web.xml revision b1d33c0a07fc2bb7ed7d4712f62492aee8dcc650
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>OpenAM Services</display-name>
<!-- Initialises the Guice Injector. -->
<listener>
<listener-class>org.forgerock.guice.core.GuiceInitialisationFilter</listener-class>
</listener>
<context-param>
<param-name>jato:enforceStrictSessionTimeout</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>jato:com.sun.identity.authentication.UI.*:moduleURL</param-name>
<param-value>/UI</param-value>
</context-param>
<context-param>
<param-name>jato:com.sun.identity.password.ui.*:moduleURL</param-name>
<param-value>/ui</param-value>
</context-param>
<context-param>
<param-name>jato:enforceStrictSessionTimeout1</param-name>
<param-value>true</param-value>
</context-param>
<!-- context param -->
<filter>
<filter-name>amSetupFilter</filter-name>
<filter-class>com.sun.identity.setup.AMSetupFilter</filter-class>
</filter>
<filter>
<filter-name>ResponseValidationFilter</filter-name>
<filter-class>org.forgerock.openam.validation.ResponseValidationFilter</filter-class>
</filter>
<filter>
<filter-name>XUIFilter</filter-name>
<filter-class>org.forgerock.openam.xui.XUIFilter</filter-class>
</filter>
<filter>
<filter-name>AuthNFilter</filter-name>
<filter-class>com.sun.identity.rest.AuthNFilter</filter-class>
</filter>
<filter>
<filter-name>AuthZFilter</filter-name>
<filter-class>com.sun.identity.rest.AuthZFilter</filter-class>
</filter>
<filter>
<filter-name>CommonsAuthenticationFilter</filter-name>
<filter-class>org.forgerock.openam.jaspi.filter.AMAuthNFilter</filter-class>
<init-param>
<param-name>logging-configurator-class</param-name>
<param-value>org.forgerock.openam.jaspi.config.RestJaspiRuntimeConfigurationFactory</param-value>
</init-param>
<init-param>
<param-name>module-configuration-factory-class</param-name>
<param-value>org.forgerock.openam.jaspi.config.RestJaspiRuntimeConfigurationFactory</param-value>
</init-param>
</filter>
<!-- filter declaration -->
<filter-mapping>
<filter-name>amSetupFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>XUIFilter</filter-name>
<url-pattern>/UI/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>XUIFilter</filter-name>
<url-pattern>/idm/EndUser</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ResponseValidationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthNFilter</filter-name>
<url-pattern>/ws/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthZFilter</filter-name>
<url-pattern>/ws/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CommonsAuthenticationFilter</filter-name>
<url-pattern>/json/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CommonsAuthenticationFilter</filter-name>
<url-pattern>/frrest/*</url-pattern>
</filter-mapping>
<!-- filter mapping -->
<listener>
<listener-class>com.sun.identity.common.ShutdownServletContextListener</listener-class>
</listener>
<listener>
<listener-class>com.sun.identity.monitoring.AgentShutdownServletContextListener</listener-class>
</listener>
<listener>
<listener-class>com.sun.identity.authentication.service.AuthServletContextListener</listener-class>
</listener>
<listener>
<listener-class>com.sun.identity.wss.sts.STSContextListener</listener-class>
</listener>
<!-- listener declaration -->
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.sun.identity.authentication.UI.LoginServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>setSetupProgress</servlet-name>
<servlet-class>com.sun.identity.setup.SetSetupProgress</servlet-class>
</servlet>
<servlet>
<servlet-name>setUpgradeProgress</servlet-name>
<servlet-class>org.forgerock.openam.upgrade.SetUpgradeProgress</servlet-class>
</servlet>
<servlet>
<servlet-name>GatewayServlet</servlet-name>
<servlet-class>com.sun.identity.policy.util.Gateway</servlet-class>
</servlet>
<servlet>
<servlet-name>MonitoringConfiguration</servlet-name>
<servlet-class>com.sun.identity.common.MonitoringConfiguration</servlet-class>
<load-on-startup>20</load-on-startup>
</servlet>
<servlet>
<servlet-name>LoginLogoutMapping</servlet-name>
<servlet-class>com.sun.identity.authentication.UI.LoginLogoutMapping</servlet-class>
<load-on-startup>10</load-on-startup>
</servlet>
<servlet>
<servlet-name>AMSetupServlet</servlet-name>
<servlet-class>com.sun.identity.setup.AMSetupServlet</servlet-class>
<load-on-startup>5</load-on-startup>
</servlet>
<servlet>
<description>GetHttpSession</description>
<servlet-name>GetHttpSession</servlet-name>
<servlet-class>com.iplanet.dpro.session.service.GetHttpSession</servlet-class>
</servlet>
<servlet>
<description>pllservice</description>
