Author: deepak Date: Sat Jan 16 09:26:46 2016 New Revision: 1724939 URL: http://svn.apache.org/viewvc?rev=1724939&view=rev Log: Applied fix from trunk for revision: 1724930 ===
(OFBIZ-6655) Applied patch from jira issue OFBIZ-6655. Add session tracking mode and make cookie secure for some special purposes component. Thanks Rahul Bhammarker for contribution. Modified: ofbiz/branches/release14.12/ (props changed) ofbiz/branches/release14.12/specialpurpose/cmssite/webapp/cmssite/WEB-INF/web.xml ofbiz/branches/release14.12/specialpurpose/lucene/webapp/content/WEB-INF/web.xml ofbiz/branches/release14.12/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/web.xml ofbiz/branches/release14.12/specialpurpose/scrum/webapp/scrum/WEB-INF/web.xml ofbiz/branches/release14.12/specialpurpose/webpos/webapp/webpos/WEB-INF/web.xml Propchange: ofbiz/branches/release14.12/ ------------------------------------------------------------------------------ --- svn:mergeinfo (original) +++ svn:mergeinfo Sat Jan 16 09:26:46 2016 @@ -8,4 +8,4 @@ /ofbiz/branches/json-integration-refactoring:1634077-1635900 /ofbiz/branches/multitenant20100310:921280-927264 /ofbiz/branches/release13.07:1547657 -/ofbiz/trunk:1649072,1649083-1649084,1649086,1649090,1649096,1649230,1649238-1649239,1649248,1649272,1649275,1649280-1649281,1649283,1649285-1649286,1649291,1649329,1649331,1649384,1649393,1649666,1649742,1650240,1650348,1650357,1650583,1650642,1650678,1650821,1650882,1650887,1650938,1651593,1652312,1652361,1652638,1652641,1652672,1652688,1652706,1652725,1652731,1652739,1652852,1653248,1653296,1653456,1653597,1653614,1654175,1654273,1654509,1654670,1654672-1654673,1654683-1654684,1654824,1655046,1655668,1655979,1656014,1656185,1656198,1656445,1656983,1657323,1657506-1657507,1657514,1657714,1657790,1657848,1658364,1658662,1658882,1659224,1659965,1660031,1660053,1660389,1660444,1660579,1661303,1661328,1661760,1661778,1661853,1661862,1661873,1661940,1661951,1661977,1662119-1662120,1662361,1662500,1662812,1662919,1663202,1663912,1663979,1664602,1664604,1664696,1665154,1665162,1665535,1666404,1666511,1666633,1666836,1666939,1666949,1666958,1667055,1667253,1667483,1667492,1667774,1668207, 1668214,1668236,1668246,1668258,1668263,1668265,1668270,1668277,1668314,1668657,1669317,1669588,1672427,1672430,1672846,1672853,1672856,1672862,1672873,1673764,1674447,1674464,1674491,1674496,1674908,1676674,1677123,1677597,1677769-1677770,1678294,1678882,1678911,1679689,1679697,1679709,1679720,1679728,1679732,1679957,1680155,1680288,1680304,1680671,1680675,1680733,1680840,1680881,1682272,1682295,1682415,1682633,1683998,1684094,1686360,1686536,1686545,1686566,1686569,1686574,1686583,1686635,1686651,1686970,1687427,1688772,1690086,1690581,1692357,1692458,1692600,1692604,1693393,1693579,1695017,1696018,1696234,1697590,1697647,1697993,1698259,1698261,1698263,1701164,1701441,1701819,1701825,1701936,1702002,1702548,1702704,1703121,1703586,1703945,1703954,1703965,1703971,1703976-1703977,1703981,1704000,1704014,1704018,1704036,1704043,1704052,1704082,1704140,1704230,1705004,1705329,1705405,1705412,1705417,1705427,1705532,1706159,1706162,1706316,1706531,1706549,1706553,1706561,1706569,17065 77,1706589,1706591,1706593,1706694,1707837,1707857,1708274,1708341,1708742,1708930,1709117,1710178,1710348,1711513,1712971,1714244,1714410,1714415,1714571,1714657,1715477-1715478,1715485,1715501,1716319,1717058,1717180,1717682,1717710,1717760,1718023,1718109,1719094,1719872,1720883,1721067,1721093,1721625,1722712,1724402,1724566,1724763,1724916,1724918,1724925 +/ofbiz/trunk:1649072,1649083-1649084,1649086,1649090,1649096,1649230,1649238-1649239,1649248,1649272,1649275,1649280-1649281,1649283,1649285-1649286,1649291,1649329,1649331,1649384,1649393,1649666,1649742,1650240,1650348,1650357,1650583,1650642,1650678,1650821,1650882,1650887,1650938,1651593,1652312,1652361,1652638,1652641,1652672,1652688,1652706,1652725,1652731,1652739,1652852,1653248,1653296,1653456,1653597,1653614,1654175,1654273,1654509,1654670,1654672-1654673,1654683-1654684,1654824,1655046,1655668,1655979,1656014,1656185,1656198,1656445,1656983,1657323,1657506-1657507,1657514,1657714,1657790,1657848,1658364,1658662,1658882,1659224,1659965,1660031,1660053,1660389,1660444,1660579,1661303,1661328,1661760,1661778,1661853,1661862,1661873,1661940,1661951,1661977,1662119-1662120,1662361,1662500,1662812,1662919,1663202,1663912,1663979,1664602,1664604,1664696,1665154,1665162,1665535,1666404,1666511,1666633,1666836,1666939,1666949,1666958,1667055,1667253,1667483,1667492,1667774,1668207, 