);
                 Debug.logInfo("[Filtered request]: " + pathInfo + " (" + 
urlBuilder + ")", module);
@@ -98,4 +96,9 @@ public class ContentUrlFilter extends Co
         // we're done checking; continue on
         chain.doFilter(request, response);
     }
+
+    @Override
+    public void destroy() {
+
+    }
 }

Modified: ofbiz/trunk/applications/content/webapp/content/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/webapp/content/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/content/webapp/content/WEB-INF/web.xml (original)
+++ ofbiz/trunk/applications/content/webapp/content/WEB-INF/web.xml Sun Sep 18 
08:08:30 2016
@@ -45,29 +45,30 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>

Modified: ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/web.xml (original)
+++ ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/web.xml Sun Sep 
18 08:08:30 2016
@@ -40,29 +40,30 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>

Modified: 
ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml 
(original)
+++ ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/web.xml 
Sun Sep 18 08:08:30 2016
@@ -43,30 +43,32 @@ under the License.
         <param-name>commonManufacturingDecoratorLocation</param-name>
         
<param-value>component://manufacturing/widget/manufacturing/CommonScreens.xml</param-value>
     </context-param>
+
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>

Modified: ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml 
(original)
+++ ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml Sun Sep 
18 08:08:30 2016
@@ -40,26 +40,27 @@ under the License.
   </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
+            <param-name>redirectPath</param-name>
+            <param-value>/control/main</param-value>
         </init-param>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
-        <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
-            <param-name>redirectPath</param-name>
-            <param-value>/control/main</param-value>
-        </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+            <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
             <url-pattern>/*</url-pattern>

Modified: ofbiz/trunk/applications/marketing/webapp/sfa/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/marketing/webapp/sfa/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/marketing/webapp/sfa/WEB-INF/web.xml (original)
+++ ofbiz/trunk/applications/marketing/webapp/sfa/WEB-INF/web.xml Sun Sep 18 
08:08:30 2016
@@ -40,29 +40,30 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>

Modified: ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/web.xml (original)
+++ ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/web.xml Sun Sep 18 
08:08:30 2016
@@ -40,30 +40,30 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
-            <!-- Beware, if you use the Birt component, allowedPaths are not 
defined here anymore but in Birt web.xml-->
             
<param-value>/error:/control:/products:/select:/index.html:/index.jsp:/default.html:/default.jsp:/js</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>

Modified: ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml (original)
+++ ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml Sun Sep 18 
08:08:30 2016
@@ -39,31 +39,32 @@ under the License.
     
<param-value>component://party/widget/partymgr/CommonScreens.xml</param-value>
   </context-param>
 
-    <filter>
+  <filter>
+      <display-name>ControlFilter</display-name>
+      <filter-name>ControlFilter</filter-name>
+      
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
+      <init-param>
+          <param-name>allowedPaths</param-name>
+          
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/static</param-value>
+      </init-param>
+      <init-param>
+          <param-name>redirectPath</param-name>
+          <param-value>/control/main</param-value>
+      </init-param>
+  </filter>
+  <filter>
       <display-name>ContextFilter</display-name>
       <filter-name>ContextFilter</filter-name>
       
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
-        <init-param>
-            <param-name>allowedPaths</param-name>
-            
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/static</param-value>
-        </init-param>
-        <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
-            <param-name>redirectPath</param-name>
-            <param-value>/control/main</param-value>
-        </init-param>
-    </filter>
-    <filter-mapping>
-        <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
-    </filter-mapping>
+  </filter>
+  <filter-mapping>
+      <filter-name>ControlFilter</filter-name>
+      <url-pattern>/*</url-pattern>
+  </filter-mapping>
+  <filter-mapping>
+      <filter-name>ContextFilter</filter-name>
+      <url-pattern>/*</url-pattern>
+  </filter-mapping>
 
   
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>
   
<listener><listener-class>org.apache.ofbiz.webapp.control.LoginEventListener</listener-class></listener>

Modified: 
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/CatalogUrlFilter.java
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/CatalogUrlFilter.java?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- 
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/CatalogUrlFilter.java
 (original)
+++ 
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/CatalogUrlFilter.java
 Sun Sep 18 08:08:30 2016
@@ -23,9 +23,10 @@ import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
 
+import javax.servlet.Filter;
 import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
 import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
@@ -45,9 +46,8 @@ import org.apache.ofbiz.entity.util.Enti
 import org.apache.ofbiz.entity.util.EntityUtil;
 import org.apache.ofbiz.product.product.ProductContentWrapper;
 import org.apache.ofbiz.webapp.WebAppUtil;
-import org.apache.ofbiz.webapp.control.ContextFilter;
 
-public class CatalogUrlFilter extends ContextFilter {
+public class CatalogUrlFilter implements Filter {
 
     public final static String module = CatalogUrlFilter.class.getName();
     
@@ -56,21 +56,20 @@ public class CatalogUrlFilter extends Co
     
     protected static String defaultLocaleString = null;
     protected static String redirectUrl = null;
-    
+
+    protected FilterConfig config;
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+        this.config = filterConfig;
+    }
+
     @Override
     public void doFilter(ServletRequest request, ServletResponse response, 
FilterChain chain) throws IOException, ServletException {
         HttpServletRequest httpRequest = (HttpServletRequest) request;
         HttpServletResponse httpResponse = (HttpServletResponse) response;
         Delegator delegator = (Delegator) 
httpRequest.getSession().getServletContext().getAttribute("delegator");
         