<servlet-name>pllservice</servlet-name>
<servlet-class>com.iplanet.services.comm.server.PLLRequestServlet</servlet-class>
</servlet>
<servlet>
<description>jaxrpc</description>
<servlet-name>jaxrpc</servlet-name>
<servlet-class>com.sun.xml.rpc.server.http.JAXRPCServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>SMSServlet</servlet-name>
<servlet-class>com.sun.identity.sm.SMServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>PWResetServlet</servlet-name>
<servlet-class>com.sun.identity.password.ui.PWResetServlet</servlet-class>
</servlet>
<servlet>
<description>notificationservice</description>
<servlet-name>notificationservice</servlet-name>
<servlet-class>com.iplanet.services.comm.client.PLLNotificationServlet</servlet-class>
</servlet>
<servlet>
<description>Web Service Endpoint - Identity Services</description>
<display-name>IdentityServices</display-name>
<servlet-name>IdentityServices</servlet-name>
<servlet-class>com.sun.identity.idsvcs.IdentityServicesServlet</servlet-class>
</servlet>
<servlet>
<description>REST Endpoint - Identity Services</description>
<display-name>IdentityServicesHandler</display-name>
<servlet-name>IdentityServicesHandler</servlet-name>
<servlet-class>com.sun.identity.idsvcs.rest.IdentityServicesHandler</servlet-class>
<init-param>
<description>Default security provider</description>
<param-name>provider</param-name>
<param-value>com.sun.identity.idsvcs.opensso.IdentityServicesImpl</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>notificationservlet</servlet-name>
<servlet-class>com.sun.identity.entitlement.opensso.NotificationServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>entitlementmonitor</servlet-name>
<servlet-class>com.sun.identity.entitlement.util.NetworkMonitor</servlet-class>
</servlet>
<!-- JAX-RS -->
<!-- Java defines REST support via the Java Specification Request 311 (JSR).
This specificiation is called JAX-RS (The Java API for RESTful Web Services).
JAX-RS uses annotations to define the REST relevance of Java classes.
Jersey is the reference implementation for this specification.
Jersey contains basically a REST server and a REST client.
The core client can be used provides a library to communicate with the server.
-->
<servlet>
<servlet-name>ws</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>javax.ws.rs.Application</param-name>
<param-value>com.sun.identity.rest.RestService</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>oauth</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>javax.ws.rs.Application</param-name>
<param-value>com.sun.identity.oauth.service.RestService</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>click-servlet</servlet-name>
<servlet-class>org.apache.click.ClickServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>MonitoringFedConfig</servlet-name>
<servlet-class>com.sun.identity.configuration.MonitoringFedConfig</servlet-class>
<load-on-startup>30</load-on-startup>
</servlet>
<servlet>
<description>CDCServlet</description>
<servlet-name>cdcservlet</servlet-name>
<servlet-class>com.iplanet.services.cdc.CDCServlet</servlet-class>
</servlet>
<servlet>
<description>SAMLAwareServlet</description>
<servlet-name>SAMLAwareServlet</servlet-name>
<servlet-class>com.sun.identity.saml.servlet.SAMLAwareServlet</servlet-class>
</servlet>
<servlet>
<description>SAMLPOSTProfileServlet</description>
<servlet-name>SAMLPOSTProfileServlet</servlet-name>
<servlet-class>com.sun.identity.saml.servlet.SAMLPOSTProfileServlet</servlet-class>
</servlet>
<servlet>
<description>SAMLSOAPReceiver</description>
<servlet-name>SAMLSOAPReceiver</servlet-name>
<servlet-class>com.sun.identity.saml.servlet.SAMLSOAPReceiver</servlet-class>
</servlet>
<servlet>
<description>AssertionManagerServlet</description>
<servlet-name>AssertionManagerServlet</servlet-name>
<servlet-class>com.sun.identity.saml.servlet.AssertionManagerServlet</servlet-class>
</servlet>
<servlet>
<description>FSAssertionManagerServlet</description>
<servlet-name>FSAssertionManagerServlet</servlet-name>
<servlet-class>com.sun.identity.federation.services.FSAssertionManagerServlet</servlet-class>
</servlet>
<servlet>
<description>SecurityTokenManagerServlet</description>
<servlet-name>SecurityTokenManagerServlet</servlet-name>
<servlet-class>com.sun.identity.liberty.ws.security.SecurityTokenManagerServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>preLoginHandler</servlet-name>
<servlet-class>com.sun.identity.federation.login.FSPreLoginHandler</servlet-class>
</servlet>
<servlet>
<servlet-name>postLoginHandler</servlet-name>
