Merge branch 'master' of http://47.92.104.23:3000/project/shichuangyi

patch/apusic/server1/config/web.xml

@@ -0,0 +1,1087 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- $Id: web.xml,v 1.10 2011/04/14 00:53:41 weiyongsen Exp $ --><!--
+This is the default web application descriptor. You can put any server wide
+configurations in this file.
+--><web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.0" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee     http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" metadata-complete="true">
+  <!--################### Context Parameters ######################-->
+  <context-param>
+    <description>Set sendErrorToClient parameter to false if you don't want detailed
+      exception stack trace sent back to client browser. You can leave it
+      to true during development stage.</description>
+    <param-name>sendErrorToClient</param-name>
+    <param-value>false</param-value>
+  </context-param>
+  <context-param>
+    <description>Set directoryListing parameter to false to disable directory listing
+      when a welcome file not found in a directory.</description>
+    <param-name>directoryListing</param-name>
+    <param-value>false</param-value>
+  </context-param>
+  <context-param>
+    <description>Set readonly parameter to true to disable doDelete() and doPut() methods</description>
+    <param-name>readonly</param-name>
+    <param-value>true</param-value>
+  </context-param>
+  <!--################### JSP Configuration ##################-->
+  <context-param>
+    <description>Do not compile JSP source file, usefull for pre-compiled web
+      application bundles which no JSP source files shipped with.</description>
+    <param-name>jsp.nocompile</param-name>
+    <param-value>false</param-value>
+  </context-param>
+  <context-param>
+    <description>Do not delete intermediate generated java source files.</description>
+    <param-name>jsp.keepGenerated</param-name>
+    <param-value>true</param-value>
+  </context-param>
+  <context-param>
+    <description>Do not delete intermediate genreated java source files only when
+      a event of compilation error occurred.</description>
+    <param-name>jsp.keepOnError</param-name>
+    <param-value>true</param-value>
+  </context-param>
+  <context-param>
+    <description>True if generate JSP classes in separate packages, false otherwise.</description>
+    <param-name>jsp.usePackages</param-name>
+    <param-value>true</param-value>
+  </context-param>
+  <context-param>
+    <description>Save template text into a separate data file and loaded at
+      runtime. To reduce size of generated class file.</description>
+    <param-name>jsp.useDataFile</param-name>
+    <param-value>true</param-value>
+  </context-param>
+  <context-param>
+    <description>The line number table in the generated class file is replaced
+      with line numbers pointing to the source JSP file.</description>
+    <param-name>jsp.sourceLineNumbers</param-name>
+    <param-value>true</param-value>
+  </context-param>
+  <context-param>
+    <description>Check modification time of all dependent files to determine
+      whether recompilation is required.</description>
+    <param-name>jsp.checkDependencies</param-name>
+    <param-value>true</param-value>
+  </context-param>
+  <context-param>
+    <description>Check whether the Tag class, EL expected type, jsp Import class
+			had been modified before compile the jsp file.</description>
+    <param-name>jsp.checkModified</param-name>
+    <param-value>false</param-value>
+  </context-param>
+  <context-param>
+    <description>set jsp compiler to jdt</description>
+    <param-name>jsp.compiler</param-name>
+    <param-value>builtin-jdt -g -classpath %classpath% -d %outputdir% -encoding %encoding% %source%</param-value>
+  </context-param>
+  <!-- 
+	<filter>
+    <filter-name>AntiXssFilter</filter-name>
+    <filter-class>com.apusic.util.AntiXssFilter</filter-class>
+    <init-param>
+      <param-name>checkRefer</param-name>
+      <param-value>true</param-value>
+    </init-param>
+   </filter>
+  <filter-mapping>
+    <filter-name>AntiXssFilter</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
+-->
+  <filter>
+    <display-name>AttackFilter</display-name>
+    <filter-name>AttackFilter</filter-name>
+    <filter-class>com.apusic.util.AttackFilter</filter-class>
+    <init-param>
+      <param-name>enableAttackFilter</param-name>
+      <param-value>true</param-value>
+    </init-param>
+    <init-param>
+      <param-name>enableCSRFCheck</param-name>
+      <param-value>true</param-value>
+    </init-param>
+    <init-param>
+      <!-- CSRF WHITE LIST,SPLIT BY , -->
+      <param-name>serverNameWhiteList</param-name>
+      <param-value>yunzhijia.com,kdweibo.com,http://ehr.shichuangyi.cn:8080/shr,/shr/api/oAToSHR</param-value>
+    </init-param>
+    <init-param>
+      <param-name>enableCSRFCheck_URL</param-name>
+      <param-value>true</param-value>
+    </init-param>
+    <init-param>
+      <param-name>allow_URLS</param-name>
+      <param-value>/ormrpc/,/eassso/YZJCallbackServlet/,/portal/easrpc/,/plt_cm/,/plt_cm/content/,/plt_cm/content/easrpc/,/easweb/servlet/,/easportal/openapi/,/shr/api/oAToSHR</param-value>
+    </init-param>
+    <init-param>
+      <param-name>enableCSRFCheck_POST</param-name>
+      <param-value>false</param-value>
+    </init-param>
+  </filter>
+  <filter-mapping>
+    <filter-name>AttackFilter</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
+  <filter>
+    <display-name>AttachmentFilter</display-name>
+    <filter-name>AttachmentFilter</filter-name>
+    <filter-class>com.kingdee.eas.cp.common.web.filters.AttachmentFilter</filter-class>
+    <init-param>
+      <param-name>enableAttachmentFilter</param-name>
+      <param-value>true</param-value>
+    </init-param>
+    <init-param>
+      <param-name>allowedExtensions</param-name>
+      <param-value>txt,pdf,doc,docx,xls,xlsx,xlsm,ppt,pptx,rft,rtf,jpg,png,bmp,gif,jpeg,tiff,tif,rar,zip,dat,hrl,key,msg,cad,avi,btw,rmvb,wps,et,dps,vsd,mod,dwg,prn,lic,csv,ini,mp3,mpeg,mpg,sys,wav,mp4,dts,eml,ofd</param-value>
+    </init-param>
+  </filter>
+  <filter-mapping>
+    <filter-name>AttachmentFilter</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
+  <filter>
+    <filter-name>OOMDetectedFilter</filter-name>
+    <filter-class>com.kingdee.bos.monitor.OOMDetectedFilter</filter-class>
+    <init-param>
+      <param-name>checkRefer</param-name>
+      <param-value>true</param-value>
+    </init-param>
+    <init-param>
+      <param-name>checkOOM</param-name>
+      <param-value>true</param-value>
+    </init-param>
+  </filter>
+  <filter-mapping>
+    <filter-name>OOMDetectedFilter</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
+  <!--################### Servlet Registration ##################-->
+  <servlet>
+    <description>default servlet</description>
+    <servlet-name>default</servlet-name>
+    <servlet-class>com.apusic.web.servlet.FileServlet</servlet-class>
+    <load-on-startup>0</load-on-startup>
+  </servlet>
+  <servlet>
+    <description>Service JSP files</description>
+    <servlet-name>jsp</servlet-name>
+    <servlet-class>com.apusic.web.jsp.JspServlet</servlet-class>
+    <load-on-startup>0</load-on-startup>
+  </servlet>
+  <servlet>
+    <description>Dynamicly load servlets</description>
+    <servlet-name>invoker</servlet-name>
+    <servlet-class>com.apusic.web.servlet.InvokerServlet</servlet-class>
+  </servlet>
+  <servlet>
+    <description>Process legacy CGI programs</description>
+    <servlet-name>cgi</servlet-name>
+    <servlet-class>com.apusic.web.servlet.CGIServlet</servlet-class>
+  </servlet>
+  <servlet>
+    <description>Process Server Side Includes</description>
+    <servlet-name>ssi</servlet-name>
+    <servlet-class>com.apusic.web.servlet.SSIServlet</servlet-class>
+  </servlet>
+  <!--##################### Servelet Mappings #####################-->
+  <servlet-mapping>
+    <servlet-name>jsp</servlet-name>
+    <url-pattern>*.jsp</url-pattern>
+  </servlet-mapping>
+  <servlet-mapping>
+    <servlet-name>jsp</servlet-name>
+    <url-pattern>*.jspx</url-pattern>
+  </servlet-mapping>
+  <servlet-mapping>
+    <servlet-name>invoker</servlet-name>
+    <url-pattern>/servlet/*</url-pattern>
+  </servlet-mapping>
+  <servlet-mapping>
+    <servlet-name>cgi</servlet-name>
+    <url-pattern>/cgi-bin/*</url-pattern>
+  </servlet-mapping>
+  <servlet-mapping>
+    <servlet-name>ssi</servlet-name>
+    <url-pattern>*.shtml</url-pattern>
+  </servlet-mapping>
+  <!--##################### Default JSP Config ######################-->
+  <jsp-config>
+    <jsp-property-group>
+      <description>default JSP property group</description>
+      <url-pattern>*.jsp</url-pattern>
+      <el-ignored>false</el-ignored>
+      <scripting-invalid>false</scripting-invalid>
+    </jsp-property-group>
+    <jsp-property-group>
+      <description>default JSPX property group</description>
+      <url-pattern>*.jspx</url-pattern>
+      <el-ignored>false</el-ignored>
+      <scripting-invalid>false</scripting-invalid>
+      <is-xml>true</is-xml>
+    </jsp-property-group>
+  </jsp-config>
+  <!--################### Default Session Timeout ####################-->
+  <session-config>
+    <session-timeout>30</session-timeout>
+    <cookie-config>
+      <http-only>true</http-only>
+    </cookie-config>
+  </session-config>
+  <!--#################### Default MIME Mappings #####################-->
+  <mime-mapping>
+    <extension>txt</extension>
+    <mime-type>text/plain</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>html</extension>
+    <mime-type>text/html</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>htm</extension>
+    <mime-type>text/html</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>abs</extension>
+    <mime-type>audio/x-mpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ai</extension>
+    <mime-type>application/postscript</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>aif</extension>
+    <mime-type>audio/x-aiff</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>aifc</extension>
+    <mime-type>audio/x-aiff</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>aiff</extension>
+    <mime-type>audio/x-aiff</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>aim</extension>
+    <mime-type>application/x-aim</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>art</extension>
+    <mime-type>image/x-jg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>asf</extension>
+    <mime-type>video/x-ms-asf</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>asx</extension>
+    <mime-type>video/x-ms-asf</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>au</extension>
+    <mime-type>audio/basic</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>avi</extension>
+    <mime-type>video/x-msvideo</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>avx</extension>
+    <mime-type>video/x-rad-screenplay</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>bcpio</extension>
+    <mime-type>application/x-bcpio</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>bin</extension>
+    <mime-type>application/octet-stream</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>bmp</extension>
+    <mime-type>image/bmp</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>body</extension>
+    <mime-type>text/html</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>cdf</extension>
+    <mime-type>application/x-cdf</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>cer</extension>
+    <mime-type>application/x-x509-ca-cert</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>class</extension>
+    <mime-type>application/java</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>cpio</extension>
+    <mime-type>application/x-cpio</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>crt</extension>
+    <mime-type>application/x-x509-ca-cert</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>csh</extension>
+    <mime-type>application/x-csh</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>css</extension>
+    <mime-type>text/css</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>dcr</extension>
+    <mime-type>application/x-director</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>der</extension>
+    <mime-type>application/x-x509-ca-cert</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>dib</extension>
+    <mime-type>image/bmp</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>dir</extension>
+    <mime-type>application/x-director</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>dms</extension>
+    <mime-type>application/octet-stream</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>doc</extension>
+    <mime-type>application/msword</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>dtd</extension>
+    <mime-type>text/plain</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>dv</extension>
+    <mime-type>video/x-dv</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>dvi</extension>
+    <mime-type>application/x-dvi</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>dxr</extension>
+    <mime-type>application/x-director</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>eps</extension>
+    <mime-type>application/postscript</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>etx</extension>
+    <mime-type>text/x-setext</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>exe</extension>
+    <mime-type>application/octet-stream</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>fif</extension>
+    <mime-type>application/fractals</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>gif</extension>
+    <mime-type>image/gif</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>gtar</extension>
+    <mime-type>application/x-gtar</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>gz</extension>
+    <mime-type>application/x-gzip</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>hdf</extension>
+    <mime-type>application/x-hdf</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>hqx</extension>
+    <mime-type>application/mac-binhex40</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>htc</extension>
+    <mime-type>text/x-component</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>htm</extension>
+    <mime-type>text/html</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>html</extension>
+    <mime-type>text/html</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ice</extension>
+    <mime-type>x-conference/x-cooltalk</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ief</extension>
+    <mime-type>image/ief</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>jad</extension>
+    <mime-type>text/vnd.sun.j2me.app-descriptor</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>jar</extension>
+    <mime-type>application/java-archive</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>java</extension>
+    <mime-type>text/plain</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>jnlp</extension>
+    <mime-type>application/x-java-jnlp-file</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>jpe</extension>
+    <mime-type>image/jpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>jpeg</extension>
+    <mime-type>image/jpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>jpg</extension>
+    <mime-type>image/jpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>js</extension>
+    <mime-type>text/javascript</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>jsf</extension>
+    <mime-type>text/plain</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>jspf</extension>
+    <mime-type>text/plain</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>kar</extension>
+    <mime-type>audio/x-midi</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>latex</extension>
+    <mime-type>application/x-latex</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>lha</extension>
+    <mime-type>application/octet-stream</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>lzh</extension>
+    <mime-type>application/octet-stream</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>m3u</extension>
+    <mime-type>audio/x-mpegurl</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mac</extension>
+    <mime-type>image/x-macpaint</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>man</extension>
+    <mime-type>application/x-troff-man</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>me</extension>
+    <mime-type>application/x-troff-me</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mid</extension>
+    <mime-type>audio/x-midi</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>midi</extension>
+    <mime-type>audio/x-midi</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mif</extension>
+    <mime-type>application/x-mif</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mov</extension>
+    <mime-type>video/quicktime</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>movie</extension>
+    <mime-type>video/x-sgi-movie</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mp1</extension>
+    <mime-type>audio/x-mpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mp2</extension>
+    <mime-type>audio/x-mpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mp3</extension>
+    <mime-type>audio/x-mpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mpa</extension>
+    <mime-type>audio/x-mpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mpe</extension>
+    <mime-type>video/mpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mpeg</extension>
+    <mime-type>video/mpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mpega</extension>
+    <mime-type>audio/x-mpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mpg</extension>
+    <mime-type>video/mpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mpga</extension>
+    <mime-type>audio/mpeg</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>mpv2</extension>
+    <mime-type>video/mpeg2</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ms</extension>
+    <mime-type>application/x-wais-source</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>nc</extension>
+    <mime-type>application/x-netcdf</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>oda</extension>
+    <mime-type>application/oda</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>p7c</extension>
+    <mime-type>application/pkcs7-mime</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>pbm</extension>
+    <mime-type>image/x-portable-bitmap</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>pct</extension>
+    <mime-type>image/pict</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>pdb</extension>
+    <mime-type>chemical/x-pdb</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>pdf</extension>
+    <mime-type>application/pdf</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>pgm</extension>
+    <mime-type>image/x-portable-graymap</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>pic</extension>
+    <mime-type>image/pict</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>pict</extension>
+    <mime-type>image/pict</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>pls</extension>
+    <mime-type>audio/x-scpls</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>png</extension>
+    <mime-type>image/png</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>pnm</extension>
+    <mime-type>image/x-portable-anymap</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>pnt</extension>
+    <mime-type>image/x-macpaint</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ppm</extension>
+    <mime-type>image/x-portable-pixmap</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ppt</extension>
+    <mime-type>application/powerpoint</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ps</extension>
