Partial migration of mail

This commit is contained in:
Paulo Gustavo Veiga 2024-01-15 14:08:23 -08:00
parent 03a6c0ef8b
commit 3a9aad02cf
17 changed files with 179 additions and 323 deletions

View File

@ -1,15 +1,15 @@
package com.wisemapping.config; package com.wisemapping.config;
import com.wisemapping.config.mvc.MvcAppConfig; import com.wisemapping.config.common.CommonConfig;
import com.wisemapping.config.mvc.MvcSecurityConfig; import com.wisemapping.config.common.HibernateConfig;
import com.wisemapping.config.common.InterceptorsConfig;
import com.wisemapping.config.common.SecurityConfig;
import com.wisemapping.config.rest.ServletConfig; import com.wisemapping.config.rest.ServletConfig;
import com.wisemapping.config.rest.RestAppConfig; import com.wisemapping.config.rest.RestAppConfig;
import org.springframework.boot.WebApplicationType; import org.springframework.boot.WebApplicationType;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder; import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.ImportResource;
import org.springframework.security.web.firewall.StrictHttpFirewall; import org.springframework.security.web.firewall.StrictHttpFirewall;
@SpringBootApplication @SpringBootApplication
@ -18,9 +18,9 @@ public class Application {
public static void main(String[] args) { public static void main(String[] args) {
new SpringApplicationBuilder() new SpringApplicationBuilder()
.parent(MethodSecurityConfig.class, HibernateConfig.class).web(WebApplicationType.NONE) .parent(HibernateConfig.class, ServletConfig.class, CommonConfig.class, SecurityConfig.class).web(WebApplicationType.NONE)
// .child(MvcAppConfig.class, MvcSecurityConfig.class).web(WebApplicationType.SERVLET) // .child(MvcAppConfig.class, MvcSecurityConfig.class, SecurityConfig.class).web(WebApplicationType.SERVLET)
.child(RestAppConfig.class, ServletConfig.class).web(WebApplicationType.SERVLET) .child(RestAppConfig.class, ServletConfig.class, InterceptorsConfig.class).web(WebApplicationType.SERVLET)
.run(args); .run(args);
} }

View File

@ -1,38 +0,0 @@
package com.wisemapping.config;
import com.wisemapping.security.MapAccessPermissionEvaluation;
import com.wisemapping.security.ReadSecurityAdvise;
import com.wisemapping.security.UpdateSecurityAdvise;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportResource;
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
@Configuration
@EnableMethodSecurity(
securedEnabled = true,
jsr250Enabled = true)
@ImportResource(value = {"classpath:spring/wisemapping-service.xml"})
@ComponentScan({"com.wisemapping.security", "com.wisemapping.service", "com.wisemapping.dao", "com.wisemapping.util", "com.wisemapping.model"})
public class MethodSecurityConfig {
@Autowired
private ReadSecurityAdvise readAdvice;
@Autowired
private UpdateSecurityAdvise updateAdvice;
@Bean
protected MethodSecurityExpressionHandler createExpressionHandler() {
DefaultMethodSecurityExpressionHandler expressionHandler =
new DefaultMethodSecurityExpressionHandler();
final MapAccessPermissionEvaluation permissionEvaluator = new MapAccessPermissionEvaluation(readAdvice, updateAdvice);
expressionHandler.setPermissionEvaluator(permissionEvaluator);
return expressionHandler;
}
}

View File

@ -0,0 +1,11 @@
package com.wisemapping.config.common;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportResource;
@Configuration
@ImportResource(value = {"spring/wisemapping-mail.xml"})
@ComponentScan({"com.wisemapping.security", "com.wisemapping.service", "com.wisemapping.dao", "com.wisemapping.util", "com.wisemapping.model"})
public class CommonConfig {
}

