hawtio-war/src/main/webapp/WEB-INF/web.xml [207:287]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    <load-on-startup>1</load-on-startup>
  </servlet>

  <servlet-mapping>
    <servlet-name>jolokia-agent</servlet-name>
    <url-pattern>/jolokia/*</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>jolokia-proxy</servlet-name>
    <servlet-class>io.hawt.web.proxy.ProxyServlet</servlet-class>
    <!--
      Comma-separated list of allowed target hosts. It is required for security.
      '*' allows all hosts but keep in mind it's vulnerable to security attacks.
    -->
    <init-param>
      <param-name>proxyAllowlist</param-name>
      <param-value>
        localhost,
        127.0.0.1
      </param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet-mapping>
    <servlet-name>jolokia-proxy</servlet-name>
    <url-pattern>/proxy/*</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>user</servlet-name>
    <servlet-class>io.hawt.web.auth.keycloak.KeycloakUserServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>user</servlet-name>
    <url-pattern>/user/*</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>login</servlet-name>
    <servlet-class>io.hawt.web.auth.LoginServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>login</servlet-name>
    <url-pattern>/auth/login</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>logout</servlet-name>
    <servlet-class>io.hawt.web.auth.LogoutServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>logout</servlet-name>
    <url-pattern>/auth/logout</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>keycloak</servlet-name>
    <servlet-class>io.hawt.web.auth.keycloak.KeycloakServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>keycloak</servlet-name>
    <url-pattern>/keycloak/*</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>plugin</servlet-name>
    <servlet-class>io.hawt.web.plugin.PluginServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>plugin</servlet-name>
    <url-pattern>/plugin/*</url-pattern>
  </servlet-mapping>

  <mime-mapping>
    <extension>woff</extension>
    <mime-type>application/font-woff</mime-type>
  </mime-mapping>

  <listener>
    <listener-class>io.hawt.HawtioContextListener</listener-class>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



platforms/osgi-war/src/main/webapp/WEB-INF/web.xml [211:291]:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    <load-on-startup>1</load-on-startup>
  </servlet>

  <servlet-mapping>
    <servlet-name>jolokia-agent</servlet-name>
    <url-pattern>/jolokia/*</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>jolokia-proxy</servlet-name>
    <servlet-class>io.hawt.web.proxy.ProxyServlet</servlet-class>
    <!--
      Comma-separated list of allowed target hosts. It is required for security.
      '*' allows all hosts but keep in mind it's vulnerable to security attacks.
    -->
    <init-param>
      <param-name>proxyAllowlist</param-name>
      <param-value>
        localhost,
        127.0.0.1
      </param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet-mapping>
    <servlet-name>jolokia-proxy</servlet-name>
    <url-pattern>/proxy/*</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>user</servlet-name>
    <servlet-class>io.hawt.web.auth.keycloak.KeycloakUserServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>user</servlet-name>
    <url-pattern>/user/*</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>login</servlet-name>
    <servlet-class>io.hawt.web.auth.LoginServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>login</servlet-name>
    <url-pattern>/auth/login</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>logout</servlet-name>
    <servlet-class>io.hawt.web.auth.LogoutServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>logout</servlet-name>
    <url-pattern>/auth/logout</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>keycloak</servlet-name>
    <servlet-class>io.hawt.web.auth.keycloak.KeycloakServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>keycloak</servlet-name>
    <url-pattern>/keycloak/*</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>plugin</servlet-name>
    <servlet-class>io.hawt.web.plugin.PluginServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>plugin</servlet-name>
    <url-pattern>/plugin/*</url-pattern>
  </servlet-mapping>

  <mime-mapping>
    <extension>woff</extension>
    <mime-type>application/font-woff</mime-type>
  </mime-mapping>

  <listener>
    <listener-class>io.hawt.HawtioContextListener</listener-class>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -