hawtio-base/src/main/webapp/WEB-INF/web.xml [17:205]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  <env-entry>
    <description>Authorized user role, empty string disables authorization</description>
    <env-entry-name>hawtio/role</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
  </env-entry>

  <env-entry>
    <description>JAAS classname that would contain the role principal, empty string disables authorization</description>
    <env-entry-name>hawtio/rolePrincipalClasses</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
  </env-entry>

  <env-entry>
    <description>JAAS realm used to authenticate users</description>
    <env-entry-name>hawtio/realm</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value>*</env-entry-value>
  </env-entry>

  <env-entry>
    <description>AuthenticationContainerDiscovery classes divided by comma, used to discover container environments</description>
    <env-entry-name>hawtio/authenticationContainerDiscoveryClasses</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value>io.hawt.web.tomcat.TomcatAuthenticationContainerDiscovery</env-entry-value>
  </env-entry>

  <env-entry>
    <description>Enable/disable Keycloak integration. Value is really a boolean</description>
    <env-entry-name>hawtio/keycloakEnabled</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value>false</env-entry-value>
  </env-entry>

  <env-entry>
    <description>Keycloak config file used for frontend. Will use default location if not provided</description>
    <env-entry-name>hawtio/keycloakClientConfig</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
  </env-entry>

  <env-entry>
    <description>The maximum time interval, in seconds, that the servlet container will keep this session open between client accesses.</description>
    <env-entry-name>hawtio/sessionTimeout</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
  </env-entry>

  <filter>
    <filter-name>SessionExpiryFilter</filter-name>
    <filter-class>io.hawt.web.auth.SessionExpiryFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>SessionExpiryFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>cache</filter-name>
    <filter-class>io.hawt.web.filters.CacheHeadersFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>cache</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>CORSFilter</filter-name>
    <filter-class>io.hawt.web.filters.CORSFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>CORSFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>XFrameOptionsFilter</filter-name>
    <filter-class>io.hawt.web.filters.XFrameOptionsFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>XFrameOptionsFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>XXSSProtectionFilter</filter-name>
    <filter-class>io.hawt.web.filters.XXSSProtectionFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>XXSSProtectionFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>XContentTypeOptionsFilter</filter-name>
    <filter-class>io.hawt.web.filters.XContentTypeOptionsFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>XContentTypeOptionsFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>ContentSecurityPolicyFilter</filter-name>
    <filter-class>io.hawt.web.filters.ContentSecurityPolicyFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>ContentSecurityPolicyFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>StrictTransportSecurityFilter</filter-name>
    <filter-class>io.hawt.web.filters.StrictTransportSecurityFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>StrictTransportSecurityFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>PublicKeyPinningFilter</filter-name>
    <filter-class>io.hawt.web.filters.PublicKeyPinningFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>PublicKeyPinningFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>AuthenticationFilter</filter-name>
    <filter-class>io.hawt.web.auth.AuthenticationFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>AuthenticationFilter</filter-name>
    <url-pattern>/jolokia/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>LoginRedirectFilter</filter-name>
    <filter-class>io.hawt.web.auth.LoginRedirectFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>LoginRedirectFilter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>ERROR</dispatcher>
    <dispatcher>REQUEST</dispatcher>
  </filter-mapping>

  <filter>
    <filter-name>BaseTagHrefFilter</filter-name>
    <filter-class>io.hawt.web.filters.BaseTagHrefFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>BaseTagHrefFilter</filter-name>
    <url-pattern>/</url-pattern>
    <url-pattern>/index.html</url-pattern>
    <url-pattern>/login.html</url-pattern>
    <dispatcher>ERROR</dispatcher>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
  </filter-mapping>

  <filter>
    <filter-name>FlightRecorderDownloadFacade</filter-name>
    <filter-class>io.hawt.web.filters.FlightRecordingDownloadFacade</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>FlightRecorderDownloadFacade</filter-name>
    <url-pattern>/jolokia/*</url-pattern>
    <url-pattern>/proxy/*</url-pattern>
  </filter-mapping>

  <servlet>
    <servlet-name>jolokia-agent</servlet-name>
    <servlet-class>io.hawt.web.servlets.JolokiaConfiguredAgentServlet</servlet-class>
    <init-param>
      <param-name>mbeanQualifier</param-name>
      <param-value>qualifier=hawtio</param-value>
    </init-param>
    <!-- turn off returning exceptions and stacktraces from jolokia -->
    <init-param>
      <param-name>allowErrorDetails</param-name>
      <param-value>false</param-value>
    </init-param>
    <init-param>
      <param-name>includeStackTrace</param-name>
      <param-value>false</param-value>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



platforms/osgi-war/src/main/webapp/WEB-INF/web.xml [17:205]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  <env-entry>
    <description>Authorized user role, empty string disables authorization</description>
    <env-entry-name>hawtio/role</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
  </env-entry>