1668214,1668236,1668246,1668258,1668263,1668265,1668270,1668277,1668314,1668657,1669317,1669588,1672427,1672430,1672846,1672853,1672856,1672862,1672873,1673764,1674447,1674464,1674491,1674496,1674908,1676674,1677123,1677597,1677769-1677770,1678294,1678882,1678911,1679689,1679697,1679709,1679720,1679728,1679732,1679957,1680155,1680288,1680304,1680671,1680675,1680733,1680840,1680881,1682272,1682295,1682415,1682633,1683998,1684094,1686360,1686536,1686545,1686566,1686569,1686574,1686583,1686635,1686651,1686970,1687427,1688772,1690086,1690581,1692357,1692458,1692600,1692604,1693393,1693579,1695017,1696018,1696234,1697590,1697647,1697993,1698259,1698261,1698263,1701164,1701441,1701819,1701825,1701936,1702002,1702548,1702704,1703121,1703586,1703945,1703954,1703965,1703971,1703976-1703977,1703981,1704000,1704014,1704018,1704036,1704043,1704052,1704082,1704140,1704230,1705004,1705329,1705405,1705412,1705417,1705427,1705532,1706159,1706162,1706316,1706531,1706549,1706553,1706561,1706569,17065 77,1706589,1706591,1706593,1706694,1707837,1707857,1708274,1708341,1708742,1708930,1709117,1710178,1710348,1711513,1712971,1714244,1714410,1714415,1714571,1714657,1715477-1715478,1715485,1715501,1716319,1717058,1717180,1717682,1717710,1717760,1718023,1718109,1719094,1719872,1720883,1721067,1721093,1721625,1722712,1724402,1724566,1724763,1724916,1724918,1724925,1724930 Modified: ofbiz/branches/release14.12/specialpurpose/cmssite/webapp/cmssite/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/specialpurpose/cmssite/webapp/cmssite/WEB-INF/web.xml?rev=1724939&r1=1724938&r2=1724939&view=diff ============================================================================== --- ofbiz/branches/release14.12/specialpurpose/cmssite/webapp/cmssite/WEB-INF/web.xml (original) +++ ofbiz/branches/release14.12/specialpurpose/cmssite/webapp/cmssite/WEB-INF/web.xml Sat Jan 16 09:26:46 2016 @@ -1,5 +1,4 @@ <?xml version="1.0"?> -<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <!-- Licensed to the Apache Software Foundation (ASF) under one @@ -20,34 +19,38 @@ specific language governing permissions under the License. --> -<web-app> +<web-app version="3.0" + xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <display-name>Apache OFBiz - CMS Site</display-name> <description>CMS Site for the Apache OFBiz Project</description> <context-param> + <description>A unique ID used to look up the WebSite entity</description> <param-name>webSiteId</param-name> <param-value>CmsSite</param-value> - <description>A unique ID used to look up the WebSite entity</description> </context-param> <context-param> + <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description> <param-name>localDispatcherName</param-name> <param-value>CmsSite</param-value> - <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description> </context-param> <context-param> + <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description> <param-name>entityDelegatorName</param-name> <param-value>default</param-value> - <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description> </context-param> <context-param> + <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> <param-name>mainDecoratorLocation</param-name> <param-value>component://cmssite/widget/CmssiteScreens.xml</param-value> - <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> </context-param> <filter> - <filter-name>ContextFilter</filter-name> <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> <filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class> <init-param> <param-name>disableContextSecurity</param-name> @@ -79,9 +82,9 @@ under the License. <listener><listener-class>org.ofbiz.webapp.control.LoginEventListener</listener-class></listener> <servlet> - <servlet-name>ControlServlet</servlet-name> - <display-name>ControlServlet</display-name> <description>Main Control Servlet</description> + <display-name>ControlServlet</display-name> + <servlet-name>ControlServlet</servlet-name> <servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> @@ -93,6 +96,10 @@ under the License. <session-config> <session-timeout>60</session-timeout> + <cookie-config> + <http-only>true</http-only> + <secure>true</secure> + </cookie-config> </session-config> <welcome-file-list> Modified: ofbiz/branches/release14.12/specialpurpose/lucene/webapp/content/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/specialpurpose/lucene/webapp/content/WEB-INF/web.xml?rev=1724939&r1=1724938&r2=1724939&view=diff ============================================================================== --- ofbiz/branches/release14.12/specialpurpose/lucene/webapp/content/WEB-INF/web.xml (original) +++ ofbiz/branches/release14.12/specialpurpose/lucene/webapp/content/WEB-INF/web.xml Sat Jan 16 09:26:46 2016 @@ -1,5 +1,4 @@ <?