<servlet-class>com.sun.identity.federation.login.FSPostLoginHandler</servlet-class>
</servlet>
<servlet>
<servlet-name>FederationServlet</servlet-name>
<servlet-class>com.sun.identity.federation.login.FSFederationHandler</servlet-class>
</servlet>
<servlet>
<servlet-name>consentHandler</servlet-name>
<servlet-class>com.sun.identity.federation.login.FSConsentHandler</servlet-class>
</servlet>
<servlet>
<servlet-name>ProcessLogout</servlet-name>
<servlet-class>com.sun.identity.federation.services.logout.FSProcessLogoutServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>ReturnLogout</servlet-name>
<servlet-class>com.sun.identity.federation.services.logout.FSReturnLogoutServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>SingleSignOnService</servlet-name>
<servlet-class>com.sun.identity.federation.services.fednsso.FSSSOAndFedService</servlet-class>
</servlet>
<servlet>
<servlet-name>IntersiteTransferService</servlet-name>
<servlet-class>com.sun.identity.federation.services.fednsso.FSIntersiteTransferService</servlet-class>
</servlet>
<servlet>
<servlet-name>AssertionConsumerService</servlet-name>
<servlet-class>com.sun.identity.federation.services.fednsso.FSAssertionConsumerService</servlet-class>
</servlet>
<servlet>
<servlet-name>SOAPReceiver</servlet-name>
<servlet-class>com.sun.identity.federation.services.FSSOAPReceiver</servlet-class>
</servlet>
<servlet>
<servlet-name>FederationTerminationServlet</servlet-name>
<servlet-class>com.sun.identity.federation.services.termination.FSTerminationInitiationServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>ProcessTermination</servlet-name>
<servlet-class>com.sun.identity.federation.services.termination.FSTerminationRequestServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>ReturnTermination</servlet-name>
<servlet-class>com.sun.identity.federation.services.termination.FSTerminationReturnServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>InitiateRegistration</servlet-name>
<servlet-class>com.sun.identity.federation.services.registration.FSRegistrationInitiationServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>ProcessRegistration</servlet-name>
<servlet-class>com.sun.identity.federation.services.registration.FSRegistrationRequestServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>ReturnRegistration</servlet-name>
<servlet-class>com.sun.identity.federation.services.registration.FSRegistrationReturnServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>LogoutServlet</servlet-name>
<servlet-class>com.sun.identity.federation.services.logout.FSSingleLogoutServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>WSSOAPReceiver</servlet-name>
<servlet-class>com.sun.identity.liberty.ws.soapbinding.SOAPReceiver</servlet-class>
</servlet>
<servlet>
<servlet-name>WSPRedirectHandler</servlet-name>
<servlet-class>com.sun.identity.liberty.ws.interaction.WSPRedirectHandlerServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>IDPFinderService</servlet-name>
<servlet-class>com.sun.identity.federation.services.fednsso.FSIDPFinderService</servlet-class>
</servlet>
<servlet>
<servlet-name>idffwriter</servlet-name>
<servlet-class>com.sun.identity.saml2.idpdiscovery.CookieWriterServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>idffreader</servlet-name>
<servlet-class>com.sun.identity.saml2.idpdiscovery.CookieReaderServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>saml2writer</servlet-name>
<servlet-class>com.sun.identity.saml2.idpdiscovery.CookieWriterServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>saml2reader</servlet-name>
<servlet-class>com.sun.identity.saml2.idpdiscovery.CookieReaderServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>saml2query</servlet-name>
<servlet-class>com.sun.identity.saml2.soapbinding.QueryHandlerServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>ArtifactResolver</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.IDPArtifactResolutionServiceSOAP</servlet-class>
</servlet>
<servlet>
<servlet-name>IDPSloInit</servlet-name>
<jsp-file>/saml2/jsp/idpSingleLogoutInit.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>IDPSloRedirect</servlet-name>
<jsp-file>/saml2/jsp/idpSingleLogoutRedirect.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>IDPSloPOST</servlet-name>
<jsp-file>/saml2/jsp/idpSingleLogoutPOST.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>IDPSloSoap</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.IDPSingleLogoutServiceSOAP</servlet-class>
</servlet>
<servlet>
<servlet-name>IDPMniRedirect</servlet-name>
<jsp-file>/saml2/jsp/idpMNIRedirect.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>IDPMniPOST</servlet-name>
