| | |
|---|
| | | import java.util.Map; |
|---|
| | | |
|---|
| | | import com.gitblit.Constants; |
|---|
| | | import com.gitblit.servlet.AccessDeniedServlet; |
|---|
| | | import com.gitblit.servlet.BranchGraphServlet; |
|---|
| | | import com.gitblit.servlet.DownloadZipFilter; |
|---|
| | | import com.gitblit.servlet.DownloadZipServlet; |
|---|
| | | import com.gitblit.servlet.EnforceAuthenticationFilter; |
|---|
| | | import com.gitblit.servlet.FederationServlet; |
|---|
| | | import com.gitblit.servlet.GitFilter; |
|---|
| | | import com.gitblit.servlet.GitServlet; |
|---|
| | | import com.gitblit.servlet.LogoServlet; |
|---|
| | | import com.gitblit.servlet.PagesFilter; |
|---|
| | | import com.gitblit.servlet.PagesServlet; |
|---|
| | | import com.gitblit.servlet.ProxyFilter; |
|---|
| | | import com.gitblit.servlet.PtServlet; |
|---|
| | | import com.gitblit.servlet.RawFilter; |
|---|
| | | import com.gitblit.servlet.RawServlet; |
|---|
| | | import com.gitblit.servlet.RobotsTxtServlet; |
|---|
| | | import com.gitblit.servlet.RpcFilter; |
|---|
| | | import com.gitblit.servlet.RpcServlet; |
|---|
| | | import com.gitblit.servlet.SparkleShareInviteServlet; |
|---|
| | | import com.gitblit.servlet.SyndicationFilter; |
|---|
| | |
|---|
| | | public class WebModule extends ServletModule { |
|---|
| | | |
|---|
| | | final static String ALL = "/*"; |
|---|
| | | private boolean isGO; |
|---|
| | | |
|---|
| | | public WebModule(boolean isGO) { |
|---|
| | | this.isGO=isGO; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | protected void configureServlets() { |
|---|
| | |
|---|
| | | serve(Constants.PT_PATH).with(PtServlet.class); |
|---|
| | | serve("/robots.txt").with(RobotsTxtServlet.class); |
|---|
| | | serve("/logo.png").with(LogoServlet.class); |
|---|
| | | |
|---|
| | | if(isGO) |
|---|
| | | { |
|---|
| | | /* Prevent accidental access to 'resources' such as GitBlit java classes |
|---|
| | | * |
|---|
| | | * In the GO setup the JAR containing the application and the WAR injected |
|---|
| | | * into Jetty are the same file. However Jetty expects to serve the entire WAR |
|---|
| | | * contents, except the WEB-INF folder. Thus, all java binary classes in the |
|---|
| | | * JAR are served by default as is they were legitimate resources. |
|---|
| | | * |
|---|
| | | * The below servlet mappings prevent that behavior |
|---|
| | | */ |
|---|
| | | serve(fuzzy("/com/")).with(AccessDeniedServlet.class); |
|---|
| | | serve(fuzzy("/org/")).with(AccessDeniedServlet.class); |
|---|
| | | } |
|---|
| | | // global filters |
|---|
| | | filter(ALL).through(ProxyFilter.class); |
|---|
| | | filter(ALL).through(EnforceAuthenticationFilter.class); |
|---|
| | | |
|---|
| | | // security filters |
|---|
| | | // filter(fuzzy(Constants.R_PATH), fuzzy(Constants.GIT_PATH)).through(GitFilter.class); |
|---|
| | | // filter(fuzzy(Constants.RAW_PATH)).through(RawFilter.class); |
|---|
| | | // filter(fuzzy(Constants.PAGES)).through(PagesFilter.class); |
|---|
| | | // filter(fuzzy(Constants.RPC_PATH)).through(RpcFilter.class); |
|---|
| | | // filter(fuzzy(Constants.ZIP_PATH)).through(DownloadZipFilter.class); |
|---|
| | | filter(fuzzy(Constants.R_PATH), fuzzy(Constants.GIT_PATH)).through(GitFilter.class); |
|---|
| | | filter(fuzzy(Constants.RAW_PATH)).through(RawFilter.class); |
|---|
| | | filter(fuzzy(Constants.PAGES)).through(PagesFilter.class); |
|---|
| | | filter(fuzzy(Constants.RPC_PATH)).through(RpcFilter.class); |
|---|
| | | filter(fuzzy(Constants.ZIP_PATH)).through(DownloadZipFilter.class); |
|---|
| | | filter(fuzzy(Constants.SYNDICATION_PATH)).through(SyndicationFilter.class); |
|---|
| | | |
|---|
| | | // Wicket |
|---|