-        //Get ServletContext
-        ServletContext servletContext = config.getServletContext();
-
-        WebAppUtil.setCharacterEncoding(request);
-
-        //Set request attribute and session
-        UrlServletHelper.setRequestAttributes(request, delegator, 
servletContext);
-        
         // set initial parameters
         String initDefaultLocalesString = 
config.getInitParameter("defaultLocaleString");
         String initRedirectUrl = config.getInitParameter("redirectUrl");
@@ -324,7 +323,6 @@ public class CatalogUrlFilter extends Co
             UrlServletHelper.setViewQueryParameters(request, urlBuilder);
             if (UtilValidate.isNotEmpty(productId) || 
UtilValidate.isNotEmpty(productCategoryId) || 
UtilValidate.isNotEmpty(urlContentId)) {
                 Debug.logInfo("[Filtered request]: " + pathInfo + " (" + 
urlBuilder + ")", module);
-                WebAppUtil.setAttributesFromRequestBody(request);
                 RequestDispatcher dispatch = 
request.getRequestDispatcher(urlBuilder.toString());
                 dispatch.forward(request, response);
                 return;
@@ -337,7 +335,12 @@ public class CatalogUrlFilter extends Co
         // we're done checking; continue on
         chain.doFilter(request, response);
     }
-    
+
+    @Override
+    public void destroy() {
+
+    }
+
     public static String makeCategoryUrl(HttpServletRequest request, String 
previousCategoryId, String productCategoryId, String productId, String 
viewSize, String viewIndex, String viewSort, String searchString) {
         Delegator delegator = (Delegator) request.getAttribute("delegator");
         try {

Modified: 
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContentUrlFilter.java
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContentUrlFilter.java?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- 
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContentUrlFilter.java
 (original)
+++ 
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContentUrlFilter.java
 Sun Sep 18 08:08:30 2016
@@ -20,13 +20,12 @@
 package org.apache.ofbiz.product.category;
 
 import java.io.IOException;
-import java.util.LinkedList;
 import java.util.List;
-import java.util.Set;
 
+import javax.servlet.Filter;
 import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
 import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
@@ -34,23 +33,24 @@ import javax.servlet.http.HttpServletReq
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.ofbiz.base.util.Debug;
-import org.apache.ofbiz.base.util.UtilCodec;
 import org.apache.ofbiz.base.util.UtilHttp;
 import org.apache.ofbiz.base.util.UtilMisc;
 import org.apache.ofbiz.base.util.UtilValidate;
 import org.apache.ofbiz.common.UrlServletHelper;
 import org.apache.ofbiz.entity.Delegator;
 import org.apache.ofbiz.entity.GenericValue;
-import org.apache.ofbiz.entity.condition.EntityCondition;
-import org.apache.ofbiz.entity.condition.EntityOperator;
 import org.apache.ofbiz.entity.util.EntityUtil;
-import org.apache.ofbiz.webapp.control.ContextFilter;
 
-public class SeoContentUrlFilter extends ContextFilter {
+public class SeoContentUrlFilter implements Filter {
     public final static String module = SeoContentUrlFilter.class.getName();
     protected static String defaultLocaleString = null;
     protected static String redirectUrl = null;
-    public static String defaultViewRequest = "contentViewInfo";
+    private FilterConfig config;
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+        this.config = filterConfig;
+    }
 
     @Override
     public void doFilter(ServletRequest request, ServletResponse response, 
FilterChain chain) throws IOException, ServletException {
@@ -58,10 +58,6 @@ public class SeoContentUrlFilter extends
         HttpServletResponse httpResponse = (HttpServletResponse) response;
         Delegator delegator = (Delegator) 
httpRequest.getSession().getServletContext().getAttribute("delegator");
 
-        // Get ServletContext
-        ServletContext servletContext = config.getServletContext();
-        // Set request attribute and session
-        UrlServletHelper.setRequestAttributes(request, delegator, 
servletContext);
         String urlContentId = null;
         String pathInfo = UtilHttp.getFullRequestUrl(httpRequest);
         if (UtilValidate.isNotEmpty(pathInfo)) {
@@ -105,61 +101,8 @@ public class SeoContentUrlFilter extends
         chain.doFilter(request, response);
     }
 
