Hello.
in this directory
C:\BonitaStudioCommunity-2022.1-u0\workspace\tomcat\server\webapps\bonita\WEB-INF\web.xml
and this is the complete code
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<display-name>Bonita</display-name>
<!-- Error pages -->
<error-page>
<error-code>500</error-code>
<location>/error/500</location>
</error-page>
<error-page>
<error-code>403</error-code>
<location>/error/403</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/error/404</location>
</error-page>
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,HEAD,POST,PUT,DELETE,OPTIONS</param-value>
</init-param>
<!-- List of the response headers other than simple response headers that the browser should expose to
the author of the cross-domain request through the XMLHttpRequest.getResponseHeader() method.
The CORS filter supplies this information through the Access-Control-Expose-Headers header. -->
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials,X-Bonita-API-Token</param-value>
</init-param>
<!-- The names of the supported author request headers. These are advertised through the Access-Control-Allow-Headers header.
The CORS Filter implements this by simply echoing the requested value back to the browser.
-->
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,X-Bonita-API-Token</param-value>
</init-param>
</filter>
...
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- No Cache Filter -->
<filter>
<filter-name>NoCacheFilter</filter-name>
<filter-class>org.bonitasoft.console.common.server.filter.NoCacheFilter</filter-class>
</filter>
<!-- Security Filters -->
<filter>
<filter-name>FrameSecurityFilter</filter-name>
<filter-class>org.bonitasoft.console.common.server.login.filter.FrameSecurityFilter</filter-class>
<init-param>
<param-name>X-Frame-Options</param-name>
<param-value>SAMEORIGIN</param-value>
</init-param>
<!--
The excludePattern default value is the one commented out bellow, but you can uncomment it and add new patterns if you need to
-->
<!-- init-param>
<param-name>excludePattern</param-name>
<param-value>^/(bonita/)?(portal/resource/.+/content/$)|(portal/custom-page/.+/$)</param-value>
</init-param -->
</filter>
<filter>
<filter-name>ContentTypeSecurityFilter</filter-name>
<filter-class>org.bonitasoft.console.common.server.login.filter.ContentTypeSecurityFilter</filter-class>
<init-param>
<param-name>X-Content-Type-Options</param-name>
<param-value>nosniff</param-value>
</init-param>
<!--
The there is no default excludePattern for this filter, but you can uncomment it and add one if you need to
-->
<!-- init-param>
<param-name>excludePattern</param-name>
<param-value></param-value>
</init-param -->
</filter>
<!--Rest filter -->
<filter>
<filter-name>RestAPIAuthorizationFilter</filter-name>
<filter-class>org.bonitasoft.console.common.server.login.filter.RestAPIAuthorizationFilter</filter-class>
<!--
We need to let a set of URL accessible in order to serve the translations
The excludePattern default value is the one commented out bellow, but you can uncomment it and add new patterns if you need to
-->
<!-- init-param>
<param-name>excludePattern</param-name>
<param-value>^/(bonita/)?((apps/.+/)|(portal/resource/.+/))?(API|APIToolkit)/system/(i18ntranslation|feature)</param-value>
</init-param-->
</filter>
<filter>
<filter-name>RestAPIAuthorizationFilterToolkit</filter-name>
<filter-class>org.bonitasoft.console.common.server.login.filter.RestAPIAuthorizationFilter</filter-class>
<!--
We need to let a set of URL accessible in order to serve the translations
The excludePattern default value is the one commented out bellow, but you can uncomment it and add new patterns if you need to
-->
<!-- init-param>
<param-name>excludePattern</param-name>
<param-value>^/(bonita/)?((apps/.+/)|(portal/resource/.+/))?(API|APIToolkit)/system/(i18ntranslation|feature)</param-value>
</init-param-->
</filter>
<!-- Token Filter -->
<filter>
<filter-name>TokenGeneratorFilter</filter-name>
<filter-class>org.bonitasoft.console.common.server.login.filter.TokenGeneratorFilter</filter-class>
</filter>
<!-- Token Validator Filter -->
<filter>
<filter-name>TokenValidatorFilter</filter-name>
<filter-class>org.bonitasoft.console.common.server.login.filter.TokenValidatorFilter</filter-class>
<!--
We need to let a set of URL accessible in order to handle the translations on the login page and token request
The excludePattern default value is the one commented out bellow, but you can uncomment it and add new patterns if you need to
-->
<!-- init-param>
<param-name>excludePattern</param-name>
<param-value>^/(bonita/)?((apps/.+/)|(portal/resource/.+/))?(API|APIToolkit)/system/(i18ntranslation|feature|session)</param-value>
</init-param-->
</filter>
<filter>
<filter-name>AuthenticationFilter</filter-name>
<filter-class>org.bonitasoft.console.common.server.login.filter.AuthenticationFilter</filter-class>
<!--
The AuthenticationFilter check credentials when access is requested
However, to ensure authentication redirect and/or error handling works properly,
we need to let a set of pages not securized :