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <!-- Licensed to the Apache Software Foundation (ASF) under one @@ -20,7 +19,11 @@ specific language governing permissions under the License. --> -<web-app> +<web-app version="3.0" + xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <display-name>Apache OFBiz - Lucene Component</display-name> <description>Lucene Component of the Apache OFBiz Project</description> @@ -30,32 +33,32 @@ under the License. <description>A unique ID used to look up the WebSite entity</description> </context-param--> <context-param> - <param-name>localDispatcherName</param-name><param-value>lucene</param-value> <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description> + <param-name>localDispatcherName</param-name><param-value>lucene</param-value> </context-param> <context-param> - <param-name>entityDelegatorName</param-name><param-value>default</param-value> <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description> + <param-name>entityDelegatorName</param-name><param-value>default</param-value> </context-param> <context-param> + <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> <param-name>mainDecoratorLocation</param-name> <param-value>component://content/widget/CommonScreens.xml</param-value> - <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> </context-param> <context-param> + <description>The location of the cms decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> <param-name>cmsDecoratorLocation</param-name> <param-value>component://lucene/widget/LuceneScreens.xml</param-value> - <description>The location of the cms decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> </context-param> <context-param> + <description>Remove unnecessary whitespace from HTML output.</description> <param-name>compressHTML</param-name> <param-value>false</param-value> - <description>Remove unnecessary whitespace from HTML output.</description> </context-param> <filter> - <filter-name>ContextFilter</filter-name> <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> <filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class> <init-param><param-name>disableContextSecurity</param-name><param-value>N</param-value></init-param> <init-param> @@ -73,15 +76,21 @@ under the License. <!-- <listener><listener-class>org.ofbiz.webapp.control.ControlActivationEventListener</listener-class></listener> --> <servlet> - <servlet-name>ControlServlet</servlet-name> - <display-name>ControlServlet</display-name> <description>Main Control Servlet</description> + <display-name>ControlServlet</display-name> + <servlet-name>ControlServlet</servlet-name> <servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping><servlet-name>ControlServlet</servlet-name><url-pattern>/control/*</url-pattern></servlet-mapping> - <session-config><session-timeout>60</session-timeout><!-- in minutes --></session-config> + <session-config> + <session-timeout>60</session-timeout><!-- in minutes --> + <cookie-config> + <http-only>true</http-only> + <secure>true</secure> + </cookie-config> + </session-config> <welcome-file-list> <welcome-file>index.jsp</welcome-file> Modified: ofbiz/branches/release14.12/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/web.xml?rev=1724939&r1=1724938&r2=1724939&view=diff ============================================================================== --- ofbiz/branches/release14.12/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/web.xml (original) +++ ofbiz/branches/release14.12/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/web.xml Sat Jan 16 09:26:46 2016 @@ -1,5 +1,4 @@ <?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file @@ -19,29 +18,33 @@ under the License. --> -<web-app> +<web-app version="3.0" + xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <display-name>Apache OFBiz - Project Management</display-name> <description>Project Management component of the Apache OFBiz Project</description> <context-param> + <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description> <param-name>entityDelegatorName</param-name> <param-value>default</param-value> - <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description> </context-param> <context-param> + <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description> <param-name>localDispatcherName</param-name> <param-value>projectmgr</param-value> - <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description> </context-param> <context-param> + <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> <param-name>mainDecoratorLocation</param-name> <param-value>component://projectmgr/widget/CommonScreens.xml</param-value> - <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> </context-param> <filter> - <filter-name>ContextFilter</filter-name> <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> <filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class> <init-param> <param-name>disableContextSecurity</param-name> @@ -71,9 +74,9 @@ <!-- <listener><listener-class>org.ofbiz.webapp.control.ControlActivationEventListener</listener-class></listener> --> <servlet> - <servlet-name>ControlServlet</servlet-name> - <display-name>ControlServlet</display-name> <description>Main Control Servlet</description> + <display-name>ControlServlet</display-name> + <servlet-name>ControlServlet</servlet-name> <servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> @@ -84,6 +87,10 @@ <session-config> <session-timeout>60</session-timeout> <!-- in minutes --> + <cookie-config> + <http-only>true</http-only> + <secure>true</secure> + </cookie-config> </session-config> <welcome-file-list> Modified: ofbiz/branches/release14.12/specialpurpose/scrum/webapp/scrum/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/specialpurpose/scrum/webapp/scrum/WEB-INF/web.xml?rev=1724939&r1=1724938&r2=1724939&view=diff ============================================================================== --- ofbiz/branches/release14.12/specialpurpose/scrum/webapp/scrum/WEB-INF/web.xml (original) +++ ofbiz/branches/release14.12/specialpurpose/scrum/webapp/scrum/WEB-INF/web.xml Sat Jan 16 09:26:46 2016 @@ -1,5 +1,4 @@ <?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file @@ -18,37 +17,41 @@ KIND, either express or implied. See th specific language governing permissions and limitations under the License. --> -<web-app> +<web-app version="3.0" + xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <display-name>Apache OFBiz - scrum Component</display-name> <description>scrum Component of the Apache OFBiz Project</description> <context-param> - <param-name>localDispatcherName</param-name><param-value>scrum</param-value> <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description> + <param-name>localDispatcherName</param-name><param-value>scrum</param-value> </context-param> <context-param> - <param-name>entityDelegatorName</param-name><param-value>default</param-value> <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description> + <param-name>entityDelegatorName</param-name><param-value>default</param-value> </context-param> <context-param> + <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> <param-name>mainDecoratorLocation</param-name> <param-value>component://scrum/widget/CommonScreens.xml</param-value> - <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> </context-param> <context-param> + <description>Enable widget boundary comments. See org.ofbiz.widget.model.ModelWidget.widgetBoundaryCommentsEnabled().</description> <param-name>widgetVerbose</param-name> <param-value>false</param-value> - <description>Enable widget boundary comments. See org.ofbiz.widget.model.ModelWidget.widgetBoundaryCommentsEnabled().</description> </context-param> <context-param> + <description>Remove unnecessary whitespace from HTML output.</description> <param-name>compressHTML</param-name> <param-value>false</param-value> - <description>Remove unnecessary whitespace from HTML output.</description> </context-param> <filter> - <filter-name>ContextFilter</filter-name> <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> <filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class> <init-param><param-name>disableContextSecurity</param-name><param-value>N</param-value></init-param> <init-param> @@ -66,15 +69,21 @@ under the License. <!