View File

@ -1,4 +1,4 @@
package com.wisemapping.config; package com.wisemapping.config.common;
import com.wisemapping.model.User; import com.wisemapping.model.User;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
@ -9,7 +9,7 @@ import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
@Configuration @Configuration
@EnableAutoConfiguration @EnableAutoConfiguration
@EnableJpaRepositories(basePackages={"com.wisemapping.dao"}) @EnableJpaRepositories(basePackages={"com.wisemapping.dao","com.wisemapping.service"})
@EntityScan(basePackageClasses= User.class) @EntityScan(basePackageClasses= User.class)
public class HibernateConfig { public class HibernateConfig {

View File

@ -0,0 +1,17 @@
package com.wisemapping.config.common;
import com.wisemapping.filter.RequestPropertiesInterceptor;
import com.wisemapping.filter.UserLocaleInterceptor;
import org.jetbrains.annotations.NotNull;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Component
public class InterceptorsConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(@NotNull final InterceptorRegistry registry) {
registry.addInterceptor(new UserLocaleInterceptor());
registry.addInterceptor(new RequestPropertiesInterceptor());
}
}

View File

@ -0,0 +1,78 @@
package com.wisemapping.config.common;
import com.wisemapping.security.*;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.crypto.password.PasswordEncoder;
import static org.springframework.security.crypto.factory.PasswordEncoderFactories.createDelegatingPasswordEncoder;
@Configuration
@EnableWebSecurity
@EnableMethodSecurity(
securedEnabled = true,
jsr250Enabled = true)
public class SecurityConfig {
@Autowired
private ReadSecurityAdvise readAdvice;
@Autowired
private UpdateSecurityAdvise updateAdvice;
@Autowired
private UserDetailsService userDetailsService;
@Bean
protected MethodSecurityExpressionHandler createExpressionHandler() {
DefaultMethodSecurityExpressionHandler expressionHandler =
new DefaultMethodSecurityExpressionHandler();
final MapAccessPermissionEvaluation permissionEvaluator = new MapAccessPermissionEvaluation(readAdvice, updateAdvice);
expressionHandler.setPermissionEvaluator(permissionEvaluator);
return expressionHandler;
}
@Bean
public PasswordEncoder passwordEncoder() {
return createDelegatingPasswordEncoder();
}
@Bean
public AuthenticationProvider googleAuthenticationProvider() {
return new GoogleAuthenticationProvider(userDetailsService);
}
@Bean
public AuthenticationProvider dbAuthenticationProvider() {
com.wisemapping.security.AuthenticationProvider provider =
new com.wisemapping.security.AuthenticationProvider();
provider.setEncoder(passwordEncoder());
provider.setUserDetailsService(userDetailsService);
return provider;
}
@Bean
public AuthenticationManager authenticationManager(@NotNull HttpSecurity http)
throws Exception {
final AuthenticationManagerBuilder builder = http.getSharedObject(AuthenticationManagerBuilder.class);
builder.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder());
builder.authenticationProvider(dbAuthenticationProvider());
builder.authenticationProvider(googleAuthenticationProvider());
return builder.build();
}
}

View File

@ -21,7 +21,7 @@ import static org.springframework.security.config.Customizer.withDefaults;
@SpringBootApplication @SpringBootApplication
@EnableWebSecurity @EnableWebSecurity
@ImportResource(value = {"classpath:spring/wisemapping-service.xml"}) //@ImportResource(value = {"classpath:spring/wisemapping-rest.xml"})
@ComponentScan({"com.wisemapping.rest"}) @ComponentScan({"com.wisemapping.rest"})
public class RestAppConfig { public class RestAppConfig {
@Bean @Bean
@ -55,4 +55,5 @@ public class RestAppConfig {
return http.build(); return http.build();
} }
} }

View File

@ -1,5 +1,6 @@
package com.wisemapping.security; package com.wisemapping.security;
import org.jetbrains.annotations.NotNull;
import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
@ -11,52 +12,48 @@ public class GoogleAuthenticationProvider implements org.springframework.securit
private UserDetailsService userDetailsService; private UserDetailsService userDetailsService;
public UserDetailsService getUserDetailsService() { public GoogleAuthenticationProvider(@NotNull UserDetailsService userDetailsService) {
return userDetailsService;
}
public void setUserDetailsService(UserDetailsService userDetailsService) {
this.userDetailsService = userDetailsService; this.userDetailsService = userDetailsService;
} }
/** /**
* Authenticate the given PreAuthenticatedAuthenticationToken. * Authenticate the given PreAuthenticatedAuthenticationToken.
* * <p>
* If the principal contained in the authentication object is null, the request will * If the principal contained in the authentication object is null, the request will
* be ignored to allow other providers to authenticate it. * be ignored to allow other providers to authenticate it.
*/ */
@Override @Override
public Authentication authenticate(Authentication inputToken) throws AuthenticationException { public Authentication authenticate(Authentication inputToken) throws AuthenticationException {
if (!supports(inputToken.getClass())) { if (!supports(inputToken.getClass())) {
return null; return null;
} }
if (inputToken.getPrincipal() == null) { if (inputToken.getPrincipal() == null) {
throw new BadCredentialsException("No pre-authenticated principal found in request."); throw new BadCredentialsException("No pre-authenticated principal found in request.");
} }
UserDetails userDetails = userDetailsService.loadUserByUsername(inputToken.getName()); UserDetails userDetails = userDetailsService.loadUserByUsername(inputToken.getName());
final User user = userDetails.getUser(); final User user = userDetails.getUser();
if (!user.isActive()) { if (!user.isActive()) {
throw new BadCredentialsException("User has been disabled for login " + inputToken.getName()); throw new BadCredentialsException("User has been disabled for login " + inputToken.getName());
} }
PreAuthenticatedAuthenticationToken resultToken = new PreAuthenticatedAuthenticationToken(userDetails, PreAuthenticatedAuthenticationToken resultToken = new PreAuthenticatedAuthenticationToken(userDetails,
inputToken.getCredentials(), userDetails.getAuthorities()); inputToken.getCredentials(), userDetails.getAuthorities());
resultToken.setDetails(userDetails); resultToken.setDetails(userDetails);
userDetailsService.getUserService().auditLogin(user); userDetailsService.getUserService().auditLogin(user);
return resultToken; return resultToken;
} }
/** /**
* Indicate that this provider only supports PreAuthenticatedAuthenticationToken * Indicate that this provider only supports PreAuthenticatedAuthenticationToken
* (sub)classes. * (sub)classes.
*/ */
@Override @Override
public final boolean supports(Class<?> authentication) { public final boolean supports(Class<?> authentication) {
return PreAuthenticatedAuthenticationToken.class.isAssignableFrom(authentication); return PreAuthenticatedAuthenticationToken.class.isAssignableFrom(authentication);
} }
} }

View File

@ -38,7 +38,7 @@ public final class MailerService {
//~ Instance fields ...................................................................................... //~ Instance fields ......................................................................................
@Autowired // @Autowired
private JavaMailSender mailSender; private JavaMailSender mailSender;
@Autowired @Autowired

View File

@ -13,7 +13,7 @@ spring.sql.init.mode=always
# LOG # LOG
logging.level.root=TRACE logging.level.root=DEBUG
logging.level.org.apache.tomcat=INFO logging.level.org.apache.tomcat=INFO
################################################################################## ##################################################################################

View File

@ -0,0 +1,15 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="defaultEncoding" value="UTF-8"/>
<property name="basenames">
<list>
<value>messages</value>
</list>
</property>
</bean>
</beans>

View File

@ -28,6 +28,4 @@
</list> </list>
</property> </property>
</bean> </bean>
<import resource="wisemapping-security-${security.type:db}.xml"/>
</beans> </beans>

View File

@ -49,4 +49,13 @@
</list> </list>
</property> </property>
</bean> </bean>
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="defaultEncoding" value="UTF-8"/>
<property name="basenames">
<list>
<value>messages</value>
</list>
</property>
</bean>
</beans> </beans>

