Bug fix to allow compilation of JSP pages for the admin console when running...

Bug fix to allow compilation of JSP pages for the admin console when running with -DdevelopmentMode=true. Fixed by adding jetty-annotations of appropriate version and using the servlet container initializer inside there. Includes a change to mark index.html as the welcome page rather than the jsp to avoid bypassing context security in development mode.

Bug fix to allow compilation of JSP pages for the admin console when running...
Bug fix to allow compilation of JSP pages for the admin console when running with -DdevelopmentMode=true. Fixed by adding jetty-annotations of appropriate version and using the servlet container initializer inside there. Includes a change to mark index.html as the welcome page rather than the jsp to avoid bypassing context security in development mode.
1dd6c1d0 · Daniel Hams · f1cba6ed · 1dd6c1d0 · 1dd6c1d0 · 1dd6c1d0
Commit 1dd6c1d0 authored May 09, 2016 by Daniel Hams
4 changed files
--- a/build/eclipse/classpath
+++ b/build/eclipse/classpath
@@ -174,5 +174,6 @@
 	<classpathentry kind="lib" path="src/plugins/rayo/lib/validation-api-1.1.0.Final.jar"/>
 	<classpathentry kind="lib" path="src/plugins/rayo/lib/cmu_us_kal.jar"/>
 	<classpathentry kind="lib" path="src/plugins/rayo/lib/en_us.jar"/>
+	<classpathentry kind="lib" path="build/lib/merge/jetty-annotations.jar"/>
 	<classpathentry kind="output" path="work/classes"/>
 </classpath>
--- a/build/lib/merge/jetty-annotations.jar
+++ b/build/lib/merge/jetty-annotations.jar
--- a/build/lib/versions.txt
+++ b/build/lib/versions.txt
@@ -15,6 +15,7 @@ concurrentlinkedhashmap-lru         | concurrentlinkedhashmap-lru-1.0_jdk5
 dbutil.jar                          | Jive Code, no release version.                               | GPL
 hsqldb.jar                          | 1.8.0.5                                                      | BSD (http://hsqldb.org/web/hsqlLicense.html)
 jcl-over-slf4j.jar                  | 1.7.7                                                        | http://www.slf4j.org/license.html
+jetty-annotations.jar               | Jetty 9.2.14.v20151106                                       | Apache 2.0, Eclipse 1.0
 jetty-continuation.jar              | Jetty 9.2.14.v20151106                                       | Apache 2.0, Eclipse 1.0
 jetty-http.jar                      | Jetty 9.2.14.v20151106                                       | Apache 2.0, Eclipse 1.0
 jetty-io.jar                        | Jetty 9.2.14.v20151106                                       | Apache 2.0, Eclipse 1.0

--- a/src/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java
+++ b/src/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java
@@ -20,13 +20,17 @@
 package org.jivesoftware.openfire.container;
 import java.io.File;
+import java.net.URL;
+import java.net.URLClassLoader;
 import java.security.KeyStore;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.List;
+import org.apache.jasper.servlet.JasperInitializer;
 import org.apache.tomcat.InstanceManager;
 import org.apache.tomcat.SimpleInstanceManager;
+import org.eclipse.jetty.annotations.ServletContainerInitializersStarter;
 import org.eclipse.jetty.apache.jsp.JettyJasperInitializer;
 import org.eclipse.jetty.plus.annotation.ContainerInitializer;
 import org.eclipse.jetty.server.Connector;
@@ -40,7 +44,6 @@ import org.eclipse.jetty.server.SslConnectionFactory;
 import org.eclipse.jetty.server.handler.ContextHandlerCollection;
 import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerCollection;
-import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.eclipse.jetty.util.thread.QueuedThreadPool;
@@ -328,11 +331,14 @@ public class AdminConsolePlugin implements Plugin {
    }
    private void createWebAppContext() {
-        ServletContextHandler context;
+        WebAppContext context;
        // Add web-app. Check to see if we're in development mode. If so, we don't
        // add the normal web-app location, but the web-app in the project directory.
-        if (Boolean.getBoolean("developmentMode")) {
+        boolean developmentMode = Boolean.getBoolean("developmentMode");
+        if( developmentMode )
+        {
            System.out.println(LocaleUtils.getLocalizedString("admin.console.devmode"));
            context = new WebAppContext(contexts, pluginDir.getParentFile().getParentFile().getParentFile().getParent() +
                    File.separator + "src" + File.separator + "web", "/");
        }
@@ -343,11 +349,19 @@ public class AdminConsolePlugin implements Plugin {
        // Ensure the JSP engine is initialized correctly (in order to be able to cope with Tomcat/Jasper precompiled JSPs).
        final List<ContainerInitializer> initializers = new ArrayList<>();
-        initializers.add(new ContainerInitializer(new JettyJasperInitializer(), null));
+        initializers.add(new ContainerInitializer(new JasperInitializer(), null));
        context.setAttribute("org.eclipse.jetty.containerInitializers", initializers);
        context.setAttribute(InstanceManager.class.getName(), new SimpleInstanceManager());
-        context.setWelcomeFiles(new String[]{"index.jsp"});
+        // The index.html includes a redirect to the index.jsp and doesn't bypass
+        // the context security when in development mode
+        context.setWelcomeFiles(new String[]{"index.html"});
+        // Make sure the context initialization is done when in development mode
+        if( developmentMode )
+        {
+            context.addBean( new ServletContainerInitializersStarter( context ), true );
+        }
    }
    private void log(String string) {