+    <mime-type>application/postscript</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>psd</extension>
+    <mime-type>image/x-photoshop</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>qt</extension>
+    <mime-type>video/quicktime</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>qti</extension>
+    <mime-type>image/x-quicktime</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>qtif</extension>
+    <mime-type>image/x-quicktime</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ras</extension>
+    <mime-type>image/x-cmu-raster</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ra</extension>
+    <mime-type>audio/x-realaudio</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ram</extension>
+    <mime-type>audio/x-pn-realaudio</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>rgb</extension>
+    <mime-type>image/x-rgb</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>rm</extension>
+    <mime-type>application/vnd.rn-realmedia</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>rmi</extension>
+    <mime-type>audio/mid</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>roff</extension>
+    <mime-type>application/x-troff</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>rpm</extension>
+    <mime-type>audio/x-pn-realaudio-plugin</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>rtf</extension>
+    <mime-type>application/rtf</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>rtx</extension>
+    <mime-type>text/richtext</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>sd2</extension>
+    <mime-type>audio/x-sd2</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>sh</extension>
+    <mime-type>application/x-sh</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>shar</extension>
+    <mime-type>application/x-shar</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>shtml</extension>
+    <mime-type>text/html</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>smf</extension>
+    <mime-type>audio/x-midi</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>sit</extension>
+    <mime-type>application/x-stuffit</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>snd</extension>
+    <mime-type>audio/basic</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>src</extension>
+    <mime-type>application/x-wais-source</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>sv4cpio</extension>
+    <mime-type>application/x-sv4cpio</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>sv4crc</extension>
+    <mime-type>application/x-sv4crc</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>swf</extension>
+    <mime-type>application/x-shockwave-flash</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>t</extension>
+    <mime-type>application/x-troff</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>tar</extension>
+    <mime-type>application/x-tar</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>tcl</extension>
+    <mime-type>application/x-tcl</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>tex</extension>
+    <mime-type>application/x-tex</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>texi</extension>
+    <mime-type>application/x-texinfo</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>texinfo</extension>
+    <mime-type>application/x-texinfo</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>tgz</extension>
+    <mime-type>application/x-compressed</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>tif</extension>
+    <mime-type>image/tiff</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>tiff</extension>
+    <mime-type>image/tiff</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>tr</extension>
+    <mime-type>application/x-troff</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>tsv</extension>
+    <mime-type>text/tab-separated-values</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>txt</extension>
+    <mime-type>text/plain</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ulw</extension>
+    <mime-type>audio/basic</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>ustar</extension>
+    <mime-type>application/x-ustar</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>xbm</extension>
+    <mime-type>image/x-xbitmap</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>xht</extension>
+    <mime-type>application/xhtml+xml</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>xhtml</extension>
+    <mime-type>application/xhtml+xml</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>xml</extension>
+    <mime-type>text/xml</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>xpm</extension>
+    <mime-type>image/x-xpixmap</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>xsl</extension>
+    <mime-type>text/xml</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>xwd</extension>
+    <mime-type>image/x-xwindowdump</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wav</extension>
+    <mime-type>audio/x-wav</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>svg</extension>
+    <mime-type>image/svg+xml</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>svgz</extension>
+    <mime-type>image/svg+xml</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>vrml</extension>
+    <mime-type>x-world/x-vrml</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>vsd</extension>
+    <mime-type>application/x-visio</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wbmp</extension>
+    <mime-type>image/vnd.wap.wbmp</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wma</extension>
+    <mime-type>audio/x-ms-wma</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wax</extension>
+    <mime-type>audio/x-ms-wax</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wmv</extension>
+    <mime-type>audio/x-ms-wmv</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wvx</extension>
+    <mime-type>video/x-ms-wvx</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wm</extension>
+    <mime-type>video/x-ms-wm</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wmx</extension>
+    <mime-type>video/x-ms-wmx</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wmz</extension>
+    <mime-type>application/x-ms-wmz</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wmd</extension>
+    <mime-type>application/x-ms-wmd</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wml</extension>
+    <mime-type>text/vnd.wap.wml</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wmlc</extension>
+    <mime-type>application/vnd.wap.wmlc</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wmls</extension>
+    <mime-type>text/vnd.wap.wmlscript</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wmlscriptc</extension>
