Introduction
The web.xml Deployment Descriptor file describes how we deploy JasperReports Server in Tomcat. The location of the file is always the same: <js-install>/WEB-INF/web.xml We won't attempt to detail every construct in this file. Please be careful making changes - make a backup.
<web-app version="3.0"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_3_0.xsd"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
Display-name
When used in <web-app>, this tag provides a short name for the application, which will be displayed in the Tomcat Manager application.
<display-name>JasperServer UI application</display-name>
webAppRootKey
This context parameter exposes webAppRootKey as a system property that can then be used by other facilities.
<context-param>
<param-name>webAppRootKey</param-name>
<param-value>jasperserver-pro.root</param-value>
</context-param>
Listeners
A listener is notified about various events, such as application or session events.
All listeners are defined the same way. Their function depends on which interface(s) they implement. This is one example:
<listener>
<listener-class>
com.jaspersoft.ji.adhoc.service.AdhocTempARUKiller
</listener-class>
</listener>
Log4j Configuration Loader
<listener>
<listener-class>
org.apache.logging.log4j.web.Log4jServletContextListener
</listener-class>
</listener>
<context-param>
<param-name>log4jConfiguration</param-name>
<param-value>/WEB-INF/log4j2.properties</param-value>
</context-param>
Application Context Loader
<!--listener to load the root application context-->
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
applicationContext* files location Parameter
Used by Spring to load any number of application context configuration files (More Info).
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext*.xml</param-value>
</context-param>
<context-param>
<param-name>contextClass</param-name>
<param-value>
com.jaspersoft.jasperserver.war.util.JSWebApplicationContext
</param-value>
</context-param>
<!--resources initializer-->
<listener>
<listener-class>com.tonbeller.tbutils.res.ResourcesFactoryContextListener</listener-class>
</listener>
<!--optional? now in JPivot by default-->
<context-param>
<param-name>contextFactory</param-name>
<param-value>com.tonbeller.wcf.controller.RequestContextFactoryImpl</param-value>
</context-param>
<!--Close JDBC connections on end of session-->
<listener>
<listener-class>com.jaspersoft.jasperserver.war.OlapSessionKiller</listener-class>
</listener>
<!--SecurityContextHolder.setStrategyName(MODE_INHERITABLETHREADLOCAL)-->
<listener>
<listener-class>com.jaspersoft.jasperserver.war.util.SecurityContextHolderStrategyInitializer</listener-class>
</listener>
<listener>
<display-name>Session mutex</display-name>
<listener-class>org.springframework.web.util.HttpSessionMutexListener</listener-class>
</listener>
<listener>
<listener-class>com.jaspersoft.jasperserver.war.util.SpringBeanServletContextPlublisher</listener-class>
</listener>
<listener>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
<context-param>
<param-name>sessionPublishedBeans</param-name>
<param-value>configurationBean,concreteHeartbeatBean,concreteNavigationActionModelSupport</param-value>
</context-param>
Filters
P3P Filter
<filter>
<filter-name>p3pFilter</filter-name>
<filter-class>com.jaspersoft.jasperserver.war.P3PFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>p3pFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
characterEncodingProxyFilter
<filter>
<filter-name>characterEncodingProxyFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetBeanName</param-name>
<param-value>characterEncodingFilter</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>characterEncodingProxyFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
sessionDecoratorProxyFilter
<filter>
<filter-name>sessionDecoratorProxyFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetBeanName</param-name>
<param-value>sessionDecoratorFilter</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>sessionDecoratorProxyFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
securityFilter - Acegi security
JasperReports Server makes extensive use of Spring and uses the Spring sub-project, Acegi Security, for authentication and authorization. Acegi works through optional filters that can be wired together in a wide variety of ways.
The start of Acegi security is the security filter that is configured here. The same mechanism can be used for Web and Web services applications.
<filter>
<filter-name>securityFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetBean</param-name>
<param-value>authenticationAuthoirizationFilterChainProxy</param-value>
</init-param>
</filter>
You can secure the parts of your application by defining the URLs you want to apply the security filter to. By default in JasperReports Server, we secure all pages - note the url-pattern below.
