Package hudson

Class WebAppMain

  • All Implemented Interfaces:
    EventListener, javax.servlet.ServletContextListener

    public class WebAppMain
    extends Object
    implements javax.servlet.ServletContextListener
    Entry point when Hudson is used as a webapp.
    Author:
    Kohsuke Kawaguchi
    • Field Detail

      • FORCE_SESSION_TRACKING_BY_COOKIE_PROP

        @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
        public static final String FORCE_SESSION_TRACKING_BY_COOKIE_PROP
        System property name to force the session tracking by cookie. This prevents Tomcat to use the URL tracking in addition to the cookie by default. This could be useful for instances that requires to have the SuspiciousRequestFilter.allowSemicolonsInPath turned off.

        If you allow semicolon in URL and the session to be tracked by URL and you have a SecurityRealm that does not invalidate session after authentication, your instance is vulnerable to session hijacking.

        The SecurityRealm should be corrected but this is a hardening in Jenkins core.

        As this property is read during startup, you will not be able to change it at runtime depending on your application server (not possible with Jetty nor Tomcat)

        When running hpi:run, the default tracking is COOKIE+URL. When running java -jar with Winstone/Jetty, the default setting is set to COOKIE only. When running inside Tomcat, the default setting is COOKIE+URL.

    • Constructor Detail

      • WebAppMain

        public WebAppMain()
    • Method Detail

      • getDefaultRingBufferSize

        public static int getDefaultRingBufferSize()
        This getter returns the int DEFAULT_RING_BUFFER_SIZE from the class RingBufferLogHandler from a static context. Exposes access from RingBufferLogHandler.DEFAULT_RING_BUFFER_SIZE to WebAppMain. Written for the requirements of JENKINS-50669
        Returns:
        int This returns DEFAULT_RING_BUFFER_SIZE
        Since:
        2.259
        See Also:
        JENKINS-50669
      • contextInitialized

        public void contextInitialized​(javax.servlet.ServletContextEvent event)
        Creates the sole instance of Jenkins and register it to the ServletContext.
        Specified by:
        contextInitialized in interface javax.servlet.ServletContextListener
      • installExpressionFactory

        public static void installExpressionFactory​(javax.servlet.ServletContextEvent event)
      • getHomeDir

        public WebAppMain.FileAndDescription getHomeDir​(javax.servlet.ServletContextEvent event)
        Determines the home directory for Jenkins.

        We look for a setting that affects the smallest scope first, then bigger ones later.

        People make configuration mistakes, so we are trying to be nice with those by doing String.trim().

        Returns:
        the File alongside with some description to help the user troubleshoot issues
      • contextDestroyed

        public void contextDestroyed​(javax.servlet.ServletContextEvent event)
        Specified by:
        contextDestroyed in interface javax.servlet.ServletContextListener