+    <mime-type>application/vnd.wap.wmlscriptc</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>wrl</extension>
+    <mime-type>x-world/x-vrml</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>xyz</extension>
+    <mime-type>chemical/x-pdb</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>Z</extension>
+    <mime-type>application/x-compress</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>z</extension>
+    <mime-type>application/x-compress</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>zip</extension>
+    <mime-type>application/zip</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>rar</extension>
+    <mime-type>application/rar</mime-type>
+  </mime-mapping>
+  <mime-mapping>
+    <extension>chm</extension>
+    <mime-type>application/mshelp</mime-type>
+  </mime-mapping>
+  <!--##################### Welcome Files #########################-->
+  <welcome-file-list>
+    <welcome-file>index.html</welcome-file>
+    <welcome-file>index.jsp</welcome-file>
+  </welcome-file-list>
+  <!--############# Default locale encoding Mappings ##############-->
+  <locale-encoding-mapping-list>
+    <locale-encoding-mapping>
+      <locale>ar</locale>
+      <encoding>ISO-8859-6</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>be</locale>
+      <encoding>ISO-8859-5</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>bg</locale>
+      <encoding>ISO-8859-5</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>ca</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>cs</locale>
+      <encoding>ISO-8859-2</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>da</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>de</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>el</locale>
+      <encoding>ISO-8859-7</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>en</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>es</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>et</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>fi</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>fr</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>hr</locale>
+      <encoding>ISO-8859-2</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>hu</locale>
+      <encoding>ISO-8859-2</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>is</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>it</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>iw</locale>
+      <encoding>ISO-8859-8</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>ja</locale>
+      <encoding>Shift_JIS</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>ko</locale>
+      <encoding>EUC-KR</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>lt</locale>
+      <encoding>ISO-8859-2</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>lv</locale>
+      <encoding>ISO-8859-2</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>mk</locale>
+      <encoding>ISO-8859-5</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>nl</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>no</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>pl</locale>
+      <encoding>ISO-8859-2</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>pt</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>ro</locale>
+      <encoding>ISO-8859-2</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>ru</locale>
+      <encoding>ISO-8859-5</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>sh</locale>
+      <encoding>ISO-8859-5</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>sk</locale>
+      <encoding>ISO-8859-2</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>sl</locale>
+      <encoding>ISO-8859-2</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>sq</locale>
+      <encoding>ISO-8859-2</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>sr</locale>
+      <encoding>ISO-8859-5</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>sv</locale>
+      <encoding>ISO-8859-1</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>tr</locale>
+      <encoding>ISO-8859-9</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>uk</locale>
+      <encoding>ISO-8859-5</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>zh</locale>
+      <encoding>GB2312</encoding>
+    </locale-encoding-mapping>
+    <locale-encoding-mapping>
+      <locale>zh_TW</locale>
+      <encoding>Big5</encoding>
+    </locale-encoding-mapping>
+  </locale-encoding-mapping-list>
+  <mime-mapping xmlns="http://java.sun.com/xml/ns/j2ee">
+    <extension>xls</extension>
+    <mime-type>application/msexcel</mime-type>
+  </mime-mapping>
+</web-app>

patch/deploy/WEB-INF/sso/ssoParamemter.properties

@@ -0,0 +1,30 @@
+#SSO \u670d\u52a1\u5668\u7684\u8bbf\u95eeurl\u5730\u5740\uff0csso.server.loginUrlFromRequest\u8bbe\u7f6e\u4e3afalse\u8be5\u53c2\u6570\u624d\u80fd\u751f\u6548
+cas.server.url=http://127.0.0.1:6888/eassso/
+#SSO \u670d\u52a1\u5668\u7684\u767b\u5f55url\u7684\u8bbf\u95ee\u8def\u5f84\uff0c\u4e0ecas.server.url\u62fc\u88c5\u6210\u767b\u5f55\u9875url
+cas.server.loginPath=login
+#SSO \u5ba2\u6237\u7aef\uff08\u5373:\u88ab\u96c6\u6210\u7684web\u5e94\u7528\uff09\u7684\u8bbf\u95eeip\u548c\u7aef\u53e3\u53f7\uff0csso.client.serverNameFromRequest\u8bbe\u7f6e\u4e3afalse\u8be5\u53c2\u6570\u624d\u80fd\u751f\u6548
+cas.client.serverName=127.0.0.1:6888
+
+#\u662f\u5426\u6bcf\u6b21\u8bbf\u95ee\u90fd\u9700\u8981\u91cd\u65b0\u767b\u5f55\u4e00\u6b21\uff0c\u9002\u7528\u4e8e\u9ad8\u673a\u5bc6\u7684\u573a\u666f
+cas.server.renew=false
+#\u662f\u5426\u6240\u6709\u8bf7\u6c42\u90fd\u4e0d\u8fdb\u884c\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\uff0c\u8be5\u53c2\u6570\u4e0ecas.server.renew\u4f5c\u7528\u76f8\u53cd
+cas.server.gateway=false
+
+#\u662f\u5426\u81ea\u52a8\u4ecerequest\u8bf7\u6c42\u4e2d\u83b7\u53d6SSO \u5ba2\u6237\u7aef\u7684\u8bbf\u95eeip\u548c\u7aef\u53e3\u53f7\uff0c\u5982\u679c\u8bbe\u7f6e\u4e3atrue\u5219cas.client.serverName\u53c2\u6570\u5931\u6548
+sso.client.serverNameFromRequest=true
+#SSO \u5ba2\u6237\u7aef\u548c\u670d\u52a1\u5668\u662f\u5426\u76f8\u540c\u4e3b\u673a\u5730\u5740
+#\u662f\u5426\u81ea\u52a8\u4ecerequest\u8bf7\u6c42\u4e2d\u83b7\u53d6\u670d\u52a1\u5668\u7684\u8bbf\u95eeurl\u5730\u5740\u7684ip\u548c\u7aef\u53e3\u53f7\uff0c\u5982\u679c\u8bbe\u7f6e\u4e3atrue\u5219cas.server.url\u53c2\u6570\u7684ip\u548c\u7aef\u53e3\u53f7\u5931\u6548
+sso.server.loginUrlFromRequest=true
+cas.client.UrlPattern=/autoLogin.jsp;/toGuiRelogin.jsp;/switchToLogin.jsp;/success.jsp;/redirectTo.jsp;/releaseWafResAjax.jsf;/logout;/web_frame/easrpc/frame.do;/jslib/;/OTP2sso.jsp;/index2sso.jsp;/OSF2sso.jsp;/shrlogin.jsp;/shrosf.jsp;/downloadFileForMulMachine.do;/orgchart;/personPhoto;/manager;/api/oAToSHR