<filter-mapping>
<filter-name>securityFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>ERROR</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>SiteMesh Filter
<!--Start of SiteMesh filter config-->
<filter>
<filter-name>sitemesh</filter-name>
<filter-class>com.opensymphony.module.sitemesh.filter.PageFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>sitemesh</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>ERROR</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
Filter to Parse Names of Uploaded Files
<!--Filter to help parse the file name and extension of uplaoded files-->
<!--filter> com.jaspersoft.jasperserver.war.MultipartRequestWrapperFilter takes over the processing
<filter-name>multiPartHelperFilter</filter-name>
<filter-class>com.jaspersoft.jasperserver.war.common.UploadMultipartFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>multiPartHelperFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-->
JPivotController Filter
<filter>
<filter-name>JPivotController</filter-name>
<filter-class>com.tonbeller.wcf.controller.RequestFilter</filter-class>
<!--to avoid double clicking problem in the OLAP view list
<init-param>
<param-name>indexJSP</param-name>
<param-value>/olap/viewOlap.html</param-value>
<description>forward to this page if session is new</description>
</init-param>-->
<init-param>
<description>URI of error page</description>
<param-name>errorJSP</param-name>
<param-value>/olap/error.html</param-value>
</init-param>
<init-param>
<description>This page is displayed if a the user clicks
on a query before the previous query has finished</description>
<param-name>busyJSP</param-name>
<param-value>/olap/busy.html</param-value>
</init-param>
<!--<init-param>
<param-name>forceExtension</param-name>
<param-value>.faces</param-value>
<description>replace .jsp with .faces</description>
</init-param>-->
</filter>
<filter-mapping>
<filter-name>JPivotController</filter-name>
<url-pattern>/olap/viewOlap.html</url-pattern>
</filter-mapping>
StaticFilesCacheControlFilter
<filter>
<filter-name>StaticFilesCacheControlFilter</filter-name>
<filter-class>com.jaspersoft.jasperserver.war.StaticFilesCacheControlFilter</filter-class>
<init-param>
<param-name>urlEndsWith</param-name>
<param-value>.js</param-value>
</init-param>
<init-param>
<param-name>expiresAfterAccessInSecs</param-name>
<param-value>86400</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>StaticFilesCacheControlFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
fusionSWFResponseHeadersFilter
<filter>
<filter-name>fusionSWFResponseHeadersFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>fusionSWFResponseHeadersFilter</filter-name>
<url-pattern>/fusion/*</url-pattern>
</filter-mapping>
FCExporterFix - Fusion Charts Exporter Filter
<filter>
<filter-name>FCExporterFix</filter-name>
<filter-class>com.jaspersoft.jasperreports.fusion.web.FusionExportHandlerFix</filter-class>
</filter>
<filter-mapping>
<filter-name>FCExporterFix</filter-name>
<url-pattern>/FCExporter</url-pattern>
</filter-mapping>
Jasperserver Dispatcher Servlet
<!--dispatcher servlet for the application-->
<servlet>
<servlet-name>jasperserver</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/jasperserver-*.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>jasperserver</servlet-name>
<url-pattern>*.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>jasperserver</servlet-name>
<url-pattern>/flow.html/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>jasperserver</servlet-name>
<url-pattern>/fileview/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>jasperserver</servlet-name>
<url-pattern>/reportimage/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>jasperserver</servlet-name>
<url-pattern>/reportresource/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>jasperserver</servlet-name>
<url-pattern>/jrpxml/*</url-pattern>
</servlet-mapping>
Direct Web Remoting Servlet
http://directwebremoting.org/dwr/index.html
<!--<!– DWR support –>
<servlet>
<servlet-name>dwr</servlet-name>
<servlet-class>org.directwebremoting.spring.DwrSpringServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>crossDomainSessionSecurity</param-name>
<param-value>false</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>dwr</servlet-name>
<url-pattern>/dwr/*</url-pattern>
</servlet-mapping>-->
XML/A Servlet
<!--MondrianXmlaServlet replaced with JasperXmlaServlet-->
<!-- <servlet>
<servlet-name>MondrianXmlaServlet</servlet-name>
<servlet-class>mondrian.xmla.impl.DefaultXmlaServlet</servlet-class>