<jsp-file>/saml2/jsp/idpMNIPOST.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>IDPMniSoap</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.IDPManageNameIDServiceSOAP</servlet-class>
</servlet>
<servlet>
<servlet-name>IDPMniInit</servlet-name>
<jsp-file>/saml2/jsp/idpMNIRequestInit.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>SSORedirect</servlet-name>
<jsp-file>/saml2/jsp/idpSSOFederate.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>SSOPOST</servlet-name>
<jsp-file>/saml2/jsp/idpSSOFederate.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>SSOSoap</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.IDPSingleSignOnServiceSOAP</servlet-class>
</servlet>
<servlet>
<servlet-name>AttributeServiceSoap</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.AttributeServiceSOAP</servlet-class>
</servlet>
<servlet>
<servlet-name>AuthnQueryServiceSoap</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.AuthnQueryServiceSOAP</servlet-class>
</servlet>
<servlet>
<servlet-name>AssertionIDRequestServiceSoap</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.AssertionIDRequestServiceSOAP</servlet-class>
</servlet>
<servlet>
<servlet-name>AssertionIDRequestServiceUri</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.AssertionIDRequestServiceURI</servlet-class>
</servlet>
<servlet>
<servlet-name>NameIDMappingServiceSOAP</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.NameIDMappingServiceSOAP</servlet-class>
</servlet>
<servlet>
<servlet-name>Consumer</servlet-name>
<jsp-file>/saml2/jsp/spAssertionConsumer.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>SPSloInit</servlet-name>
<jsp-file>/saml2/jsp/spSingleLogoutInit.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>SPSloRedirect</servlet-name>
<jsp-file>/saml2/jsp/spSingleLogoutRedirect.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>SPSloPOST</servlet-name>
<jsp-file>/saml2/jsp/spSingleLogoutPOST.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>SPSloSoap</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.SPSingleLogoutServiceSOAP</servlet-class>
</servlet>
<servlet>
<servlet-name>SPECP</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.SPECPService</servlet-class>
</servlet>
<servlet>
<servlet-name>SPMniRedirect</servlet-name>
<jsp-file>/saml2/jsp/spMNIRedirect.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>SPMniPOST</servlet-name>
<jsp-file>/saml2/jsp/spMNIPOST.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>SPMniSoap</servlet-name>
<servlet-class>com.sun.identity.saml2.servlet.SPManageNameIDServiceSOAP</servlet-class>
</servlet>
<servlet>
<servlet-name>SPMniInit</servlet-name>
<jsp-file>/saml2/jsp/spMNIRequestInit.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>spssoinit</servlet-name>
<jsp-file>/saml2/jsp/spSSOInit.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>idpssoinit</servlet-name>
<jsp-file>/saml2/jsp/idpSSOInit.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>idpSSOFederate</servlet-name>
<jsp-file>/saml2/jsp/idpSSOFederate.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>idpsaehandler</servlet-name>
<jsp-file>/saml2/jsp/SA_IDP.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>spsaehandler</servlet-name>
<jsp-file>/saml2/jsp/SA_SP.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>MultiProtocolRelayServlet</servlet-name>
<servlet-class>com.sun.identity.multiprotocol.MultiProtocolRelayServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>WSFederationServlet</servlet-name>
<servlet-class>com.sun.identity.wsfederation.servlet.WSFederationServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>RealmSelection</servlet-name>
<jsp-file>/wsfederation/jsp/realmSelection.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>federationrest</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>javax.ws.rs.Application</param-name>
<param-value>com.sun.identity.rest.FederationRestService</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>rest-sts</servlet-name>
<servlet-class>org.forgerock.json.resource.servlet.HttpServlet</servlet-class>
<init-param>
<param-name>connection-factory-class</param-name>
<param-value>org.forgerock.openam.sts.rest.service.RestSTSServiceConnectionFactoryProvider</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>rest-sts-publish</servlet-name>
<servlet-class>org.forgerock.json.resource.servlet.HttpServlet</servlet-class>
<init-param>
<param-name>connection-factory-class</param-name>
<param-value>org.forgerock.openam.sts.rest.publish.service.RestSTSPublishServiceConnectionFactoryProvider</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>sts-tokengeneration-service</servlet-name>
<servlet-class>org.forgerock.json.resource.servlet.HttpServlet</servlet-class>
<init-param>
<param-name>connection-factory-class</param-name>
<param-value>org.forgerock.openam.sts.tokengeneration.service.TokenGenerationServiceConnectionFactoryProvider</param-value>
</init-param>
</servlet>
<!--
No servlet-mapping for the rest-sts-republish-servlet, as it simply serves to republish all previously-published
rest sts instances upon startup. And the load-on-startup has a high value, because functionality triggered by
the init method of the RestSTSInstanceRepublishServlet consumes the SMS, which must be initialized prior to the
initialization of the RestSTSInstanceRepublishServlet.
-->
<servlet>
<servlet-name>rest-sts-republish-servlet</servlet-name>
<servlet-class>org.forgerock.openam.sts.rest.publish.RestSTSInstanceRepublishServlet</servlet-class>
<load-on-startup>40</load-on-startup>
</servlet>
<servlet>
<description>JAX-WS endpoint - sts</description>
<display-name>sts</display-name>
<servlet-name>sts</servlet-name>
<servlet-class>com.sun.identity.wss.sts.SecurityTokenService</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- end of servlet declarations -->
<servlet-mapping>
<servlet-name>LoginLogoutMapping</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>LoginLogoutMapping</servlet-name>
<url-pattern>/logout</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/UI/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AMSetupServlet</servlet-name>
<url-pattern>/config/configurator</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>setSetupProgress</servlet-name>
<url-pattern>/setup/setSetupProgress</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>setUpgradeProgress</servlet-name>
<url-pattern>/upgrade/setUpgradeProgress</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>PWResetServlet</servlet-name>
<url-pattern>/ui/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>GatewayServlet</servlet-name>
<url-pattern>/gateway</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>GetHttpSession</servlet-name>
<url-pattern>/GetHttpSession</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pllservice</servlet-name>
<url-pattern>/sessionservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pllservice</servlet-name>
<url-pattern>/profileservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pllservice</servlet-name>
<url-pattern>/policyservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pllservice</servlet-name>
<url-pattern>/namingservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pllservice</servlet-name>
<url-pattern>/loggingservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pllservice</servlet-name>
<url-pattern>/authservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>jaxrpc</servlet-name>
<url-pattern>/jaxrpc/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SMSServlet</servlet-name>
<url-pattern>/SMSServlet</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>notificationservice</servlet-name>
<url-pattern>/notificationservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IdentityServices</servlet-name>
<url-pattern>/identityservices/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IdentityServicesHandler</servlet-name>
<url-pattern>/identity/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>notificationservlet</servlet-name>
<url-pattern>/notification/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>entitlementmonitor</servlet-name>
<url-pattern>/entitlementmonitor/*</url-pattern>
</servlet-mapping>
<!-- JAX-RS End-Points -->
<servlet-mapping>
<servlet-name>ws</servlet-name>
<url-pattern>/ws/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>oauth</servlet-name>
<url-pattern>/resources/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>click-servlet</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SPMniSoap</servlet-name>
<url-pattern>/SPMniSoap/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SPMniPOST</servlet-name>
<url-pattern>/SPMniPOST/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SPMniRedirect</servlet-name>
<url-pattern>/SPMniRedirect/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SPMniInit</servlet-name>
<url-pattern>/SPMniInit/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SPECP</servlet-name>
<url-pattern>/SPECP/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SPSloSoap</servlet-name>
<url-pattern>/SPSloSoap/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SPSloPOST</servlet-name>