The excludePattern default value is the one commented out bellow, but you can uncomment it and add new patterns if you need to
-->
<!-- init-param>
<param-name>excludePattern</param-name>
<param-value>^/(bonita/)?(login.jsp$)|(apps/.+/API/)|(portal/resource/.+/API/)</param-value>
</init-param -->
<init-param>
<param-name>redirectWhenUnauthorized</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<!-- Cache Filter -->
<filter>
<filter-name>CacheFilter</filter-name>
<filter-class>org.bonitasoft.console.common.server.filter.CacheFilter</filter-class>
<init-param>
<param-name>duration</param-name>
<param-value>36000</param-value>
</init-param>
<init-param>
<param-name>alwaysCaching</param-name>
<param-value>true</param-value>
</init-param>
<!--
We need to let a set of URL not cached (the ones serving the HTML content) in order to handle the sessions timeout
The excludePattern default value is the one commented out bellow, but you can uncomment it and add new patterns if you need to
-->
<!-- init-param>
<param-name>excludePattern</param-name>
<param-value>^/(bonita/)?(apps/.+/$)|(portal/resource/.+/content/$)|(portal/custom-page/.+/$)|(portal/custom-page/API/)</param-value>
</init-param -->
</filter>
<filter>
<filter-name>CustomPageCacheFilter</filter-name>
<filter-class>org.bonitasoft.console.common.server.filter.CacheFilter</filter-class>
<init-param>
<param-name>duration</param-name>
<param-value>15768000</param-value>
</init-param>
<init-param>
<param-name>alwaysCaching</param-name>
<param-value>false</param-value>
</init-param>
<!--
We need to let a set of URL not cached (the ones serving the HTML content) in order to handle the sessions timeout
The excludePattern default value is the one commented out bellow, but you can uncomment it and add new patterns if you need to
-->
<!-- init-param>
<param-name>excludePattern</param-name>
<param-value>^/(bonita/)?(apps/.+/$)|(portal/resource/.+/content/$)|(portal/custom-page/.+/$)|(portal/custom-page/API/)</param-value>
</init-param -->
</filter>
<filter>
<filter-name>UrlRewriteFilter</filter-name>
<filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
<init-param>
<param-name>logLevel</param-name>
<param-value>slf4j</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>NoCacheFilter</filter-name>
<url-pattern>/portal/formsDocumentDownload</url-pattern>
<url-pattern>/portal/formsDocumentImage</url-pattern>
<url-pattern>/portal/downloadDocument</url-pattern>
<url-pattern>/portal/documentDownload</url-pattern>
<url-pattern>/portal/runreport</url-pattern>
<url-pattern>/API/*</url-pattern>
<url-pattern>/APIToolkit/*</url-pattern>
<url-pattern>/portal/custom-page/API/*</url-pattern>
<url-pattern>/portal.js/index.html</url-pattern>
<!-- New manage on no cache Filter -->
<url-pattern>/portal/exportOrganization</url-pattern>
<url-pattern>/portal/pageDownload</url-pattern>
<url-pattern>/portal/exportActors</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>FrameSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>ContentTypeSecurityFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>TokenValidatorFilter</filter-name>
<url-pattern>/API/*</url-pattern>
<url-pattern>/APIToolkit/*</url-pattern>
<!--
In the case of a custom page served in a custom profile calls to the
REST API are done though /portal/custom-page/API
-->
<url-pattern>/portal/custom-page/API/*</url-pattern>
<!--
In the case of a form or in the case of a custom page served in a living application
REST API are done though /portal/resource/*/API or /apps/*/API (layout)
-->
<url-pattern>/portal/resource/*</url-pattern>
<url-pattern>/apps/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthenticationFilter</filter-name>
<url-pattern>/portal/*</url-pattern>
<url-pattern>/portal.js/*</url-pattern>
<url-pattern>/apps/*</url-pattern>
<url-pattern>/services/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>RestAPIAuthorizationFilter</filter-name>
<url-pattern>/API/*</url-pattern>
<url-pattern>/APIToolkit/*</url-pattern>
<!-- see TokenValidatorFilter comment -->
<url-pattern>/portal/custom-page/API/*</url-pattern>
<url-pattern>/portal/formsDocumentDownload</url-pattern>
<url-pattern>/portal/documentDownload</url-pattern>
<url-pattern>/portal/downloadDocument</url-pattern>
<url-pattern>/portal/pageDownload</url-pattern>
<url-pattern>/services/*</url-pattern>
<url-pattern>/portal/exportOrganization</url-pattern>
<!-- Add more servlet mappings here -->
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>RestAPIAuthorizationFilterToolkit</filter-name>
<url-pattern>/APIToolkit/*</url-pattern>
<!-- No need to handle the forward as requests forwarded to this URL are already filtered by RestAPIAuthorizationFilter -->
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>TokenGeneratorFilter</filter-name>
<url-pattern>/API/system/session/*</url-pattern>
<url-pattern>/APIToolkit/system/session/*</url-pattern>
<!-- see TokenValidatorFilter comment -->
<url-pattern>/portal/custom-page/API/system/session/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<!-- Cache Filter Mapping Start -->
<filter-mapping>
<filter-name>CacheFilter</filter-name>
<url-pattern>/login.jsp</url-pattern>
<url-pattern>/portal/pageResource</url-pattern>
<url-pattern>/platformloginservice</url-pattern>
<url-pattern>/platformlogoutservice</url-pattern>
<url-pattern>/API/system/i18ntranslation</url-pattern>
<url-pattern>/API/avatars/*</url-pattern>
<url-pattern>/API/applicationIcon/*</url-pattern>
<!-- War -->
<url-pattern>/css</url-pattern>
<url-pattern>/images</url-pattern>
<url-pattern>/portal-theme</url-pattern>
<url-pattern>/portal.js/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>CustomPageCacheFilter</filter-name>
<url-pattern>/portal/resource/*</url-pattern>
<url-pattern>/portal/resource/app/*</url-pattern>
<url-pattern>/apps/*</url-pattern>
<url-pattern>/portal/custom-page/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<!-- Cache Filter Mapping End -->
<!-- Filter for Toolkit API URLs -->
<filter-mapping>
<filter-name>UrlRewriteFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<!-- End Filter for restlet URLs -->
<!-- Shutdown properly ehcache on tomcat shutdown -->
<listener>
<listener-class>net.sf.ehcache.constructs.web.ShutdownListener</listener-class>
</listener>
<!-- Platform and tenant listeners -->
<!-- For Apps containing the engine server -->
<listener>
<listener-class>org.bonitasoft.engine.api.internal.servlet.EngineInitializerListener</listener-class>
</listener>
<listener>
<listener-class>org.bonitasoft.console.common.server.servlet.PlatformTenantListener</listener-class>
</listener>
<servlet>
<servlet-name>errorPageServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.ErrorPageServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>BonitaRestAPIServlet</servlet-name>
<servlet-class>org.bonitasoft.web.rest.server.BonitaRestAPIServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>RestletServlet</servlet-name>
<servlet-class>org.bonitasoft.web.rest.server.BonitaRestletApplicationServlet</servlet-class>
</servlet>
<!-- Restlet servlet needs its own declaration for each URL pattern otherwise, only the first pattern works -->
<servlet>
<servlet-name>CustomPageRestletServlet</servlet-name>
<servlet-class>org.bonitasoft.web.rest.server.BonitaRestletApplicationServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>ConsoleServiceServlet</servlet-name>
<servlet-class>org.bonitasoft.console.server.ConsoleServiceServlet</servlet-class>
</servlet>
<!-- Portal file upload servlets -->
<servlet>
<servlet-name>fileUploadServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.TenantFileUploadServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>formFileUploadServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.TenantFileUploadServlet</servlet-class>
<init-param>
<param-name>ContentType</param-name>
<param-value>json</param-value>
</init-param>
<init-param>
<param-name>ReturnOriginalFilename</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>CheckUploadedFileSize</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>processUploadServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.TenantFileUploadServlet</servlet-class>
<init-param>
<param-name>SupportedExtensions</param-name>
<param-value>bar</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>apiProcessUploadServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.TenantFileUploadServlet</servlet-class>
<init-param>
<param-name>SupportedExtensions</param-name>
<param-value>bar</param-value>
</init-param>
<init-param>
<param-name>ReturnOriginalFilename</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>ContentType</param-name>
<param-value>json</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>xmlUploadServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.TenantFileUploadServlet</servlet-class>
<init-param>
<param-name>SupportedExtensions</param-name>
<param-value>xml</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>imageUploadServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.TenantFileUploadServlet</servlet-class>
<init-param>
<param-name>SupportedExtensions</param-name>
<param-value>png,jpg,gif,jpeg,bmp,wbmp,tga</param-value>
</init-param>
<init-param>
<param-name>CheckUploadedImageSize</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>apiImageUploadServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.TenantFileUploadServlet</servlet-class>
<init-param>
<param-name>SupportedExtensions</param-name>
<param-value>png,jpg,gif,jpeg,bmp,wbmp,tga</param-value>
</init-param>
<init-param>
<param-name>ContentType</param-name>
<param-value>json</param-value>
</init-param>
<init-param>
<param-name>ReturnOriginalFilename</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>CheckUploadedImageSize</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>organizationIconServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.OrganizationIconServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>applicationIconServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.ApplicationIconServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>loginService</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.login.servlet.LoginServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>logoutService</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.login.servlet.LogoutServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>platformLoginService</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.login.servlet.PlatformLoginServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>platformLogoutService</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.login.servlet.PlatformLogoutServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>exportOrganizationServlet</servlet-name>