-    public static String makeContentAltUrl(HttpServletRequest request, 
HttpServletResponse response, String contentId, String viewContent) {
-        if (UtilValidate.isEmpty(contentId)) {
-            return null;
-        }
-        Delegator delegator = (Delegator) request.getAttribute("delegator");
-        String url = null;
-        try {
-            List<EntityCondition> expr = new LinkedList<EntityCondition>();
-            expr.add(EntityCondition.makeCondition("caContentAssocTypeId", 
EntityOperator.EQUALS, "ALTERNATIVE_URL"));
-            expr.add(EntityCondition.makeCondition("caThruDate", 
EntityOperator.EQUALS, null));
-            expr.add(EntityCondition.makeCondition("contentIdStart", 
EntityOperator.EQUALS, contentId));
-            Set<String> fieldsToSelect = UtilMisc.toSet("contentIdStart", 
"drObjectInfo", "dataResourceId", "caFromDate", "caThruDate", "caCreatedDate");
-            List<GenericValue> contentAssocDataResources = 
delegator.findList("ContentAssocDataResourceViewTo", 
EntityCondition.makeCondition(expr), fieldsToSelect,
-                    UtilMisc.toList("-caFromDate"), null, true);
-            if (contentAssocDataResources.size() > 0) {
-                GenericValue contentAssocDataResource = 
EntityUtil.getFirst(contentAssocDataResources);
-                url = contentAssocDataResource.getString("drObjectInfo");
-                url = UtilCodec.getDecoder("url").decode(url);
-                String mountPoint = request.getContextPath();
-                if (!(mountPoint.equals("/")) && !(mountPoint.equals(""))) {
-                    url = mountPoint + url;
-                }
-            }
-        } catch (Exception e) {
-            Debug.logWarning("[Exception] : " + e.getMessage(), module);
-        }
-
-        if (UtilValidate.isEmpty(url)) {
-            if (UtilValidate.isEmpty(viewContent)) {
-                viewContent = defaultViewRequest;
-            }
-            url = makeContentUrl(request, response, contentId, viewContent);
-        }
-        return url;
-    }
-
-    public static String makeContentUrl(HttpServletRequest request, 
HttpServletResponse response, String contentId, String viewContent) {
-        if (UtilValidate.isEmpty(contentId)) {
-            return null;
-        }
-        StringBuilder urlBuilder = new StringBuilder();
-        
urlBuilder.append(request.getSession().getServletContext().getContextPath());
-        if (urlBuilder.length() == 0 || urlBuilder.charAt(urlBuilder.length() 
- 1) != '/') {
-            urlBuilder.append("/");
-        }
-        if (UtilValidate.isNotEmpty(SeoControlServlet.controlServlet)) {
-            urlBuilder.append(SeoControlServlet.controlServlet + "/");
-        }
+    @Override
+    public void destroy() {
 
-        if (UtilValidate.isNotEmpty(viewContent)) {
-            urlBuilder.append(viewContent);
-        } else {
-            urlBuilder.append(defaultViewRequest);
-        }
-        urlBuilder.append("?contentId=" + contentId);
-        return urlBuilder.toString();
     }
 }

Modified: 
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContextFilter.java
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContextFilter.java?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- 
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContextFilter.java
 (original)
+++ 
ofbiz/trunk/applications/product/src/main/java/org/apache/ofbiz/product/category/SeoContextFilter.java
 Sun Sep 18 08:08:30 2016
@@ -18,8 +18,6 @@
  
*******************************************************************************/
 package org.apache.ofbiz.product.category;
 
-import static org.apache.ofbiz.base.util.UtilGenerics.checkMap;
-
 import java.io.IOException;
 import java.net.URL;
 import java.util.Collection;
@@ -29,6 +27,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
+import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
 import javax.servlet.RequestDispatcher;
@@ -39,42 +38,29 @@ import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.ofbiz.webapp.WebAppUtil;
 import org.apache.oro.text.regex.Pattern;
 import org.apache.oro.text.regex.Perl5Matcher;
 import org.apache.ofbiz.base.util.Debug;
 import org.apache.ofbiz.base.util.StringUtil;
 import org.apache.ofbiz.base.util.UtilHttp;
-import org.apache.ofbiz.base.util.UtilMisc;
-import org.apache.ofbiz.base.util.UtilObject;
 import org.apache.ofbiz.base.util.UtilValidate;
-import org.apache.ofbiz.entity.Delegator;
-import org.apache.ofbiz.entity.DelegatorFactory;
-import org.apache.ofbiz.entity.GenericEntityException;
-import org.apache.ofbiz.entity.GenericValue;
-import org.apache.ofbiz.entity.condition.EntityCondition;
-import org.apache.ofbiz.entity.util.EntityUtil;
-import org.apache.ofbiz.security.Security;
-import org.apache.ofbiz.service.LocalDispatcher;
 import org.apache.ofbiz.webapp.control.ConfigXMLReader;
 import org.apache.ofbiz.webapp.control.ConfigXMLReader.ControllerConfig;
-import org.apache.ofbiz.webapp.control.ContextFilter;
 import org.apache.ofbiz.webapp.control.ControlFilter;
 import org.apache.ofbiz.webapp.control.WebAppConfigurationException;
-import org.apache.ofbiz.webapp.website.WebSiteWorker;
 
 /**
  * SeoContextFilter - Restricts access to raw files and configures servlet 
objects.
  */
-public class SeoContextFilter extends ContextFilter {
+public class SeoContextFilter implements Filter {
 
     public static final String module = SeoContextFilter.class.getName();
 
-    protected Set<String> WebServlets = new HashSet<String>();
+    protected Set<String> WebServlets = new HashSet<>();
+    private FilterConfig config;
 
     public void init(FilterConfig config) throws ServletException {
-        super.init(config);
-
+        this.config = config;
         Map<String, ? extends ServletRegistration> servletRegistrations = 
config.getServletContext().getServletRegistrations();
         for (String key : servletRegistrations.keySet()) {
             Collection<String> servlets = 
servletRegistrations.get(key).getMappings();
@@ -114,68 +100,6 @@ public class SeoContextFilter extends Co
         }
         Set<String> uris = requestMaps.keySet();
 