<url-pattern>/SPSloPOST/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SPSloRedirect</servlet-name>
<url-pattern>/SPSloRedirect/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SPSloInit</servlet-name>
<url-pattern>/SPSloInit/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Consumer</servlet-name>
<url-pattern>/Consumer/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SSOPOST</servlet-name>
<url-pattern>/SSOPOST/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SSORedirect</servlet-name>
<url-pattern>/SSORedirect/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>NameIDMappingServiceSOAP</servlet-name>
<url-pattern>/NIMSoap/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AssertionIDRequestServiceUri</servlet-name>
<url-pattern>/AIDReqUri/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AssertionIDRequestServiceSoap</servlet-name>
<url-pattern>/AIDReqSoap/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AuthnQueryServiceSoap</servlet-name>
<url-pattern>/AuthnQueryServiceSoap/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AttributeServiceSoap</servlet-name>
<url-pattern>/AttributeServiceSoap/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SSOSoap</servlet-name>
<url-pattern>/SSOSoap/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IDPMniSoap</servlet-name>
<url-pattern>/IDPMniSoap/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IDPMniPOST</servlet-name>
<url-pattern>/IDPMniPOST/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IDPMniRedirect</servlet-name>
<url-pattern>/IDPMniRedirect/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IDPMniInit</servlet-name>
<url-pattern>/IDPMniInit/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IDPSloSoap</servlet-name>
<url-pattern>/IDPSloSoap/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IDPSloPOST</servlet-name>
<url-pattern>/IDPSloPOST/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IDPSloRedirect</servlet-name>
<url-pattern>/IDPSloRedirect/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IDPSloInit</servlet-name>
<url-pattern>/IDPSloInit/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ArtifactResolver</servlet-name>
<url-pattern>/ArtifactResolver/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>spssoinit</servlet-name>
<url-pattern>/spssoinit</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>idpssoinit</servlet-name>
<url-pattern>/idpssoinit</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>idpSSOFederate</servlet-name>
<url-pattern>/idpSSOFederate/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>idpsaehandler</servlet-name>
<url-pattern>/idpsaehandler/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>spsaehandler</servlet-name>
<url-pattern>/spsaehandler/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IDPFinderService</servlet-name>
<url-pattern>/idpfinder</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cdcservlet</servlet-name>
<url-pattern>/cdcservlet</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SAMLAwareServlet</servlet-name>
<url-pattern>/SAMLAwareServlet</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SAMLPOSTProfileServlet</servlet-name>
<url-pattern>/SAMLPOSTProfileServlet</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SAMLSOAPReceiver</servlet-name>
<url-pattern>/SAMLSOAPReceiver</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AssertionManagerServlet</servlet-name>
<url-pattern>/AssertionManagerServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>FSAssertionManagerServlet</servlet-name>
<url-pattern>/FSAssertionManagerServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SecurityTokenManagerServlet</servlet-name>
<url-pattern>/SecurityTokenManagerServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>preLoginHandler</servlet-name>
<url-pattern>/preLogin</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>postLoginHandler</servlet-name>
<url-pattern>/postLogin/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>FederationServlet</servlet-name>
<url-pattern>/federation</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>consentHandler</servlet-name>
<url-pattern>/consentHandler</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ProcessLogout</servlet-name>
<url-pattern>/ProcessLogout/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ReturnLogout</servlet-name>
<url-pattern>/ReturnLogout/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>LogoutServlet</servlet-name>
<url-pattern>/liberty-logout</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SingleSignOnService</servlet-name>