<init-param>
<param-name>DataSourcesConfig</param-name>
<param-value>datasources.xml</param-value>
</init-param>
</servlet> -->
<!--XML for Analysis Servlet-->
<servlet>
<servlet-name>JasperXmlaServlet</servlet-name>
<servlet-class>com.jaspersoft.ji.ja.security.service.MTXmlaServletImpl</servlet-class>
<load-on-startup>50</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>JasperXmlaServlet</servlet-name>
<url-pattern>/xmla</url-pattern>
</servlet-mapping>
Drill-Through
<!--for drillthrough-->
<servlet>
<servlet-name>JasperDrillThroughServlet</servlet-name>
<servlet-class>com.jaspersoft.jasperserver.war.CSVServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>JasperDrillThroughServlet</servlet-name>
<url-pattern>/olap/drillthrough.csv</url-pattern>
</servlet-mapping>
jFreechart
DisplayChart Servlet
<!--jfreechart provided servlet-->
<servlet>
<servlet-name>DisplayChart</servlet-name>
<servlet-class>org.jfree.chart.servlet.DisplayChart</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>DisplayChart</servlet-name>
<url-pattern>/DisplayChart</url-pattern>
</servlet-mapping>
GetChart
<!--jfreechart provided servlet-->
<servlet>
<description>Serves up chart images for OLAP printing to PDF and Excel.</description>
<servlet-name>GetChart</servlet-name>
<!--display-name>GetChart</display-name-->
<servlet-class>com.jaspersoft.jasperserver.war.OlapGetChart</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>GetChart</servlet-name>
<url-pattern>/GetChart</url-pattern>
</servlet-mapping>
<servlet>
<description>Generate PDF and Excel files for download based on OLAP model.</description>
<servlet-name>Print</servlet-name>
<!--display-name>Print</display-name-->
<!--Use JPivot PrintServlet which has been customized-->
<servlet-class>com.tonbeller.jpivot.print.PrintServlet</servlet-class>
<!--<servlet-class>com.jaspersoft.jasperserver.war.OlapPrint</servlet-class>-->
</servlet>
<servlet-mapping>
<servlet-name>Print</servlet-name>
<url-pattern>/olap/Print</url-pattern>
</servlet-mapping>
REST
<!--REST support START-->
<servlet>
<servlet-name>JerseyREST</servlet-name>
<servlet-class>com.jaspersoft.jasperserver.jaxrs.JrsJerseyServletContainer</servlet-class>
<init-param>
<param-name>javax.ws.rs.Application</param-name>
<param-value>com.jaspersoft.jasperserver.jaxrs.RestSpringApplication</param-value>
</init-param>
...
</servlet>
<servlet-mapping>
<servlet-name>JerseyREST</servlet-name>
<url-pattern>/rest_v2/*</url-pattern>
</servlet-mapping>
App Themes
<!--App Themes START-->
<servlet>
<servlet-name>AppThemeServlet</servlet-name>
<servlet-class>com.jaspersoft.jasperserver.war.themes.ThemeResolverServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>AppThemeServlet</servlet-name>
<url-pattern>/_themes/*</url-pattern>
</servlet-mapping>
<!--App Themes END-->
Session-config
Session-timeout
Session timeouts dictate how long a user is allowed to be inactive before being automatically logged out of JasperReports Server.
See Timeouts in JasperReports Server for more details
<session-config>
<!--Default to 20 minute session timeouts-->
<session-timeout>20</session-timeout>
</session-config>
JSP-Configuration
This parent element wraps one or more <taglib> elements and <jsp-property-group> elements.
Note that in Tomcat 6 and earlier, <taglib> did not need to be inside <jsp-config>. However on Tomcat 7, context will fail to load with the following error if you specify <taglib> elements outside of a <jsp-config> element:
IllegalArgumentException: taglib definition not consistent with specification version
This occurs even if you specify an earlier web-app version in your web.xml, so can be confusing when migrating to Tomcat 7.
Taglib
This parent element specifies the <taglib-uri> and <taglib-location> for a JSP Custom Tag Library.
It is required when using TLD (Tag Library Definition) files in Servlets 2.3 and earlier.
Taglib-uri
This element specifies a resource identifier for a JSP Custom Tag Library. It is used inside a <taglib> element.
The identifier can be anything you like. It's sole purpose is to provide a unique reference for the taglib, so that you can use it in the <@ tablib %> declaration in a JSP file.
Some developers use full URIs such as http://www.mysite.com/taglibs/mytaglib. Other developers, including the Struts team use simpler URIs such as tags-html or tags-logic. This simpler version is known as the short name for the uri convention, and protects against outages of the website specified in the URI.