+
+
+
+#\u6ce8\u91ca\u90e8\u5206\uff0c\u4ee5\u540e\u6269\u5c55
+#cas.server.proxyCallbackUrl=https://localhost:8443/manager/proxy/Receptor
+#cas.client.proxyCallbackUrl=
+
+#\u4ee5\u4e0b\u53c2\u6570\u4e3aEAS PORTAL\u4e13\u7528\uff0c\u5c5e\u6027\u6587\u4ef6\u90e8\u7f72\u5728portalConfig/\u4e0b\uff1b
+#SSO\u5165\u53e3\u5730\u5740\uff0c\u76f8\u5bf9\u8def\u5f84
+#sso.client.loginUrl=/ssoWelcome
+#SSO\u8ba4\u8bc1\u901a\u8fc7\u540e\u8f6c\u5411\u7684\u5e94\u7528\u4e3b\u9875(\u540c\u4e00\u4e2a\u5e94\u7528SERVER/\u540c\u4e00\u4e2aJVM\u4e0b\uff0c\u53ea\u80fd\u6709\u4e00\u4e2a\uff09\uff0c\u76f8\u5bf9\u8def\u5f84
+#sso.client.redirectTo=/index_sso.jsp

patch/deploy/WEB-INF/web.xml

@@ -0,0 +1,731 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
+	<description>web</description>
+	<display-name>web</display-name>
+	<context-param>
+		<param-name>contextConfigLocation</param-name>
+		<param-value>/WEB-INF/sso/applicationContext-ssoClient.xml</param-value>
+	</context-param>
+	<context-param>
+		<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
+		<param-value>client</param-value>
+	</context-param>
+	<context-param>
+		<param-name>facelets.SKIP_COMMENTS</param-name>
+		<param-value>true</param-value>
+	</context-param>
+	<context-param>
+		<param-name>
+			org.operamasks.faces.IMPLICIT_NAVIGATION
+		</param-name>
+		<param-value>true</param-value>
+	</context-param>
+	<context-param>
+		<param-name>
+			org.operamasks.faces.COMPATIBLE_NOT_STRICT
+		</param-name>
+		<param-value>false</param-value>
+	</context-param>
+	<context-param>
+		<param-name>org.operamasks.faces.SKIN</param-name>
+		<param-value>waf</param-value>
+	</context-param>
+	<context-param>
+		<param-name>javax.faces.DEFAULT_SUFFIX</param-name>
+		<param-value>.xhtml</param-value>
+	</context-param>
+	<context-param>
+		<param-name>
+			org.operamasks.ATTRIBUTE_SETTING_CONFIG_FILE
+		</param-name>
+		<param-value>/WEB-INF/attributeSetting.properties</param-value>
+	</context-param>
+	<!--cas 3.0 client begin-->
+	<context-param>
+		<param-name>facelets.LIBRARIES</param-name>
+		<param-value>/WEB-INF/taglib/waf.taglib.xml</param-value>
+	</context-param>
+	<!-- value: development, production -->
+	<context-param>
+		<param-name>productionMode</param-name>
+		<param-value>production</param-value>
+	</context-param>
+	<!-- Light App login filter begin -->
+	<filter>
+		<filter-name>CAS Single Sign Out Filter</filter-name>
+		<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
+	</filter>
+	<filter>
+		<filter-name>encodingFilter</filter-name>
+		<filter-class>
+          org.springframework.web.filter.CharacterEncodingFilter
+		</filter-class>
+		<init-param>
+			<param-name>encoding</param-name>
+			<param-value>UTF-8</param-value>
+		</init-param>
+		<init-param>
+			<param-name>forceEncoding</param-name>
+			<param-value>true</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>encodingFilter</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>encodingFilter</filter-name>
+		<url-pattern>*.jsp</url-pattern>
+	</filter-mapping>
+	<!-- order:1  SHRRequestParamWrapFilter -->
+	<filter>
+		<filter-name>SHRRequestParamWrapFilter</filter-name>
+		<filter-class>com.kingdee.shr.base.syssetting.web.filter.SHRRequestParameterWrapFilter</filter-class>
+		<init-param>
+			<param-name>enableSHRRequestParamWrapFilter</param-name>
+			<param-value>true</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>SHRRequestParamWrapFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	<!-- order:2 XSSFilter -->
+	<filter>
+		<filter-name>XSSFilter</filter-name>
+		<filter-class>com.kingdee.shr.base.syssetting.web.filter.XSSFilter</filter-class>
+		<init-param>
+			<!--request uipkWhiteList , if  request uipk include uipkWhiteList,then ignore filter -->
+			<param-name>uipkAndHandlerWhiteList</param-name>
+			<param-value>
+      			com.kingdee.shr.base.syssetting.app.UIView.form,
+      			sourcecompare,
+      			com.kingdee.shr.base.syssetting.app.PrivacyAgreement.form,
+      			com.kingdee.shr.baseconfig.app.DocumentationConfig.form,
+				com.kingdee.shr.base.syssetting.app.FieldRule.form
+      		</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>XSSFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	<!-- order:3 SQLInjectionFilter -->
+	<filter>
+		<filter-name>SQLInjectionFilter</filter-name>
+		<filter-class>com.kingdee.shr.base.syssetting.web.filter.SQLInjectionFilter</filter-class>
+		<init-param>
+			<param-name>enableSQLInjectionFilter</param-name>
+			<!--enableSQLInjectionFilter default value is true,if need turn on,change value is : false -->
+			<param-value>true</param-value>
+		</init-param>
+		<init-param>
+			<!--request uipkWhiteList , if  request uipk include uipkWhiteList,then ignore filter -->
+			<param-name>uipkWhiteList</param-name>
+			<param-value>
+      			com.kingdee.shr.dataplatform.app.CustomSQL.form,
+      			com.kingdee.shr.dataplatform.app.DataSetConfig.form,
+      			com.kingdee.shr.base.syssetting.app.UIView.form,
+      			com.kingdee.shr.base.syssetting.app.FieldRange.form,
+      			com.kingdee.shr.base.syssetting.app.ListFilterSolution.form,
+      			com.kingdee.shr.base.syssetting.app.ListSetSolution.form,
+      			shr.report.ReportDefGuidev2.0,
+      			com.kingdee.eas.rpts.ctrlsqldesign.app.KSQLReport.form,
+      			com.kingdee.shr.compensation.app.FormulaFunc.form,
+      			com.kingdee.shr.compensation.app.FormulaTmpTable.form
+      		</param-value>
+		</init-param>
+		<init-param>
+			<!--sql key wrod , if  request value include drop or delete .... ,then replace -->
+			<param-name>sqlKeyWord</param-name>
+			<param-value>drop,delete,truncate,update,insert,dbo.sysdatabases,
+			dbo.sysdatabases--,information_schema.columns,table_schema,
+			xp_cmdshell,group_concat,table_schema,declare,sitename,||,
+			exec,execute,create,table,grant,use,column_name,union,*,master,;,-,+,//,/,%,#,all_tab_columns,ascii,substring</param-value>
+		</init-param>
+		<init-param>
+			<!--verify parameter list, if request key include permItemId and value contains sql inject style ,then replace -->
+			<param-name>sqlinjectfilterparams</param-name>
+			<param-value>permItemId,personId,personID,relatedFieldId,serviceId,rootId,nodeId,billId,orgId,orgid,serviceName,uipk,sorterItems,parameters,sidx,sord,query,staffingId,staffId,uiClass,keyField,nd,objectID,proposerName,attendPeriodId,attendanceGroupID,proposerId,attendPolicyId,orgLongNum,bizManageTypeID,billIdParam,personid,positionId</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>SQLInjectionFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	<!-- Light App login filter begin -->