<url-pattern>/SingleSignOnService/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IntersiteTransferService</servlet-name>
<url-pattern>/IntersiteTransferService</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AssertionConsumerService</servlet-name>
<url-pattern>/AssertionConsumerService/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SOAPReceiver</servlet-name>
<url-pattern>/SOAPReceiver/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>FederationTerminationServlet</servlet-name>
<url-pattern>/federation-terminate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ProcessTermination</servlet-name>
<url-pattern>/ProcessTermination/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ReturnTermination</servlet-name>
<url-pattern>/ReturnTermination/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>InitiateRegistration</servlet-name>
<url-pattern>/InitiateRegistration</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ProcessRegistration</servlet-name>
<url-pattern>/ProcessRegistration/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ReturnRegistration</servlet-name>
<url-pattern>/ReturnRegistration/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>WSSOAPReceiver</servlet-name>
<url-pattern>/Liberty/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>WSPRedirectHandler</servlet-name>
<url-pattern>/WSPRedirectHandler/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>idffwriter</servlet-name>
<url-pattern>/idffwriter</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>idffreader</servlet-name>
<url-pattern>/idffreader</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>saml2writer</servlet-name>
<url-pattern>/saml2writer</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>saml2reader</servlet-name>
<url-pattern>/saml2reader</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>MultiProtocolRelayServlet</servlet-name>
<url-pattern>/multiprotocolrelay/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>WSFederationServlet</servlet-name>
<url-pattern>/WSFederationServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>WSFederationServlet</servlet-name>
<url-pattern>/FederationMetadata/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>RealmSelection</servlet-name>
<url-pattern>/RealmSelection/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>saml2query</servlet-name>
<url-pattern>/saml2query/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>federationrest</servlet-name>
<url-pattern>/federationws/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>sts</servlet-name>
<url-pattern>/sts</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>sts</servlet-name>
<url-pattern>/sts/mex</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>sts</servlet-name>
<url-pattern>/sts/soap11</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>sts</servlet-name>
<url-pattern>/sts/mexsoap11</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>rest-sts</servlet-name>
<url-pattern>/rest-sts/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>rest-sts-publish</servlet-name>
<url-pattern>/rest-sts-publish/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>sts-tokengeneration-service</servlet-name>
<url-pattern>/sts-tokengen/*</url-pattern>
</servlet-mapping>
<!-- end of servlet mapping -->
<!-- Servlet to Restlet adapter declaration (Mandatory) -->
<servlet>
<servlet-name>OAuth2RestletAdapter</servlet-name>
<servlet-class>org.restlet.ext.servlet.ServerServlet</servlet-class>
<!-- Your application class name (Optional - For mode 3) -->
<init-param>
<param-name>org.restlet.application</param-name>
<param-value>org.forgerock.openidconnect.restlet.OpenIdConnectApplication</param-value>
</init-param>
<!-- List of supported client protocols (Optional - Only in mode 3) -->
<init-param>
<param-name>org.restlet.clients</param-name>
<param-value>RIAP CLAP</param-value>
</init-param>
<!-- Add the Servlet context path to routes (Optional) -->
<init-param>
<param-name>org.restlet.autoWire</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>WebFinger</servlet-name>
<servlet-class>org.restlet.ext.servlet.ServerServlet</servlet-class>
<!-- Your application class name (Optional - For mode 3) -->
<init-param>
<param-name>org.restlet.application</param-name>
<param-value>org.forgerock.openidconnect.restlet.WebFinger</param-value>
</init-param>
<!-- List of supported client protocols (Optional - Only in mode 3) -->
<init-param>
<param-name>org.restlet.clients</param-name>
<param-value>RIAP CLAP</param-value>
</init-param>
<!-- Add the Servlet context path to routes (Optional) -->
<init-param>