-- <listener><listener-class>org.ofbiz.webapp.control.ControlActivationEventListener</listener-class></listener> --> <servlet> - <servlet-name>ControlServlet</servlet-name> - <display-name>ControlServlet</display-name> <description>Main Control Servlet</description> + <display-name>ControlServlet</display-name> + <servlet-name>ControlServlet</servlet-name> <servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping><servlet-name>ControlServlet</servlet-name><url-pattern>/control/*</url-pattern></servlet-mapping> - <session-config><session-timeout>60</session-timeout><!-- in minutes --></session-config> + <session-config> + <session-timeout>60</session-timeout><!-- in minutes --> + <cookie-config> + <http-only>true</http-only> + <secure>true</secure> + </cookie-config> + </session-config> <welcome-file-list> <welcome-file>index.jsp</welcome-file> Modified: ofbiz/branches/release14.12/specialpurpose/webpos/webapp/webpos/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/ofbiz/branches/release14.12/specialpurpose/webpos/webapp/webpos/WEB-INF/web.xml?rev=1724939&r1=1724938&r2=1724939&view=diff ============================================================================== --- ofbiz/branches/release14.12/specialpurpose/webpos/webapp/webpos/WEB-INF/web.xml (original) +++ ofbiz/branches/release14.12/specialpurpose/webpos/webapp/webpos/WEB-INF/web.xml Sat Jan 16 09:26:46 2016 @@ -1,5 +1,4 @@ <?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file @@ -19,34 +18,38 @@ under the License. --> -<web-app> +<web-app version="3.0" + xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee + http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <display-name>Apache OFBiz - Web Pos</display-name> <description>Web Pos component of the Apache OFBiz Project</description> <context-param> + <description>A unique ID used to look up the WebSite entity</description> <param-name>webSiteId</param-name> <param-value>WebStorePos</param-value> - <description>A unique ID used to look up the WebSite entity</description> </context-param> <context-param> + <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description> <param-name>localDispatcherName</param-name> <param-value>webpos</param-value> - <description>A unique name used to identify/recognize the local dispatcher for the Service Engine</description> </context-param> <context-param> + <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description> <param-name>entityDelegatorName</param-name> <param-value>default</param-value> - <description>The Name of the Entity Delegator to use, defined in entityengine.xml</description> </context-param> <context-param> + <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> <param-name>mainDecoratorLocation</param-name> <param-value>component://webpos/widget/CommonScreens.xml</param-value> - <description>The location of the main-decorator screen to use for this webapp; referred to as a context variable in screen def XML files.</description> </context-param> <filter> - <filter-name>ContextFilter</filter-name> <display-name>ContextFilter</display-name> + <filter-name>ContextFilter</filter-name> <filter-class>org.ofbiz.webapp.control.ContextFilter</filter-class> <init-param> <param-name>disableContextSecurity</param-name> @@ -80,16 +83,16 @@ <listener><listener-class>org.ofbiz.webapp.control.LoginEventListener</listener-class></listener> <servlet> - <servlet-name>ControlServlet</servlet-name> - <display-name>ControlServlet</display-name> <description>Main Control Servlet</description> + <display-name>ControlServlet</display-name> + <servlet-name>ControlServlet</servlet-name> <servlet-class>org.ofbiz.webapp.control.ControlServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet> - <servlet-name>CatalogUrlServlet</servlet-name> - <display-name>CatalogUrlServlet</display-name> <description>Catalog (Category/Product) URL Servlet</description> + <display-name>CatalogUrlServlet</display-name> + <servlet-name>CatalogUrlServlet</servlet-name> <servlet-class>org.ofbiz.product.category.CatalogUrlServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> @@ -103,6 +106,10 @@ </servlet-mapping> <session-config> <session-timeout>60</session-timeout> + <cookie-config> + <http-only>true</http-only> + <secure>true</secure> + </cookie-config> </session-config> <welcome-file-list> <welcome-file>index.jsp</welcome-file>