+	<filter>
+		<filter-name>Light App Login Filter</filter-name>
+		<filter-class>com.kingdee.shr.lightapp.filter.LightAppLoginFilter</filter-class>
+	</filter>
+	<filter-mapping>
+		<filter-name>Light App Login Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	<!-- AppScanAttackFilter -->
+	<filter>
+		<filter-name>AppScanAttackFilter</filter-name>
+		<filter-class>com.kingdee.shr.base.syssetting.web.filter.AppScanAttackFilter</filter-class>
+		<init-param>
+			<param-name>enableAppScanAttackFilter</param-name>
+			<param-value>true</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>AppScanAttackFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	<!-- order:4 DisableUrlSessionFilter -->
+	<filter>
+		<filter-name>DisableUrlSessionFilter</filter-name>
+		<filter-class>com.kingdee.shr.base.syssetting.web.filter.DisableUrlSessionFilter</filter-class>
+		<init-param>
+			<param-name>excludePattern</param-name>
+			<param-value>
+				method=print+,method=import+,handler=com.kingdee.shr.base.syssetting.web.handler.ImportInfoHandler,uipk=com.kingdee.shr.report.app.ReportDef.list	
+			</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>DisableUrlSessionFilter</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>DisableUrlSessionFilter</filter-name>
+		<url-pattern>*.jsp</url-pattern>
+	</filter-mapping>
+	<filter>
+		<filter-name>SHRAuthentiactionFilter</filter-name>
+		<filter-class>com.kingdee.shr.base.syssetting.web.filter.SHRAuthenticationFilter</filter-class>
+		<init-param>
+			<param-name>excludePattern</param-name>
+			<param-value>	
+			</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>SHRAuthentiactionFilter</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>SHRAuthentiactionFilter</filter-name>
+		<url-pattern>*.jsp</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>SHRAuthentiactionFilter</filter-name>
+		<url-pattern>*.html</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>SHRAuthentiactionFilter</filter-name>
+		<url-pattern>*.htm</url-pattern>
+	</filter-mapping>
+	<filter>
+		<filter-name>CAS Authentication Filter</filter-name>
+		<filter-class>
+			org.springframework.web.filter.DelegatingFilterProxy
+		</filter-class>
+		<init-param>
+			<param-name>targetBeanName</param-name>
+			<param-value>casAuthenticationFilter</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>CAS Authentication Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	<filter>
+		<filter-name>CAS Validation Filter</filter-name>
+		<filter-class>
+			org.springframework.web.filter.DelegatingFilterProxy
+		</filter-class>
+		<init-param>
+			<param-name>targetBeanName</param-name>
+			<param-value>casTicketValidationFilter</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>CAS Validation Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	<filter>
+		<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
+		<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
+	</filter>
+	<!--filter>
+		<filter-name>WafFilter</filter-name>
+		<filter-class>
+			com.kingdee.bos.waf.intercepter.ExtensionFilter
+		</filter-class>
+	</filter-->
+	<filter-mapping>
+		<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	<filter>
+		<filter-name>ContextConstructorFilter</filter-name>
+		<filter-class>com.kingdee.bos.sso.client.filter.ContextConstructorFilter</filter-class>
+	</filter>
+	<filter-mapping>
+		<filter-name>ContextConstructorFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	<!-- SSO 结束 -->
+	<!-- 暂时禁用性能监控filter
+	<filter>
+    	<filter-name>PerfLog Filter</filter-name>
+    	<filter-class>com.kingdee.eas.perflog.app.monitor.http.HttpFilter</filter-class>
+	</filter>
+	
+	<filter-mapping>
+	    <filter-name>PerfLog Filter</filter-name>
+	    <url-pattern>*</url-pattern>
+	</filter-mapping>  
+	 -->
+	<!--filter-mapping>
+		<filter-name>CAS Single Sign Out Filter</filter-name>    
+		<url-pattern>/*</url-pattern>    
+	</filter-mapping-->
+	<filter-mapping>
+		<filter-name>CAS Validation Filter</filter-name>
+		<url-pattern>/wfdesigner/*</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Authentication Filter</filter-name>
+		<url-pattern>/wfdesigner/*</url-pattern>
+	</filter-mapping>
+	<!-- <filter-mapping>
+		<filter-name>WafFilter</filter-name>
+		<url-pattern>/wfdesigner/*</url-pattern>
+	</filter-mapping><filter-mapping>
+		<filter-name>WafFilter</filter-name>
+		<url-pattern>/messagebroker/*</url-pattern>
+	</filter-mapping><filter-mapping>
+		<filter-name>WafFilter</filter-name>
+		<url-pattern>/processimage/*</url-pattern>
+	</filter-mapping> -->
+	<filter-mapping>
+		<filter-name>CAS Authentication Filter</filter-name>
+		<url-pattern>/servlet/BillServlet</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Authentication Filter</filter-name>
+		<url-pattern>/servlet/ListServlet</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Validation Filter</filter-name>
+		<url-pattern>/servlet/BillServlet</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Validation Filter</filter-name>
+		<url-pattern>/servlet/ListServlet</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Authentication Filter</filter-name>
+		<url-pattern>/wf-portal/*</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Validation Filter</filter-name>
+		<url-pattern>/wf-portal/*</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
+		<url-pattern>/wf-portal/*</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Authentication Filter</filter-name>
+		<url-pattern>/workflow/*</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Validation Filter</filter-name>
+		<url-pattern>/workflow/*</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
+		<url-pattern>/workflow/*</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Authentication Filter</filter-name>
+		<url-pattern>/billdigesttools/*.jsp</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Validation Filter</filter-name>
+		<url-pattern>/billdigesttools/*.jsp</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
+		<url-pattern>/billdigesttools/*.jsp</url-pattern>
+	</filter-mapping>
+	<!--filter-mapping>
+
+		<filter-name>WafFilter</filter-name>
+		<url-pattern>*.jsp</url-pattern>
+	</filter-mapping-->
+	<!--cas 3.0 client end-->
+	<filter>
+		<filter-name>SHRWeb RPC Filter</filter-name>
+		<filter-class>com.kingdee.shr.base.syssetting.filter.SHRWebRPCFilter</filter-class>
+	</filter>
+	<!--EASWeb RPC Filter-->
+	<filter-mapping>
+		<filter-name>SHRWeb RPC Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	<!-- <filter-mapping>
+		<filter-name>WafFilter</filter-name>