-        // NOTE: the following part is copied from 
org.apache.ofbiz.webapp.control.ContextFilter.doFilter method, please update 
this if framework is updated.
-        // Debug.logInfo("Running ContextFilter.doFilter", module);
-
-        // ----- Servlet Object Setup -----
-        // set the cached class loader for more speedy running in this thread
-
-        // set the ServletContext in the request for future use
-        httpRequest.setAttribute("servletContext", config.getServletContext());
-
-        // set the webSiteId in the session
-        if 
(UtilValidate.isEmpty(httpRequest.getSession().getAttribute("webSiteId"))) {
-            httpRequest.getSession().setAttribute("webSiteId", 
WebSiteWorker.getWebSiteId(httpRequest));
-        }
-
-        // set the filesystem path of context root.
-        httpRequest.setAttribute("_CONTEXT_ROOT_", 
config.getServletContext().getRealPath("/"));
-
-        // set the server root url
-        String serverRootUrl = UtilHttp.getServerRootUrl(httpRequest);
-        httpRequest.setAttribute("_SERVER_ROOT_URL_", serverRootUrl);
-
-        // request attributes from redirect call
-        String reqAttrMapHex = (String) 
httpRequest.getSession().getAttribute("_REQ_ATTR_MAP_");
-        if (UtilValidate.isNotEmpty(reqAttrMapHex)) {
-            byte[] reqAttrMapBytes = StringUtil.fromHexString(reqAttrMapHex);
-            Map<String, Object> reqAttrMap = 
checkMap(UtilObject.getObject(reqAttrMapBytes), String.class, Object.class);
-            if (reqAttrMap != null) {
-                for (Map.Entry<String, Object> entry : reqAttrMap.entrySet()) {
-                    httpRequest.setAttribute(entry.getKey(), entry.getValue());
-                }
-            }
-            httpRequest.getSession().removeAttribute("_REQ_ATTR_MAP_");
-        }
-
-        // ----- Context Security -----
-        // check if we are disabled
-        String disableSecurity = 
config.getInitParameter("disableContextSecurity");
-        if (disableSecurity != null && "Y".equalsIgnoreCase(disableSecurity)) {
-            chain.doFilter(httpRequest, httpResponse);
-            return;
-        }
-
-        // check if we are told to redirect everthing
-        String redirectAllTo = config.getInitParameter("forceRedirectAll");
-        if (UtilValidate.isNotEmpty(redirectAllTo)) {
-            // little trick here so we don't loop on ourself
-            if (httpRequest.getSession().getAttribute("_FORCE_REDIRECT_") == 
null) {
-                httpRequest.getSession().setAttribute("_FORCE_REDIRECT_", 
"true");
-                Debug.logWarning("Redirecting user to: " + redirectAllTo, 
module);
-
-                if (!redirectAllTo.toLowerCase().startsWith("http")) {
-                    redirectAllTo = httpRequest.getContextPath() + 
redirectAllTo;
-                }
-                httpResponse.sendRedirect(redirectAllTo);
-                return;
-            } else {
-                httpRequest.getSession().removeAttribute("_FORCE_REDIRECT_");
-                chain.doFilter(httpRequest, httpResponse);
-                return;
-            }
-        }
-
         // test to see if we have come through the control servlet already, if 
not do the processing
         String requestPath = null;
         String contextUri = null;
@@ -222,23 +146,6 @@ public class SeoContextFilter extends Co
             
             String requestUri = 
UtilHttp.getRequestUriFromTarget(httpRequest.getRequestURI());
 
-            // Verbose Debugging
-            if (Debug.verboseOn()) {
-                for (String allow : allowList) {
-                    Debug.logVerbose("[Allow]: " + allow, module);
-                }
-                Debug.logVerbose("[View Name]: " + viewName, module);
-                Debug.logVerbose("[Request Uri]: " + requestUri, module);
-                Debug.logVerbose("[Request path]: " + requestPath, module);
-                Debug.logVerbose("[Request info]: " + requestInfo, module);
-                Debug.logVerbose("[Servlet path]: " + 
httpRequest.getServletPath(), module);
-                Debug.logVerbose(
-                        "[Not In AllowList]: " + 
(!allowList.contains(requestPath) && !allowList.contains(requestInfo) && 
!allowList.contains(httpRequest.getServletPath()) && 
!allowList.contains(requestUri) && !allowList.contains("/" + viewName)),
-                        module);
-                Debug.logVerbose("[Not In controller]: " + 
(UtilValidate.isEmpty(requestPath) && 
UtilValidate.isEmpty(httpRequest.getServletPath()) && !uris.contains(viewName)),
-                        module);
-            }
-
             // check to make sure the requested url is allowed
             if (!allowList.contains(requestPath) && 
!allowList.contains(requestInfo) && 
!allowList.contains(httpRequest.getServletPath())
                     && !allowList.contains(requestUri) && 
!allowList.contains("/" + viewName)
@@ -288,72 +195,16 @@ public class SeoContextFilter extends Co
             }
         }
 