  <env-entry>
    <description>JAAS classname that would contain the role principal, empty string disables authorization</description>
    <env-entry-name>hawtio/rolePrincipalClasses</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
  </env-entry>

  <env-entry>
    <description>JAAS realm used to authenticate users</description>
    <env-entry-name>hawtio/realm</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value>*</env-entry-value>
  </env-entry>

  <env-entry>
    <description>AuthenticationContainerDiscovery classes divided by comma, used to discover container environments</description>
    <env-entry-name>hawtio/authenticationContainerDiscoveryClasses</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value>io.hawt.web.tomcat.TomcatAuthenticationContainerDiscovery</env-entry-value>
  </env-entry>

  <env-entry>
    <description>Enable/disable Keycloak integration. Value is really a boolean</description>
    <env-entry-name>hawtio/keycloakEnabled</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value>false</env-entry-value>
  </env-entry>

  <env-entry>
    <description>Keycloak config file used for frontend. Will use default location if not provided</description>
    <env-entry-name>hawtio/keycloakClientConfig</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
  </env-entry>

  <env-entry>
    <description>The maximum time interval, in seconds, that the servlet container will keep this session open between client accesses.</description>
    <env-entry-name>hawtio/sessionTimeout</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value></env-entry-value>
  </env-entry>

  <filter>
    <filter-name>SessionExpiryFilter</filter-name>
    <filter-class>io.hawt.web.auth.SessionExpiryFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>SessionExpiryFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>cache</filter-name>
    <filter-class>io.hawt.web.filters.CacheHeadersFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>cache</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>CORSFilter</filter-name>
    <filter-class>io.hawt.web.filters.CORSFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>CORSFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>XFrameOptionsFilter</filter-name>
    <filter-class>io.hawt.web.filters.XFrameOptionsFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>XFrameOptionsFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>XXSSProtectionFilter</filter-name>
    <filter-class>io.hawt.web.filters.XXSSProtectionFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>XXSSProtectionFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>XContentTypeOptionsFilter</filter-name>
    <filter-class>io.hawt.web.filters.XContentTypeOptionsFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>XContentTypeOptionsFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>ContentSecurityPolicyFilter</filter-name>
    <filter-class>io.hawt.web.filters.ContentSecurityPolicyFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>ContentSecurityPolicyFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>StrictTransportSecurityFilter</filter-name>
    <filter-class>io.hawt.web.filters.StrictTransportSecurityFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>StrictTransportSecurityFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>PublicKeyPinningFilter</filter-name>
    <filter-class>io.hawt.web.filters.PublicKeyPinningFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>PublicKeyPinningFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>AuthenticationFilter</filter-name>
    <filter-class>io.hawt.web.auth.AuthenticationFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>AuthenticationFilter</filter-name>
    <url-pattern>/jolokia/*</url-pattern>
  </filter-mapping>

  <filter>
    <filter-name>LoginRedirectFilter</filter-name>
    <filter-class>io.hawt.web.auth.LoginRedirectFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>LoginRedirectFilter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>ERROR</dispatcher>
    <dispatcher>REQUEST</dispatcher>
  </filter-mapping>

  <filter>
    <filter-name>BaseTagHrefFilter</filter-name>
    <filter-class>io.hawt.web.filters.BaseTagHrefFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>BaseTagHrefFilter</filter-name>
    <url-pattern>/</url-pattern>
    <url-pattern>/index.html</url-pattern>
    <url-pattern>/login.html</url-pattern>
    <dispatcher>ERROR</dispatcher>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
  </filter-mapping>

  <filter>
    <filter-name>FlightRecorderDownloadFacade</filter-name>
    <filter-class>io.hawt.web.filters.FlightRecordingDownloadFacade</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>FlightRecorderDownloadFacade</filter-name>
    <url-pattern>/jolokia/*</url-pattern>
    <url-pattern>/proxy/*</url-pattern>
  </filter-mapping>

  <servlet>
    <servlet-name>jolokia-agent</servlet-name>
    <servlet-class>io.hawt.web.servlets.JolokiaConfiguredAgentServlet</servlet-class>
    <init-param>
      <param-name>mbeanQualifier</param-name>
      <param-value>qualifier=hawtio</param-value>
    </init-param>
    <!-- turn off returning exceptions and stacktraces from jolokia -->
    <init-param>
      <param-name>allowErrorDetails</param-name>
      <param-value>false</param-value>
    </init-param>
    <init-param>
      <param-name>includeStackTrace</param-name>
      <param-value>false</param-value>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -