4.4. Configure a Web Application to use a Valve


Valves that are not installed as global valves must be included with your application and configure in the jboss-web.xml deployment descriptor.

Important

Valves that are installed a global valves are automatically applied to all deployed applications. For instructions on how to configure Global Valves, see the chapter entitled Global Valves in the Administration and Configuration Guide for JBoss EAP.

Prerequisites

  • The valve must be created and included in your application's classpath. This can be done by either including it in the application's WAR file or any module that is added as a dependency. Examples of such modules include a static module installed on the server or a JAR file in the lib/ directory of an EAR archive if the WAR is deployed in an EAR.
  • The application must include a jboss-web.xml deployment descriptor.

Procedure 4.1. Configure an application for a local valve

  1. Configure a Valve

    Create a valve element containing the class-name child element in the application's jboss-web.xml file. The class-name is the name of the valve class.
    <valve>
          <class-name>VALVE_CLASS_NAME</class-name>
    </valve>

    Example 4.1. Example of a valve element configured in the jboss-web.xml file

    <valve>
          <class-name>org.jboss.security.negotiation.NegotiationAuthenticator</class-name>
    </valve>
  2. Configure a Custom Valve

    If the valve has configurable parameters, add a param child element to the valve element for each parameter, specifying the param-name and param-value for each.

    Example 4.2. Example of a custom valve element configured in the jboss-web.xml file

    <valve>   
        <class-name>org.jboss.web.tomcat.security.GenericHeaderAuthenticator</class-name>  
        <param>  
            <param-name>httpHeaderForSSOAuth</param-name>  
            <param-value>sm_ssoid,ct-remote-user,HTTP_OBLIX_UID</param-value>  
        </param>  
        <param>  
            <param-name>sessionCookieForSSOAuth</param-name>  
            <param-value>SMSESSION,CTSESSION,ObSSOCookie</param-value>  
        </param>  
    </valve>
When the application is deployed, the valve will be enabled for the application with the specified configuration.

Example 4.3. jboss-web.xml valve configuration

<valve>
    <class-name>org.jboss.samplevalves.RestrictedUserAgentsValve</class-name>
    <param>  
        <param-name>restrictedUserAgents</param-name>
        <param-value>^.*MS Web Services Client Protocol.*$</param-value>
    </param>
 </valve>
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.