-        // check if multi tenant is enabled
-        boolean useMultitenant = EntityUtil.isMultiTenantEnabled();
-        if (useMultitenant) {
-            // get tenant delegator by domain name
-            String serverName = httpRequest.getServerName();
-            try {
-                // if tenant was specified, replace delegator with the new 
per-tenant delegator and set tenantId to session attribute                
-                Delegator delegator = 
WebAppUtil.getDelegator(config.getServletContext());
-                
-                // to access entity "tenant" we need the default delegator
-                Delegator defaultdelegator = 
DelegatorFactory.getDelegator("default");
-                
-                // take the tenantId from the current delegator
-                String tenantId = delegator.getDelegatorTenantId();
-                
-                List<GenericValue> tenants = 
defaultdelegator.findList("Tenant", EntityCondition.makeCondition("tenantId", 
tenantId), null, UtilMisc.toList("-createdStamp"), null, false);
-                if (UtilValidate.isNotEmpty(tenants)) {
-                    GenericValue tenant = EntityUtil.getFirst(tenants);
-                    
-                    // if the request path is a root mount then redirect to 
the initial path
-                    if (UtilValidate.isNotEmpty(requestPath) && 
requestPath.equals(contextUri)) {
-                        String initialPath = tenant.getString("initialPath");
-                        if (UtilValidate.isNotEmpty(initialPath) && 
!"/".equals(initialPath)) {
-                            ((HttpServletResponse) 
response).sendRedirect(initialPath);
-                            return;
-                        }
-                    }
-
-                    // make that tenant active, setup a new delegator and a 
new dispatcher
-                    String tenantDelegatorName = 
delegator.getDelegatorBaseName() + "#" + tenantId;
-                    httpRequest.getSession().setAttribute("delegatorName", 
tenantDelegatorName);
-
-                    // after this line the delegator is replaced with the new 
per-tenant delegator
-                    delegator = 
DelegatorFactory.getDelegator(tenantDelegatorName);
-                    config.getServletContext().setAttribute("delegator", 
delegator);
-
-                    // clear web context objects
-                    config.getServletContext().setAttribute("security", null);
-                    config.getServletContext().setAttribute("dispatcher", 
null);
-
-                    // initialize security
-                    Security security = 
WebAppUtil.getSecurity(config.getServletContext());
-                    // initialize the services dispatcher
-                    LocalDispatcher dispatcher = 
WebAppUtil.getDispatcher(config.getServletContext());
-
-                    // set web context objects
-                    request.setAttribute("dispatcher", dispatcher);
-                    request.setAttribute("security", security);
-
-                    request.setAttribute("userTenantId", tenantId);
-                }
-
-                // NOTE DEJ20101130: do NOT always put the delegator name in 
the user's session because the user may
-                // have logged in and specified a tenant, and even if no 
Tenant record with a matching domainName field
-                // is found this will change the user's delegator back to the 
base one instead of the one for the
-                // tenant specified on login
-                // httpRequest.getSession().setAttribute("delegatorName", 
delegator.getDelegatorName());
-            } catch (GenericEntityException e) {
-                Debug.logWarning(e, "Unable to get Tenant", module);
-            }
-        }
 
         // we're done checking; continue on
         chain.doFilter(httpRequest, httpResponse);
     }
 
+    @Override
+    public void destroy() {
+
+    }
+
     /**
      * Forward a uri according to forward pattern regular expressions. Note: 
this is developed for Filter usage.
      * 

Modified: ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/web.xml (original)
+++ ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/web.xml Sun Sep 18 
08:08:30 2016
@@ -40,29 +40,30 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/imagemanagement:/products</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>

Modified: ofbiz/trunk/applications/product/webapp/facility/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/facility/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/product/webapp/facility/WEB-INF/web.xml (original)
+++ ofbiz/trunk/applications/product/webapp/facility/WEB-INF/web.xml Sun Sep 18 
08:08:30 2016
@@ -45,29 +45,30 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images:/ShippingAPI.dll</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>

Modified: ofbiz/trunk/applications/workeffort/webapp/ical/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/workeffort/webapp/ical/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/workeffort/webapp/ical/WEB-INF/web.xml (original)
+++ ofbiz/trunk/applications/workeffort/webapp/ical/WEB-INF/web.xml Sun Sep 18 
08:08:30 2016
@@ -39,32 +39,32 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
-            <param-value>
-                
/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images
-            </param-value>
-        </init-param>
-        <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
+            
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
         <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
         <url-pattern>/*</url-pattern>
     </filter-mapping>
+
     <listener>
         
<listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class>
     </listener>

Modified: ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/web.xml 
(original)
+++ ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/web.xml Sun 
Sep 18 08:08:30 2016
@@ -42,28 +42,27 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
-            <param-value>
-                
/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images
-            </param-value>
-        </init-param>
-        <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
+            
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
         <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
         <url-pattern>/*</url-pattern>

Modified: ofbiz/trunk/framework/resources/templates/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/framework/resources/templates/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/framework/resources/templates/web.xml (original)
+++ ofbiz/trunk/framework/resources/templates/web.xml Sun Sep 18 08:08:30 2016
@@ -35,17 +35,21 @@
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        
<init-param><param-name>disableContextSecurity</param-name><param-value>N</param-value></init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
-        
<init-param><param-name>errorCode</param-name><param-value>403</param-value></init-param>
         
<init-param><param-name>redirectPath</param-name><param-value>/control/main</param-value></init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    
<filter-mapping><filter-name>ControlFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping>
     
<filter-mapping><filter-name>ContextFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>