View File

@ -1,26 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<bean id="passwordEncoder" class="com.wisemapping.security.DefaultPasswordEncoderFactories" factory-method="createDelegatingPasswordEncoder"/>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="dbAuthenticationProvider" />
<sec:authentication-provider ref="googleAuthenticationProvider" />
<sec:authentication-provider user-service-ref="userDetailsService"/>
</sec:authentication-manager>
<bean id="dbAuthenticationProvider" class="com.wisemapping.security.AuthenticationProvider">
<property name="userDetailsService" ref="userDetailsService"/>
<property name="encoder" ref="passwordEncoder"/>
</bean>
<bean id="googleAuthenticationProvider" class="com.wisemapping.security.GoogleAuthenticationProvider">
<property name="userDetailsService" ref="userDetailsService"/>
</bean>
</beans>

View File

@ -1,55 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<bean id="passwordEncoder" class="com.wisemapping.security.DefaultPasswordEncoderFactories" factory-method="createDelegatingPasswordEncoder"/>
<sec:authentication-manager>
<sec:authentication-provider ref="ldapAuthProvider"/>
</sec:authentication-manager>
<!-- ================================================== -->
<!-- LDAP Connection settings -->
<!-- ================================================== -->
<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
<property name="url" value="${security.ldap.server}"/>
<property name="userDn" value="${security.ldap.server.user}"/>
<property name="password" value="${security.ldap.server.password}"/>
<property name="base" value="${security.ldap.basedn}"/>
</bean>
<!-- ================================================== -->
<!-- Authentication and Authorization Handlers -->
<!-- ================================================== -->
<bean id="ldapAuthProvider"
class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<constructor-arg>
<bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="contextSource"/>
<property name="userSearch" ref="ldapUserSearch"/>
</bean>
</constructor-arg>
<property name="userDetailsContextMapper" ref="userDetailsContextMapper"/>
</bean>
<bean id="userDetailsContextMapper" class="com.wisemapping.security.ldap.LdapUserDetailsContextMapper">
<property name="userService" ref="userService"/>
<property name="ldapAttributeFirstName" value="${security.ldap.firstName.attribute}"/>
<property name="ldapAttributeLastName" value="${security.ldap.lastName.attribute}"/>
</bean>
<bean id="ldapUserSearch"
class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg index="0" value="${security.ldap.subDn}"/>
<constructor-arg index="1" value="(${security.ldap.auth.attribute}={0})"/>
<constructor-arg index="2" ref="contextSource"/>
<property name="searchSubtree" value="true"/>
</bean>
</beans>

View File

@ -1,20 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<!-- Interceptors Registration -->
<mvc:interceptors>
<bean id="userLocaleInterceptor" class="com.wisemapping.filter.UserLocaleInterceptor"/>
<bean id="requestInterceptor" class="com.wisemapping.filter.RequestPropertiesInterceptor"/>
</mvc:interceptors>
<!-- <bean id="localeResolver"-->
<!-- class="org.springframework.web.servlet.i18n.SessionLocaleResolver">-->
<!-- </bean>-->
</beans>

