update grouper ws authn

Workbench/grouper_ws/Dockerfile

@@ -2,8 +2,8 @@ FROM i2incommon/grouper:2.5.37.1
 
 LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
 
-COPY container_files/web.xml /opt/grouper/grouper.ws/WEB-INF/
-COPY container_files/tomcat-users.xml /opt/tomcat/conf/
-COPY container_files/server.xml /opt/tomcat/conf/
+COPY container_files/web.xml /opt/grouper/grouperWebapp/WEB-INF/
+COPY container_files/tomcat-users.xml /opt/tomee/conf/
+COPY container_files/server.xml /opt/tomee/conf/
 
 CMD ["ws"]

Workbench/grouper_ws/container_files/server.xml

@@ -113,7 +113,7 @@
     -->
 
     <!-- Define an AJP 1.3 Connector on port 8009 -->
-    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" URIEncoding="UTF-8" />
+    <Connector secure="true"  scheme="https" secretRequired="false"  URIEncoding="UTF-8"  tomcatAuthentication="true"  port="8009" protocol="AJP/1.3" redirectPort="8443" />
 
 
     <!-- An Engine represents the entry point (within Catalina) that processes

Workbench/grouper_ws/container_files/web.xml

@@ -1,79 +1,16 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
+<?xml version="1.0" encoding="UTF-8"?>
 
-
-<!DOCTYPE web-app PUBLIC 
-          "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
-          "http://java.sun.com/dtd/web-app_2_3.dtd">
-
-<web-app>
-  <filter>
-    <!-- keeps the request and response in threadlocal so they dont have to be passed around -->
-    <filter-name>Grouper service filter</filter-name>
-    <filter-class>edu.internet2.middleware.grouper.ws.GrouperServiceJ2ee</filter-class>
-  </filter>
-
-  <filter>
-    <!-- logging filter -->
-    <filter-name>Grouper logging filter</filter-name>
-    <filter-class>edu.internet2.middleware.grouper.ws.j2ee.ServletFilterLogger</filter-class>
-  </filter>
-
-  <!-- filter-mapping>
-    <filter-name>Grouper logging filter</filter-name>
-    <url-pattern>/*</url-pattern>
-  </filter-mapping -->
-  <!-- Map the filter to a Servlet or URL -->
-  <filter-mapping>
-    <filter-name>Grouper service filter</filter-name>
-    <url-pattern>/services/*</url-pattern>
-  </filter-mapping>
-  <filter-mapping>
-    <filter-name>Grouper service filter</filter-name>
-    <url-pattern>/servicesRest/*</url-pattern>
-  </filter-mapping>
-	<servlet>
-		<servlet-name>AxisServlet</servlet-name>
-		<display-name>Apache-Axis Servlet</display-name>
-		<servlet-class>edu.internet2.middleware.grouper.ws.GrouperServiceAxisServlet</servlet-class>
-		<load-on-startup>1</load-on-startup>
-    <!-- hint that this is the wssec servlet -->
-    <!-- init-param>
-      <param-name>wssec</param-name>
-      <param-value>true</param-value>
-    </init-param --> 
-	</servlet>
-  <servlet>
-    <servlet-name>RestServlet</servlet-name>
-    <display-name>WS REST Servlet</display-name>
-    <servlet-class>edu.internet2.middleware.grouper.ws.rest.GrouperRestServlet</servlet-class>
-    <load-on-startup>1</load-on-startup>
-  </servlet>
-  <servlet>
-    <servlet-name>StatusServlet</servlet-name>
-    <display-name>Status Servlet</display-name>
-    <servlet-class>edu.internet2.middleware.grouper.j2ee.status.GrouperStatusServlet</servlet-class>
-    <load-on-startup>1</load-on-startup>
-  </servlet>
-  <servlet-mapping>
-    <servlet-name>StatusServlet</servlet-name>
-    <url-pattern>/status</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>AxisServlet</servlet-name>
-    <url-pattern>/services/*</url-pattern>
-  </servlet-mapping>
-  <servlet-mapping>
-    <servlet-name>RestServlet</servlet-name>
-    <url-pattern>/servicesRest/*</url-pattern>
-  </servlet-mapping>
+<web-app xmlns:j2ee="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
+  version="2.4">
 
 	<security-constraint>
 		<web-resource-collection>
 			<web-resource-name>Web services</web-resource-name>
 			<url-pattern>/services/*</url-pattern>
 		</web-resource-collection>
 		<auth-constraint>
-			<role-name>*</role-name>
+			<role-name>grouper_user</role-name>
 		</auth-constraint>
 	</security-constraint>
 
@@ -84,7 +21,7 @@
     </web-resource-collection>
     <auth-constraint>
       <!-- NOTE:  This role is not present in the default users file -->
-      <role-name>*</role-name>
+      <role-name>grouper_user</role-name>
     </auth-constraint>
   </security-constraint>
 
@@ -99,30 +36,7 @@
 		<description>
 			The role that is required to log in to web service
 		</description>
-		<role-name>*</role-name>
+		<role-name>grouper_user</role-name>
 	</security-role>
-
-  <session-config>
-    <session-timeout>1</session-timeout> 
-  </session-config>
-  <!--  config to enable ESB listener servlet
-  <servlet>
-    <servlet-name>EsbServlet</servlet-name>
-    <display-name>Esb Servlet</display-name>
-    <servlet-class>edu.internet2.middleware.grouper.esb.EsbHttpHandler</servlet-class>
-    <load-on-startup>1</load-on-startup>
-  </servlet>
-  <servlet-mapping>
-    <servlet-name>EsbServlet</servlet-name>
-    <url-pattern>/servicesEsb/*</url-pattern>
-  </servlet-mapping>
-  <security-constraint>
-    <web-resource-collection>
-      <web-resource-name>Web services</web-resource-name>
-      <url-pattern>/servicesEsb/*</url-pattern>
-    </web-resource-collection>
-    <auth-constraint>
-      <role-name>grouper_user</role-name>
-    </auth-constraint>
-  </security-constraint> -->  
-</web-app>
+
+</web-app>