Modified: 
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- 
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java
 (original)
+++ 
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java
 Sun Sep 18 08:08:30 2016
@@ -22,7 +22,6 @@ import static org.apache.ofbiz.base.util
 
 import java.io.IOException;
 import java.util.Enumeration;
-import java.util.List;
 import java.util.Map;
 
 import javax.servlet.Filter;
@@ -52,18 +51,17 @@ import org.apache.ofbiz.webapp.WebAppUti
 import org.apache.ofbiz.webapp.website.WebSiteWorker;
 
 /**
- * ContextFilter - Restricts access to raw files and configures servlet 
objects.
+ * ContextFilter - Configures objects for OFBiz applications
  */
 public class ContextFilter implements Filter {
 
-    public static final String module = ContextFilter.class.getName();
-    public static final String FORWARDED_FROM_SERVLET = 
"_FORWARDED_FROM_SERVLET_";
+    private static final String module = ContextFilter.class.getName();
 
     protected FilterConfig config = null;
-    protected boolean debug = false;
 
     // default charset used to decode requests body data if no encoding is 
specified in the request
     private String defaultCharacterEncoding;
+    private boolean isMultitenant;
 
     /**
      * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
@@ -74,12 +72,6 @@ public class ContextFilter implements Fi
         // puts all init-parameters in ServletContext attributes for easier 
parametrization without code changes
         this.putAllInitParametersInAttributes();
 
-        // set debug
-        this.debug = "true".equalsIgnoreCase(config.getInitParameter("debug"));
-        if (!debug) {
-            debug = Debug.verboseOn();
-        }
-
         defaultCharacterEncoding = 
config.getServletContext().getInitParameter("charset");
         if (UtilValidate.isEmpty(defaultCharacterEncoding)) {
             defaultCharacterEncoding = "UTF-8";
@@ -93,6 +85,9 @@ public class ContextFilter implements Fi
         // initialize the services dispatcher
         WebAppUtil.getDispatcher(config.getServletContext());
 
+        // check if multi tenant is enabled
+        isMultitenant = EntityUtil.isMultiTenantEnabled();
+
         // this will speed up the initial sessionId generation
         new java.security.SecureRandom().nextLong();
     }
@@ -104,7 +99,6 @@ public class ContextFilter implements Fi
         HttpServletRequest httpRequest = (HttpServletRequest) request;
         HttpServletResponse httpResponse = (HttpServletResponse) response;
 
-
         // ----- Servlet Object Setup -----
 
         // set the ServletContext in the request for future use
@@ -134,129 +128,17 @@ public class ContextFilter implements Fi
             httpRequest.getSession().removeAttribute("_REQ_ATTR_MAP_");
         }
 