View File

@ -1,131 +0,0 @@
<!--<?xml version="1.0" encoding="UTF-8"?>-->
<!--<web-app version="5.0"-->
<!-- xmlns="https://jakarta.ee/xml/ns/jakartaee"-->
<!-- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"-->
<!-- xsi:schemaLocation="https://jakarta.ee/xml/ns/jakartaee https://jakarta.ee/xml/ns/jakartaee/web-app_5_0.xsd">-->
<!-- <filter>-->
<!-- <filter-name>charsetFilter</filter-name>-->
<!-- <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>-->
<!-- <init-param>-->
<!-- <param-name>encoding</param-name>-->
<!-- <param-value>UTF-8</param-value>-->
<!-- </init-param>-->
<!-- </filter>-->
<!-- <distributable/>-->
<!-- <context-param>-->
<!-- <param-name>jakarta.servlet.jsp.jstl.fmt.localizationContext</param-name>-->
<!-- <param-value>messages</param-value>-->
<!-- </context-param>-->
<!-- <context-param>-->
<!-- <param-name>contextConfigLocation</param-name>-->
<!-- <param-value>-->
<!-- classpath:spring/wisemapping-common.xml-->
<!-- </param-value>-->
<!-- </context-param>-->
<!-- <context-param>-->
<!-- <param-name>contextInitializerClasses</param-name>-->
<!-- <param-value>com.wisemapping.webmvc.ApplicationContextInitializer</param-value>-->
<!-- </context-param>-->
<!-- -->
<!-- &lt;!&ndash;-->
<!-- - Loads the root application context of this web app at startup.-->
<!-- - The application context is then available via-->
<!-- - WebApplicationContextUtils.getWebApplicationContext(servletContext).-->
<!-- &ndash;&gt;-->
<!-- <listener>-->
<!-- <listener-class>com.wisemapping.listener.UnlockOnExpireListener</listener-class>-->
<!-- </listener>-->
<!-- <filter>-->
<!-- <filter-name>hibernate</filter-name>-->
<!-- <filter-class>org.springframework.orm.hibernate5.support.OpenSessionInViewFilter</filter-class>-->
<!-- <init-param>-->
<!-- <param-name>singleSession</param-name>-->
<!-- <param-value>true</param-value>-->
<!-- </init-param>-->
<!-- <init-param>-->
<!-- <param-name>sessionFactoryBeanName</param-name>-->
<!-- <param-value>sessionFactory</param-value>-->
<!-- </init-param>-->
<!-- </filter>-->
<!-- <filter>-->
<!-- <filter-name>springSecurityFilterChain</filter-name>-->
<!-- <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>-->
<!-- </filter>-->
<!-- <filter-mapping>-->
<!-- <filter-name>springSecurityFilterChain</filter-name>-->
<!-- <url-pattern>/*</url-pattern>-->
<!-- </filter-mapping>-->
<!-- <filter-mapping>-->
<!-- <filter-name>hibernate</filter-name>-->
<!-- <url-pattern>/*</url-pattern>-->
<!-- </filter-mapping>-->
<!-- <filter-mapping>-->
<!-- <filter-name>charsetFilter</filter-name>-->
<!-- <url-pattern>/*</url-pattern>-->
<!-- </filter-mapping>-->
<!-- <listener>-->
<!-- <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>-->
<!-- </listener>-->
<!-- <servlet>-->
<!-- <servlet-name>mvc-servlet</servlet-name>-->
<!-- <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>-->
<!-- <init-param>-->
<!-- <param-name>contextConfigLocation</param-name>-->
<!-- <param-value>-->
<!-- classpath:spring/wisemapping-servlet.xml-->
<!-- </param-value>-->
<!-- </init-param>-->
<!-- <load-on-startup>1</load-on-startup>-->
<!-- </servlet>-->
<!-- <servlet>-->
<!-- <servlet-name>mvc-rest</servlet-name>-->
<!-- <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>-->
<!-- <init-param>-->
<!-- <param-name>contextConfigLocation</param-name>-->
<!-- <param-value>-->
<!-- classpath:spring/wisemapping-rest.xml-->
<!-- </param-value>-->
<!-- </init-param>-->
<!-- <load-on-startup>1</load-on-startup>-->
<!-- </servlet>-->
<!-- <servlet-mapping>-->
<!-- <servlet-name>mvc-servlet</servlet-name>-->
<!-- <url-pattern>/c/*</url-pattern>-->
<!-- </servlet-mapping>-->
<!-- <servlet-mapping>-->
<!-- <servlet-name>mvc-rest</servlet-name>-->
<!-- <url-pattern>/service/*</url-pattern>-->
<!-- </servlet-mapping>-->
<!-- <servlet-mapping>-->
<!-- <servlet-name>mvc-rest</servlet-name>-->
<!-- <url-pattern>/c/restful/*</url-pattern>-->
<!-- </servlet-mapping>-->
<!-- <welcome-file-list>-->
<!-- <welcome-file>-->
<!-- index.jsp-->
<!-- </welcome-file>-->
<!-- </welcome-file-list>-->
<!-- <session-config>-->
<!-- <session-timeout>1440</session-timeout>-->
<!-- </session-config>-->
<!--</web-app>-->