<param-name>org.restlet.autoWire</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>OAuth2RegisterClient</servlet-name>
<jsp-file>/oauth2/registerClient.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>OAuth2ConnectCheckSession</servlet-name>
<jsp-file>/oauth2/checkSession.jsp</jsp-file>
</servlet>
<servlet>
<servlet-name>OAuth2Rest</servlet-name>
<servlet-class>org.forgerock.json.resource.servlet.HttpServlet</servlet-class>
<init-param>
<param-name>connection-factory-class</param-name>
<param-value>org.forgerock.openam.oauth2.rest.RestTokenDispatcher</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>OAuth2Rest</servlet-name>
<url-pattern>/frrest/oauth2/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>OAuth2RegisterClient</servlet-name>
<url-pattern>/oauth2/registerClient.jsp</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>OAuth2ConnectCheckSession</servlet-name>
<url-pattern>/oauth2/connect/checkSession</url-pattern>
</servlet-mapping>
<!-- servlet declaration -->
<servlet-mapping>
<servlet-name>OAuth2RestletAdapter</servlet-name>
<url-pattern>/oauth2/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>WebFinger</servlet-name>
<url-pattern>/.well-known/*</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>ForgeRockRest</servlet-name>
<servlet-class>org.forgerock.openam.rest.RestEndpointServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ForgeRockRest</servlet-name>
<url-pattern>/json/*</url-pattern>
</servlet-mapping>
<!-- Setup favicon.ico extension type -->
<mime-mapping>
<extension>ico</extension>
<mime-type>image/x-icon</mime-type>
</mime-mapping>
<!-- This tag is for the welcome files such as index.html -->
<welcome-file-list>
<welcome-file>
index.html
</welcome-file>
</welcome-file-list>
<!-- The taglib is only specified once -->
<jsp-config>
<taglib>
<taglib-uri>/WEB-INF/jato.tld</taglib-uri>
<taglib-location>/WEB-INF/jato.tld</taglib-location>
</taglib>
<taglib>
<taglib-uri>/WEB-INF/cc.tld</taglib-uri>
<taglib-location>/WEB-INF/com_sun_web_ui/cc.tld</taglib-location>
</taglib>
<!-- workarounds for lockart 2.x -->
<taglib>
<taglib-uri>/WEB-INF/tld/com_iplanet_jato/jato.tld</taglib-uri>
<taglib-location>/WEB-INF/jato.tld</taglib-location>
</taglib>
<taglib>
<taglib-uri>/WEB-INF/tld/com_sun_web_ui/cc.tld</taglib-uri>
<taglib-location>/WEB-INF/com_sun_web_ui/cc.tld</taglib-location>
</taglib>
<!-- taglib definition -->
</jsp-config>
<!-- comment it out due to issue 4891 in WAS/JBOSS/Geronimo
<resource-ref>
<description>mysql db idrepo</description>
<res-ref-name>jdbc/openssousersdb</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
-->
<!-- To configure CORS Support, please see the documentation and use the
following lines as template configuration information.
<filter>
<filter-name>CORSFilter</filter-name>
<filter-class>org.forgerock.openam.cors.CORSFilter</filter-class>
<init-param>
<description>
Accepted Methods - (Required) -
A list of HTTP methods for which to accept CORS requests
</description>
<param-name>methods</param-name>
<param-value>POST,PUT</param-value>
</init-param>
<init-param>
<description>
Accepted Origins - (Required) -
A list of origins from which to accept CORS requests
</description>
<param-name>origins</param-name>
<param-value>www.example.net,example.org</param-value>
</init-param>
<init-param>
<description>
Allow Credentials - (Optional) -
Whether to include the allow Vary (Origin)
and Access-Control-Allow-Credentials headers
in the response [default false]
</description>
<param-name>allowCredentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<description>
Allowed Headers - (Optional) -
A list of HTTP headers which if included in the request
DO NOT make it abort
</description>
<param-name>headers</param-name>
<param-value>headerOne,headerTwo,headerThree</param-value>
</init-param>
<init-param>
<description>
Expected Hostname - (Optional) -
The name of the host expected in the request Host header
</description>
<param-name>expectedHostname</param-name>
<param-value>http://openam.example.com</param-value>
</init-param>
<init-param>
<description>
Exposed Headers - (Optional) -
The list of headers which the user-agent can expose
to its CORS client
</description>
<param-name>exposeHeaders</param-name>
<param-value>exposeHeaderOne,exposeHeaderTwo</param-value>
</init-param>
<init-param>
<description>
Maximum Cache Age - (Optional) -
The maximum time that the CORS client can cache
the pre-flight response, in seconds [default 600]
</description>
<param-name>maxAge</param-name>
<param-value>600</param-value>
</init-param>
</filter>
-->
</web-app>