-        // ----- Context Security -----
-        // check if we are disabled
-        String disableSecurity = 
config.getInitParameter("disableContextSecurity");
-        if (disableSecurity != null && "Y".equalsIgnoreCase(disableSecurity)) {
-            chain.doFilter(httpRequest, httpResponse);
-            return;
-        }
-
-        // check if we are told to redirect everthing
-        String redirectAllTo = config.getInitParameter("forceRedirectAll");
-        if (UtilValidate.isNotEmpty(redirectAllTo)) {
-            // little trick here so we don't loop on ourself
-            if (httpRequest.getSession().getAttribute("_FORCE_REDIRECT_") == 
null) {
-                httpRequest.getSession().setAttribute("_FORCE_REDIRECT_", 
"true");
-                Debug.logWarning("Redirecting user to: " + redirectAllTo, 
module);
-
-                if (!redirectAllTo.toLowerCase().startsWith("http")) {
-                    redirectAllTo = httpRequest.getContextPath() + 
redirectAllTo;
-                }
-                httpResponse.sendRedirect(redirectAllTo);
-                return;
-            } else {
-                httpRequest.getSession().removeAttribute("_FORCE_REDIRECT_");
-                chain.doFilter(httpRequest, httpResponse);
-                return;
-            }
-        }
-
-        // test to see if we have come through the control servlet already, if 
not do the processing
-        String requestPath = null;
-        String contextUri = null;
-        if (httpRequest.getAttribute(ContextFilter.FORWARDED_FROM_SERVLET) == 
null) {
-            // Debug.logInfo("In ContextFilter.doFilter, 
FORWARDED_FROM_SERVLET is NOT set", module);
-            String allowedPath = config.getInitParameter("allowedPaths");
-            String redirectPath = config.getInitParameter("redirectPath");
-            String errorCode = config.getInitParameter("errorCode");
-
-            List<String> allowList = null;
-            if ((allowList = StringUtil.split(allowedPath, ":")) != null) {
-                allowList.add("/");  // No path is allowed.
-                allowList.add("");   // No path is allowed.
-            }
-
-            if (debug) Debug.logInfo("[Domain]: " + 
httpRequest.getServerName() + " [Request]: " + httpRequest.getRequestURI(), 
module);
-
-            requestPath = httpRequest.getServletPath();
-            if (requestPath == null) requestPath = "";
-            if (requestPath.lastIndexOf("/") > 0) {
-                if (requestPath.indexOf("/") == 0) {
-                    requestPath = "/" + requestPath.substring(1, 
requestPath.indexOf("/", 1));
-                } else {
-                    requestPath = requestPath.substring(1, 
requestPath.indexOf("/"));
-                }
-            }
-
-            String requestInfo = httpRequest.getServletPath();
-            if (requestInfo == null) requestInfo = "";
-            if (requestInfo.lastIndexOf("/") >= 0) {
-                requestInfo = requestInfo.substring(0, 
requestInfo.lastIndexOf("/")) + "/*";
-            }
-
-            StringBuilder contextUriBuffer = new StringBuilder();
-            if (httpRequest.getContextPath() != null) {
-                contextUriBuffer.append(httpRequest.getContextPath());
-            }
-            if (httpRequest.getServletPath() != null) {
-                contextUriBuffer.append(httpRequest.getServletPath());
-            }
-            if (httpRequest.getPathInfo() != null) {
-                contextUriBuffer.append(httpRequest.getPathInfo());
-            }
-            contextUri = contextUriBuffer.toString();
-
-            // Verbose Debugging
-            if (Debug.verboseOn()) {
-                if (allowList != null) {
-                    for (String allow: allowList) {
-                        Debug.logVerbose("[Allow]: " + allow, module);
-                    }
-                }
-                Debug.logVerbose("[Request path]: " + requestPath, module);
-                Debug.logVerbose("[Request info]: " + requestInfo, module);
-                Debug.logVerbose("[Servlet path]: " + 
httpRequest.getServletPath(), module);
-            }
-
-            // check to make sure the requested url is allowed
-            if (allowList != null &&
-                (!allowList.contains(requestPath) && 
!allowList.contains(requestInfo) && 
!allowList.contains(httpRequest.getServletPath()))
-                ) {
-                String filterMessage = "[Filtered request]: " + contextUri;
-                
-                if (redirectPath == null) {
-                    int error = 404;
-                    if (UtilValidate.isNotEmpty(errorCode)) {
-                        try {
-                            error = Integer.parseInt(errorCode);
-                        } catch (NumberFormatException nfe) {
-                            Debug.logWarning(nfe, "Error code specified would 
not parse to Integer : " + errorCode, module);
-                        }
-                    }
-                    filterMessage = filterMessage + " (" + error + ")";
-                    httpResponse.sendError(error, contextUri);
-                    request.setAttribute("filterRequestUriError", contextUri);
-                } else {
-                    filterMessage = filterMessage + " (" + redirectPath + ")";
-                    if (!redirectPath.toLowerCase().startsWith("http")) {
-                        redirectPath = httpRequest.getContextPath() + 
redirectPath;
-                    }
-                    httpResponse.sendRedirect(redirectPath);
-                }
-                Debug.logWarning(filterMessage, module);
-                return;
-            }
-        }
-
         if (request.getCharacterEncoding() == null) {
             request.setCharacterEncoding(defaultCharacterEncoding);
         }
+
         WebAppUtil.setAttributesFromRequestBody(request);
 
-        // check if multi tenant is enabled
-        boolean useMultitenant = EntityUtil.isMultiTenantEnabled();
-        if (useMultitenant) {
+        if (!isMultitenant) {
+            request.setAttribute("delegator", 
config.getServletContext().getAttribute("delegator"));
+            request.setAttribute("dispatcher", 
config.getServletContext().getAttribute("dispatcher"));
+            request.setAttribute("security", 
config.getServletContext().getAttribute("security"));
+        } else {
             // get tenant delegator by domain name
             String serverName = httpRequest.getServerName();
             try {
@@ -275,11 +157,11 @@ public class ContextFilter implements Fi
                     tenantId = (String) 
httpRequest.getAttribute("userTenantId");
                 }
                 if(UtilValidate.isEmpty(tenantId)) {
-                    tenantId = (String) 
httpRequest.getParameter("userTenantId");
+                    tenantId = httpRequest.getParameter("userTenantId");
                 }
                 if (UtilValidate.isNotEmpty(tenantId)) {
                     // if the request path is a root mount then redirect to 
the initial path
-                    if (UtilValidate.isNotEmpty(requestPath) && 
requestPath.equals(contextUri)) {
+                    if ("".equals(httpRequest.getContextPath()) && 
"".equals(httpRequest.getServletPath())) {
                         GenericValue tenant = 
EntityQuery.use(baseDelegator).from("Tenant").where("tenantId", 
tenantId).queryOne();
                         String initialPath = tenant.getString("initialPath");
                         if (UtilValidate.isNotEmpty(initialPath) && 
!"/".equals(initialPath)) {
@@ -306,6 +188,7 @@ public class ContextFilter implements Fi
                     LocalDispatcher dispatcher = 
WebAppUtil.getDispatcher(config.getServletContext());
 
                     // set web context objects
+                    request.setAttribute("delegator", delegator);
                     request.setAttribute("dispatcher", dispatcher);
                     request.setAttribute("security", security);
                     