<servlet-class>org.bonitasoft.console.server.servlet.OrganizationExportServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>exportApplicationsServlet</servlet-name>
<servlet-class>org.bonitasoft.console.server.servlet.ApplicationsExportServlet</servlet-class>
</servlet>
<!-- download -->
<servlet>
<servlet-name>deprecatedDocumentDownloadServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.DocumentDownloadServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>documentDownload</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.DocumentDownloadServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>formsDocumentDownload</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.DocumentDownloadServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>formsDocumentImage</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.DocumentImageServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>exportOrganizationServlet</servlet-name>
<url-pattern>/portal/exportOrganization</url-pattern>
<url-pattern>/portal/custom-page/API/exportOrganization</url-pattern>
<url-pattern>/API/exportOrganization</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>exportApplicationsServlet</servlet-name>
<url-pattern>/portal/exportApplications</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>exportProcessActorsServlet</servlet-name>
<servlet-class>org.bonitasoft.console.server.servlet.ProcessActorsExportServlet</servlet-class>
</servlet>
<!-- Pages -->
<servlet>
<servlet-name>CustomPageServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.page.CustomPageServlet</servlet-class>
</servlet>
<!--This pageResource servlet is deprecated.
You can now access your resources through their relative URL.
see the custom page documentation.-->
<servlet>
<servlet-name>pageResource</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.page.PageResourceServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>pageDownload</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.page.PageDownloadServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>pageUploadServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.PageUploadServlet</servlet-class>
<init-param>
<param-name>SupportedExtensions</param-name>
<param-value>zip</param-value>
</init-param>
<init-param>
<param-name>ReturnOriginalFilename</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>apiPageUploadServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.servlet.PageUploadServlet</servlet-class>
<init-param>
<param-name>SupportedExtensions</param-name>
<param-value>zip</param-value>
</init-param>
<init-param>
<param-name>ContentType</param-name>
<param-value>json</param-value>
</init-param>
<init-param>
<param-name>ReturnOriginalFilename</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
<!-- End Pages -->
<!-- Forms -->
<servlet>
<servlet-name>ProcessFormServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.form.ProcessFormServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>livingApplicationServlet</servlet-name>
<servlet-class>org.bonitasoft.livingapps.LivingApplicationServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>livingApplicationPageServlet</servlet-name>
<servlet-class>org.bonitasoft.livingapps.LivingApplicationPageServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>PageServlet</servlet-name>
<servlet-class>org.bonitasoft.console.common.server.page.PageServlet</servlet-class>
</servlet>
<!-- For engine HTTP API -->
<servlet>
<servlet-name>HttpAPIServlet</servlet-name>
<servlet-class>org.bonitasoft.engine.api.internal.servlet.HttpAPIServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>errorPageServlet</servlet-name>
<url-pattern>/error/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>livingApplicationServlet</servlet-name>
<url-pattern>/apps/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>livingApplicationPageServlet</servlet-name>
<url-pattern>/portal/resource/app/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>processUploadServlet</servlet-name>
<url-pattern>/portal/processUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>apiProcessUploadServlet</servlet-name>
<url-pattern>/API/processUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>xmlUploadServlet</servlet-name>
<url-pattern>/portal/organizationUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>xmlUploadServlet</servlet-name>
<url-pattern>/portal/applicationsUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>xmlUploadServlet</servlet-name>
<url-pattern>/portal/actorsUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>imageUploadServlet</servlet-name>