<jsp-config>
<taglib>
<taglib-uri>/WEB-INF/jasperserver.tld</taglib-uri>
<taglib-location>/WEB-INF/jasperserver.tld</taglib-location>
</taglib>
<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>
<taglib>
<taglib-uri>http://www.tonbeller.com/wcf</taglib-uri>
<taglib-location>/WEB-INF/wcf/wcf-tags.tld</taglib-location>
</taglib>
<taglib>
<taglib-uri>http://www.tonbeller.com/jpivot</taglib-uri>
<taglib-location>/WEB-INF/jpivot/jpivot-tags.tld</taglib-location>
</taglib>
</jsp-config>
<resource-ref>
<description>JasperServer Metadata repository</description>
<res-ref-name>jdbc/jasperserver</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<resource-ref>
<description>SugarCRM example database</description>
<res-ref-name>jdbc/sugarcrm</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<resource-ref>
<description>Foodmart database</description>
<res-ref-name>jdbc/foodmart</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<welcome-file-list>
<welcome-file>index.htm</welcome-file>
</welcome-file-list>
Security-constraint
This tag allows you to force an area of your site to be restricted to authenticated users and/or to use SSL.
A security constraint can be set up to allow access only to Authenticated Users, using the Security Realms feature of the servlet specification.
Web-resource-collection
This tag is used inside a <security-constraint> tag to define a resource which will be restricted by the constraint, and an optional set of HTTP methods.
The resource location is specified as a URL pattern with a subelement of <url-pattern>.
HTTP methods are specified with a subelement of <http-method>. If this element is left out, all HTTP methods are protected. It is recommended to leave this subelement out unless you really have a reason to list only certain methods and understand the implications.
A name for the web resource is specified with <web-resource-name>. This element is required.
<security-constraint>
<web-resource-collection>
<web-resource-name>JasperServerWebApp</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<!--SSL disabled-->
<transport-guarantee>NONE</transport-guarantee>
<!--SSL enabled
<transport-guarantee>CONFIDENTIAL</transport-guarantee> -->
</user-data-constraint>
</security-constraint>
<!--This constraint disables the listed HTTP methods, which are not used by JS -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Forbidden</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>HEAD</http-method>
<http-method>CONNECT</http-method>
<http-method>COPY</http-method>
<http-method>LOCK</http-method>
<http-method>MKCOL</http-method>
<http-method>OPTIONS</http-method>
<http-method>PATCH</http-method>
<http-method>PROPFIND</http-method>
<http-method>PROPPATCH</http-method>
<http-method>SEARCH</http-method>
<http-method>TRACE</http-method>
<http-method>UNLOCK</http-method>
</web-resource-collection>
</security-constraint>-->
<context-param>
<param-name>Owasp.CsrfGuard.Config</param-name>
<param-value>WEB-INF/esapi/Owasp.CsrfGuard.properties</param-value>
</context-param>
<context-param>
<param-name>Owasp.CsrfGuard.Config.Print</param-name>
<param-value>true</param-value>
</context-param>
<listener>
<listener-class>com.jaspersoft.jasperserver.api.security.JSCsrfGuardListener</listener-class>
</listener>
<listener>
<listener-class>com.jaspersoft.ji.war.common.FusionConfigListener</listener-class>
</listener>
GetEncryptionKey
<servlet>
<servlet-name>JavascriptEncryptionKey</servlet-name>
<servlet-class>com.jaspersoft.jasperserver.api.security.encryption.GetEncryptionKey</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>JavascriptEncryptionKey</servlet-name>
<url-pattern>/GetEncryptionKey</url-pattern>
</servlet-mapping>
Error Handlers
<error-page>
<error-code>404</error-code>
<location>/404.html</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/500.html</location>
</error-page>
Mime-types
<mime-mapping>
<extension>ico</extension>
<mime-type>image/x-icon</mime-type>
</mime-mapping>
<!--currently the W3C havent settled on a media type for WSDL;
http://www.w3.org/TR/2003/WD-wsdl12-20030303/#ietf-draft
for now we go with the basic 'it's XML' response-->
<mime-mapping>
<extension>wsdl</extension>
<mime-type>text/xml</mime-type>
</mime-mapping>
<mime-mapping>
<extension>xsd</extension>
<mime-type>text/xml</mime-type>
</mime-mapping>
<mime-mapping>
<extension>png</extension>
<mime-type>image/png</mime-type>
</mime-mapping>
</web-app>
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now