Modified: 
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- 
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
 (original)
+++ 
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
 Sun Sep 18 08:08:30 2016
@@ -439,37 +439,6 @@ public class LoginWorker {
             }
 
             if (delegatorNameHashIndex == -1 || (currentDelegatorTenantId != 
null && !tenantId.equals(currentDelegatorTenantId))) {
-                /* don't require this, allow a user to authenticate inside the 
tenant as long as the userLoginId and
-                 * password match what is in that tenant's database; instead 
just set things up below
-                try {
-                    List<GenericValue> tenantUserLoginList = 
delegator.findList("TenantUserLogin", 
EntityCondition.makeCondition(EntityOperator.AND, "tenantId", tenantId, 
"userLoginId", username), null, null, null, false);
-                    if (tenantUserLoginList != null && 
tenantUserLoginList.size() > 0) {
-                        ServletContext servletContext = 
session.getServletContext();
-
-                        // if so make that tenant active, setup a new 
delegator and a new dispatcher
-                        String delegatorName = delegator.getDelegatorName() + 
"#" + tenantId;
-
-                        // after this line the delegator is replaced with the 
new per-tenant delegator
-                        delegator = 
DelegatorFactory.getDelegator(delegatorName);
-                        dispatcher = 
ContextFilter.makeWebappDispatcher(servletContext, delegator);
-
-                        // NOTE: these will be local for now and set in the 
request and session later, after we've verified that the user
-                        setupNewDelegatorEtc = true;
-                    } else {
-                        // not associated with this tenant, can't login
-                        String errMsg = 
UtilProperties.getMessage(resourceWebapp, "loginevents.unable_to_login_tenant", 
UtilHttp.getLocale(request));
-                        request.setAttribute("_ERROR_MESSAGE_", errMsg);
-                        return "error";
-                    }
-                } catch (GenericEntityException e) {
-                    String errMsg = "Error checking TenantUserLogin: " + 
e.toString();
-                    Debug.logError(e, errMsg, module);
-                    request.setAttribute("_ERROR_MESSAGE_", errMsg);
-                    return "error";
-                }
-                */
-
-
                 // make that tenant active, setup a new delegator and a new 
dispatcher
                 String delegatorName = delegator.getDelegatorBaseName() + "#" 
+ tenantId;
 
@@ -1130,7 +1099,7 @@ public class LoginWorker {
     public static boolean hasBasePermission(GenericValue userLogin, 
HttpServletRequest request) {
         Security security = (Security) request.getAttribute("security");
         if (security != null) {
-            ServletContext context = (ServletContext) 
request.getAttribute("servletContext");
+            ServletContext context = request.getServletContext();
             String serverId = (String) context.getAttribute("_serverId");
             // get a context path from the request, if it is empty then assume 
it is the root mount point
             String contextPath = request.getContextPath();

Modified: 
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/view/JspViewHandler.java
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/view/JspViewHandler.java?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- 
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/view/JspViewHandler.java
 (original)
+++ 
ofbiz/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/view/JspViewHandler.java
 Sun Sep 18 08:08:30 2016
@@ -57,7 +57,7 @@ public class JspViewHandler extends Abst
         //Debug.logInfo("Requested Page : " + page, module);
         //Debug.logInfo("Physical Path  : " + context.getRealPath(page));
 
-        // tell the ContextFilter we are forwarding
+        // tell the ControlFilter we are forwarding
         request.setAttribute(ControlFilter.FORWARDED_FROM_SERVLET, 
Boolean.TRUE);
         RequestDispatcher rd = request.getRequestDispatcher(page);
 

Modified: ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/web.xml (original)
+++ ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/web.xml Sun Sep 18 
08:08:30 2016
@@ -46,32 +46,27 @@ under the License.
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
-            <param-value>
-                
/ping.txt:/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/applet
-            </param-value>
-        </init-param>
-        <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
+            
<param-value>/ping.txt:/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/applet</param-value>
         </init-param>
         <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
-        <init-param>
-            <param-name>debug</param-name>
-            <param-value>true</param-value>
-        </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
         <url-pattern>/*</url-pattern>

Modified: 
ofbiz/trunk/specialpurpose/assetmaint/webapp/assetmaint/WEB-INF/web.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/webapp/assetmaint/WEB-INF/web.xml?rev=1761304&r1=1761303&r2=1761304&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/assetmaint/webapp/assetmaint/WEB-INF/web.xml 
(original)
+++ ofbiz/trunk/specialpurpose/assetmaint/webapp/assetmaint/WEB-INF/web.xml Sun 
Sep 18 08:08:30 2016
@@ -55,29 +55,30 @@
     </context-param>
 
     <filter>
-        <display-name>ContextFilter</display-name>
-        <filter-name>ContextFilter</filter-name>
-        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
-        <init-param>
-            <param-name>disableContextSecurity</param-name>
-            <param-value>N</param-value>
-        </init-param>
+        <display-name>ControlFilter</display-name>
+        <filter-name>ControlFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ControlFilter</filter-class>
         <init-param>
             <param-name>allowedPaths</param-name>
             
<param-value>/error:/control:/select:/index.html:/index.jsp:/default.html:/default.jsp:/images</param-value>
         </init-param>
         <init-param>
-            <param-name>errorCode</param-name>
-            <param-value>403</param-value>
-        </init-param>
-        <init-param>
             <param-name>redirectPath</param-name>
             <param-value>/control/main</param-value>
         </init-param>
     </filter>
+    <filter>
+        <display-name>ContextFilter</display-name>
+        <filter-name>ContextFilter</filter-name>
+        
<filter-class>org.apache.ofbiz.webapp.control.ContextFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>ControlFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>ContextFilter</filter-name>
-            <url-pattern>/*</url-pattern>
+        <url-pattern>/*</url-pattern>
     </filter-mapping>
 
     
<listener><listener-class>org.apache.ofbiz.webapp.control.ControlEventListener</listener-class></listener>


Reply via email to