WebXml (OmniFaces 3.7 API)

public interface WebXml

This configuration interface parses the /WEB-INF/web.xml and all /META-INF/web-fragment files found in the classpath and offers methods to obtain information from them which is not available by the standard Servlet API.

Usage

Some examples:

 // Get the <welcome-file-list> (which are essentially path-relative filenames which needs to be served when a folder is requested).
 List<String> welcomeFiles = WebXml.instance().getWelcomeFiles();

 // Get a mapping of all error page locations by exception type (a key of null represents the default error page location, if any).
 Map<Class<Throwable>, String> errorPageLocations = WebXml.instance().getErrorPageLocations();

 // Get the <form-login-page> (which is a context-relative URL to the login page of FORM based authentication).
 String formLoginPage = WebXml.instance().getFormLoginPage();

 // Get a mapping of all <security-constraint> URL patterns and associated roles.
 Map<String, Set<String>> securityConstraints = WebXml.instance().getSecurityConstraints();

 // Check if access to certain (context-relative) URL is allowed for the given role based on <security-constraint>.
 boolean accessAllowed = WebXml.instance().isAccessAllowed("/admin.xhtml", "admin");

 // Get web.xml configured session timeout (in minutes).
 int sessionTimeout = WebXml.instance().getSessionTimeout();

Since OmniFaces 3.1, you can if necessary even inject it.

 @Inject
 private WebXml webXml;

Since:: 1.2
Author:: Bauke Scholtz
See Also:: WebXmlSingleton, WebXmlProducer

Field Summary

Fields
Modifier and Type Field and Description

static WebXml INSTANCE
Deprecated.
Since 3.1; Use instance() instead.

Fields
Modifier and Type	Field and Description
`static WebXml`	`INSTANCE` Deprecated. Since 3.1; Use `instance()` instead.

Method Summary

All Methods Static Methods Instance Methods Abstract Methods Default Methods Deprecated Methods
Modifier and Type	Method and Description
`String`	`findErrorPageLocation(Throwable exception)` Find for the given exception the right error page location.
`Map<Class<Throwable>,String>`	`getErrorPageLocations()` Returns a mapping of all error page locations by exception type.
`String`	`getFormErrorPage()` Returns the location of the FORM authentication error page, or `null` if it is not defined.
`String`	`getFormLoginPage()` Returns the location of the FORM authentication login page, or `null` if it is not defined.
`Map<String,Set<String>>`	`getSecurityConstraints()` Returns a mapping of all security constraint URL patterns and the associated roles in the declared order.
`int`	`getSessionTimeout()` Returns the configured session timeout in minutes, or `-1` if it is not defined.
`List<String>`	`getWelcomeFiles()` Returns a list of all welcome files.
`default WebXml`	`init(ServletContext servletContext)` Deprecated. Since 3.1; Use `instance()` instead. It will fall back to CDI to obtain the servlet context.
`static WebXml`	`instance()` Returns the lazily loaded enum singleton instance.
`boolean`	`isAccessAllowed(String url, String role)` Returns `true` if access to the given URL is allowed for the given role.

- Field Detail
  - INSTANCE
```
@Deprecated
static final WebXml INSTANCE
```
    Deprecated. Since 3.1; Use instance() instead.
    
    Returns the lazily loaded enum singleton instance.
- Method Detail
  - instance
```
static WebXml instance()
```
    Returns the lazily loaded enum singleton instance.
    
    Returns:
    
    The lazily loaded enum singleton instance.
    
    Since:
    
    3.1
  - init
```
@Deprecated
default WebXml init(ServletContext servletContext)
```
    Deprecated. Since 3.1; Use instance() instead. It will fall back to CDI to obtain the servlet context.
    
    Perform manual initialization with the given servlet context, if not null and not already initialized yet.
    
    Parameters:
    
    servletContext - The servlet context to obtain the web.xml from.
    
    Returns:
    
    The current WebXml instance, initialized and all.
  - findErrorPageLocation
```
String findErrorPageLocation(Throwable exception)
```
    Find for the given exception the right error page location. Exception types are matched as per Servlet 3.0 specification 10.9.2 with the exception that the given exception is already unwrapped:
    - Make a pass through all specific exception types. If a match is found in the exception class hierarchy, use its location. The closest match in the class hierarchy wins.
    - Else use the default error page location, which can be either the java.lang.Throwable or HTTP 500 or default one.
    Parameters:
    
    exception - The exception to find the error page location for.
    
    Returns:
    
    The right error page location for the given exception.
  - isAccessAllowed
```
boolean isAccessAllowed(String url,
                        String role)
```
    Returns true if access to the given URL is allowed for the given role. URL patterns are matched as per Servlet 3.0 specification 12.1:
    - Make a first pass through all URL patterns. If an exact match is found, then check the role on it.
    - Else make a recursive pass through all prefix URL patterns, stepping down the URL one directory at a time, trying to find the longest path match. If it is found, then check the role on it.
    - Else if the last segment in the URL path contains an extension, then make a last pass through all suffix URL patterns. If a match is found, then check the role on it.
    - Else assume it as unprotected resource and return true.
    Parameters:
    
    url - URL to be checked for access by the given role. It must start with '/' and be context-relative.
    
    role - Role to be checked for access to the given URL.
    
    Returns:
    
    true if access to the given URL is allowed for the given role, otherwise false.
    
    Throws:
    
    NullPointerException - If given URL is null.
    
    IllegalArgumentException - If given URL does not start with '/'.
    
    Since:
    
    1.4
  - getWelcomeFiles
```
List<String> getWelcomeFiles()
```
    Returns a list of all welcome files.
    
    Returns:
    
    A list of all welcome files.
    
    Since:
    
    1.4
  - getErrorPageLocations
```
Map<Class<Throwable>,String> getErrorPageLocations()
```
    Returns a mapping of all error page locations by exception type. The default location is identified by null key.
    
    Returns:
    
    A mapping of all error page locations by exception type.
  - getFormLoginPage
```
String getFormLoginPage()
```
    Returns the location of the FORM authentication login page, or null if it is not defined.
    
    Returns:
    
    The location of the FORM authentication login page, or null if it is not defined.
  - getFormErrorPage
```
String getFormErrorPage()
```
    Returns the location of the FORM authentication error page, or null if it is not defined.
    
    Returns:
    
    The location of the FORM authentication error page, or null if it is not defined.
    
    Since:
    
    1.8
  - getSecurityConstraints
```
Map<String,Set<String>> getSecurityConstraints()
```
    Returns a mapping of all security constraint URL patterns and the associated roles in the declared order. If the roles is null, then it means that no auth constraint is been set (i.e. the resource is publicly accessible). If the roles is empty, then it means that an empty auth constraint is been set (i.e. the resource is in no way accessible).
    
    Returns:
    
    A mapping of all security constraint URL patterns and the associated roles in the declared order.
    
    Since:
    
    1.4
  - getSessionTimeout
```
int getSessionTimeout()
```
    Returns the configured session timeout in minutes, or -1 if it is not defined.
    
    Returns:
    
    The configured session timeout in minutes, or -1 if it is not defined.
    
    Since:
    
    1.7

Interface WebXml

Usage

Field Summary

Method Summary

Field Detail

INSTANCE

Method Detail

instance

init

findErrorPageLocation

isAccessAllowed

getWelcomeFiles

getErrorPageLocations

getFormLoginPage

getFormErrorPage

getSecurityConstraints

getSessionTimeout