[weld-commits] Weld SVN: r7092 - archetypes/javaee6-webapp/trunk/src/main/webapp/WEB-INF.

Author: dan.j.allen Date: 2010-11-24 14:16:00 -0500 (Wed, 24 Nov 2010) New Revision: 7092 Modified: archetypes/javaee6-webapp/trunk/src/main/webapp/WEB-INF/faces-config.xml archetypes/javaee6-webapp/trunk/src/main/webapp/WEB-INF/web.xml Log: FacesServlet activates automatically add recommended security constraint for protecting .xhtml files context parameters when using RESTEasy Modified: archetypes/javaee6-webapp/trunk/src/main/webapp/WEB-INF/faces-config.xml =================================================================== --- archetypes/javaee6-webapp/trunk/src/main/webapp/WEB-INF/faces-config.xml 2010-11-24 19:11:28 UTC (rev 7091) +++ archetypes/javaee6-webapp/trunk/src/main/webapp/WEB-INF/faces-config.xml 2010-11-24 19:16:00 UTC (rev 7092) @@ -7,6 +7,8 @@ http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"> + <!-- This descriptor activates the JSF 2.0 Servlet --> + <!-- Write your navigation rules here. You are encouraged to use CDI for creating @Named managed beans. --> </faces-config> Modified: archetypes/javaee6-webapp/trunk/src/main/webapp/WEB-INF/web.xml =================================================================== --- archetypes/javaee6-webapp/trunk/src/main/webapp/WEB-INF/web.xml 2010-11-24 19:11:28 UTC (rev 7091) +++ archetypes/javaee6-webapp/trunk/src/main/webapp/WEB-INF/web.xml 2010-11-24 19:16:00 UTC (rev 7092) @@ -1,32 +1,47 @@ <?xml version="1.0" encoding="UTF-8"?> -<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" +<web-app version="3.0" + xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> - <!-- This is an optional parameter, but it makes troubleshooting errors much easier --> - <!-- You should delete it before final deployment! --> + <!-- Extra context parameters required when using RESTEasy as the JAX-RS provider --> + <!-- You also need to remove JaxRsActivator (or make it an empty class) --> <context-param> + <param-name>resteasy.scan</param-name> + <param-value>true</param-value> + </context-param> + + <context-param> + <param-name>resteasy.servlet.mapping.prefix</param-name> + <param-value>/rest</param-value> + </context-param> + + <!-- An optional parameter that makes troubleshooting errors much easier --> + <!-- You should remove this context parameter before deploying to production! --> + <context-param> <param-name>javax.faces.PROJECT_STAGE</param-name> <param-value>Development</param-value> </context-param> + + <!-- JSF 2.0 Servlet activates automatically when the WEB-INF/faces-config.xml descriptor is present --> - <!-- Activate the JSF 2.0 servlet --> - <servlet> - <servlet-name>Faces Servlet</servlet-name> - <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> - <load-on-startup>1</load-on-startup> - </servlet> - - <!-- Tell the context which URLs to process with JSF --> - <servlet-mapping> - <servlet-name>Faces Servlet</servlet-name> - <url-pattern>*.jsf</url-pattern> - </servlet-mapping> - <!-- This section is optional. We are allowing index.jsf to handle the root URL (i.e., /). --> <welcome-file-list> <!-- Add additional files here, if desired, for example: <welcome-file>index.html</welcome-file> --> <welcome-file>index.jsf</welcome-file> </welcome-file-list> + + <!-- Enable this security constraint if you are using *.jsf as your Faces Servlet mapping --> + <!-- + <security-constraint> + <display-name>Restrict direct access to Facelets views</display-name> + <web-resource-collection> + <web-resource-name>Facelets views</web-resource-name> + <url-pattern>*.xhtml</url-pattern> + </web-resource-collection> + <auth-constraint/> + </security-constraint> + --> </web-app>