<url-pattern>/portal/imageUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>apiImageUploadServlet</servlet-name>
<url-pattern>/API/imageUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>fileUploadServlet</servlet-name>
<url-pattern>/portal/fileUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>formFileUploadServlet</servlet-name>
<url-pattern>/API/formFileUpload</url-pattern>
<url-pattern>/portal/custom-page/API/formFileUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>exportProcessActorsServlet</servlet-name>
<url-pattern>/portal/exportActors</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>organizationIconServlet</servlet-name>
<url-pattern>/API/avatars/*</url-pattern>
<url-pattern>/portal/custom-page/API/avatars/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>applicationIconServlet</servlet-name>
<url-pattern>/API/applicationIcon/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>deprecatedDocumentDownloadServlet</servlet-name>
<url-pattern>/portal/downloadDocument</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>documentDownload</servlet-name>
<url-pattern>/portal/documentDownload</url-pattern>
<url-pattern>/API/documentDownload</url-pattern>
<url-pattern>/portal/custom-page/API/documentDownload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>formsDocumentDownload</servlet-name>
<url-pattern>/portal/formsDocumentDownload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>formsDocumentImage</servlet-name>
<url-pattern>/portal/formsDocumentImage</url-pattern>
<url-pattern>/API/formsDocumentImage</url-pattern>
<url-pattern>/portal/custom-page/API/formsDocumentImage</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>loginService</servlet-name>
<url-pattern>/loginservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>logoutService</servlet-name>
<url-pattern>/logoutservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>platformLoginService</servlet-name>
<url-pattern>/platformloginservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>platformLogoutService</servlet-name>
<url-pattern>/platformlogoutservice</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>RestletServlet</servlet-name>
<url-pattern>/API/*</url-pattern>
</servlet-mapping>
<!-- Restlet servlet needs its own declaration for each URL pattern otherwise, only the first pattern works -->
<servlet-mapping>
<servlet-name>CustomPageRestletServlet</servlet-name>
<url-pattern>/portal/custom-page/API/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>BonitaRestAPIServlet</servlet-name>
<url-pattern>/APIToolkit/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ConsoleServiceServlet</servlet-name>
<url-pattern>/services/*</url-pattern>
<url-pattern>/API/services/*</url-pattern>
<url-pattern>/portal/custom-page/API/services/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>CustomPageServlet</servlet-name>
<url-pattern>/portal/custom-page/*</url-pattern>
</servlet-mapping>
<!--This pageResource servlet is deprecated.
You can now access your resources through their relative URL.
see the custom page documentation.-->
<servlet-mapping>
<servlet-name>pageResource</servlet-name>
<url-pattern>/portal/pageResource</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pageDownload</servlet-name>
<url-pattern>/portal/pageDownload</url-pattern>
<url-pattern>/API/pageDownload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pageUploadServlet</servlet-name>
<url-pattern>/portal/pageUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>apiPageUploadServlet</servlet-name>
<url-pattern>/API/pageUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ProcessFormServlet</servlet-name>
<url-pattern>/portal/form/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>PageServlet</servlet-name>
<url-pattern>/portal/resource/*</url-pattern>
</servlet-mapping>
<!-- For engine HTTP API -->
<servlet-mapping>
<servlet-name>HttpAPIServlet</servlet-name>
<url-pattern>/serverAPI/*</url-pattern>
</servlet-mapping>
<!-- Container Resources -->
<resource-ref>
<res-ref-name>java:comp/env/RawBonitaDS</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<resource-ref>
<res-ref-name>java:comp/env/bonitaDS</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<resource-ref>
<res-ref-name>java:comp/env/bonitaSequenceManagerDS</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<resource-ref>
<res-ref-name>java:comp/env/RawBusinessDataDS</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<resource-ref>
<res-ref-name>java:comp/env/BusinessDataDS</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<resource-ref>
<res-ref-name>java:comp/env/NotManagedBizDataDS</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<!-- Default page to serve -->
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>bonita-http-api-url</web-resource-name>
<url-pattern>/serverAPI/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>bonita-http-api</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Restricted access</realm-name>
</login-config>
<security-role>
<role-name>bonita-http-api</role-name>
</security-role>
</web-app>