+		<url-pattern>*.jsf</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>WafFilter</filter-name>
+		<url-pattern>/servlet/BillServlet</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>WafFilter</filter-name>
+		<url-pattern>/servlet/BillEditServlet</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>WafFilter</filter-name>
+		<url-pattern>/servlet/ListServlet</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>WafFilter</filter-name>
+		<url-pattern>/servlet/BillListServlet</url-pattern>
+	</filter-mapping> -->
+	<filter>
+		<filter-name>User Monitor</filter-name>
+		<filter-class>com.kingdee.eas.hr.base.web.UserMonitorFilter</filter-class>
+	</filter>
+	<filter-mapping>
+		<filter-name>User Monitor</filter-name>
+		<url-pattern>*.action</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>User Monitor</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>User Monitor</filter-name>
+		<url-pattern>*.jsp</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>User Monitor</filter-name>
+		<url-pattern>*.html</url-pattern>
+	</filter-mapping>
+	<filter>
+		<filter-name>HR context Filter</filter-name>
+		<filter-class>com.kingdee.shr.base.filter.HRContextFilter</filter-class>
+	</filter>
+	<filter-mapping>
+		<filter-name>HR context Filter</filter-name>
+		<url-pattern>*.action</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>HR context Filter</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>HR context Filter</filter-name>
+		<url-pattern>*.jsp</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>HR context Filter</filter-name>
+		<url-pattern>*.html</url-pattern>
+	</filter-mapping>
+	<filter>
+		<filter-name>Upgrade Monitor</filter-name>
+		<filter-class>com.kingdee.shr.base.syssetting.filter.UpgradeMonitorFilter</filter-class>
+		<init-param>
+			<!-- 升级url白名单，配置在里面的无需拦截-->
+			<param-name>urlWhiteListed</param-name>
+			<param-value>
+            	/index.jsp,
+            	/login.do,
+            	/notUpgraded.jsp,
+            	/logout.jsp,
+            	/personSquarePhoto.do,
+            	/serviceMenu.do,
+            	/heartbeat.do,
+            	/shr/msf/service.do,
+            	/promptF7.do,
+            	/appData.do,
+            	/ces.jsp,
+            	/clubService/getUnReadNews.do,
+            	/web_frame/easrpc/login.do,
+            	/web_frame/easrpc/frame.do,
+            	/shr_loginout/logoutAndReleaseResource.do
+        	</param-value>
+		</init-param>
+		<init-param>
+			<!-- 升级uipk白名单，配置在里面的无需拦截-->
+			<param-name>uipkWhiteListed</param-name>
+			<param-value>
+            	com.kingdee.eas.hr.mvdt.app.ControlDataMoveProject.form,
+            	shr.org.AdminOrgUnitDataMove_list,
+            	com.kingdee.eas.basedata.org.app.OrgUnitLayerType.F7,
+            	shr.org.AdminOrgUnitDataMove_form,
+            	com.kingdee.shr.shrimport.app.ImportTask.userList
+        	</param-value>
+		</init-param>
+		<init-param>
+			<!-- 升级handler白名单，配置在里面的无需拦截-->
+			<param-name>handlerWhiteListed</param-name>
+			<param-value>
+            	com.kingdee.eas.hr.mvdt.web.handler.ControlDataMoveProjectHandler,
+            	com.kingdee.eas.hr.mvdt.web.handler.DataMoveProjectHandler,
+            	com.kingdee.eas.hr.mvdt.web.handler.SHRMvTableListHandler,
+            	com.kingdee.shr.base.syssetting.web.handler.ImportInfoHandler,
+            	com.kingdee.eas.hr.org.web.handler.OrgUnitListHandler,
+            	com.kingdee.eas.hr.org.web.handler.OrgUnitLayerTypeF7Handler,
+            	com.kingdee.shr.hr.mvdt.handler.ControlAdminDataMoveHandler,
+            	com.kingdee.eas.hr.org.web.handler.OrgUnitEditHandler,
+            	com.kingdee.shr.base.syssetting.web.handler.SystemConfigSolutionHandler,
+            	com.kingdee.shr.hr.mvdt.handler.ControlCompensationDataMoveHandler,
+            	com.kingdee.shr.base.syssetting.web.handler.LogJarClassInfoToolsHandler
+        	</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>Upgrade Monitor</filter-name>
+		<url-pattern>*.action</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>Upgrade Monitor</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>Upgrade Monitor</filter-name>
+		<url-pattern>*.jsp</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>Upgrade Monitor</filter-name>
+		<url-pattern>*.html</url-pattern>
+	</filter-mapping>
+	<listener>
+		<listener-class>
+			org.springframework.web.context.ContextLoaderListener
+		</listener-class>
+	</listener>
+	<!-- SSO 开始 -->
+	<listener>
+		<listener-class>com.kingdee.eas.cp.common.url.service.web.WebSessionListener</listener-class>
+	</listener>
+	<!-- <servlet>
+		<servlet-name>WfProcessImageServlet</servlet-name>
+		<servlet-class>com.kingdee.bos.workflow.designer.servlet.ProcessImageServlet</servlet-class>
+		<load-on-startup>2</load-on-startup>
+	</servlet> -->
+	<!--servlet>
+		<servlet-name>FlexMessageBrokerServlet</servlet-name>
+		<servlet-class>flex.messaging.MessageBrokerServlet</servlet-class>
+		<init-param>
+			<param-name>services.configuration.file</param-name>
+			<param-value>/WEB-INF/flex/services-config.xml</param-value>
+		</init-param>
+		<load-on-startup>1</load-on-startup>
+	</servlet-->
+	<!--servlet>
+		<servlet-name>Faces Servlet</servlet-name>
+		<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
+		<load-on-startup>1</load-on-startup>
+	</servlet-->
+	<!--servlet>
+		<servlet-name>ResourceServlet</servlet-name>
+		<servlet-class>
+			com.kingdee.bos.web.resource.ResourceServlet
+		</servlet-class>
+		<load-on-startup>10</load-on-startup>
+	</servlet-->
+	<!--servlet>
+		<servlet-name>Logout Servlet</servlet-name>
+		<servlet-class>
+			com.kingdee.bos.waf.security.Logout
+		</servlet-class>
+	</servlet-->
+	<servlet>
+		<servlet-name>BuffaloServlet</servlet-name>
+		<servlet-class>net.buffalo.web.servlet.ApplicationServlet</servlet-class>
+		<init-param>
+			<param-name>debug</param-name>
+			<param-value>true</param-value>
+		</init-param>
+	</servlet>
+	<!-- webApi servlet-->
+	<servlet>
+		<servlet-name>OAToSHR</servlet-name>
+		<servlet-class>com.kingdee.eas.custom.sso.OAToSHR</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>OAToSHR</servlet-name>
+		<url-pattern>/api/oAToSHR</url-pattern>
+	</servlet-mapping>
+
+
+	<servlet-mapping>
+		<servlet-name>BuffaloServlet</servlet-name>
+		<url-pattern>/BUFFALO/*</url-pattern>
+	</servlet-mapping>
+	<!-- <servlet-mapping>
+		<servlet-name>WfProcessImageServlet</servlet-name>
+		<url-pattern>/processimage/*</url-pattern>
+	</servlet-mapping> -->
+	<!-- <servlet-mapping>
+		<servlet-name>FlexMessageBrokerServlet</servlet-name>
+		<url-pattern>/messagebroker/*</url-pattern>
+	</servlet-mapping> -->
+	<!--servlet-mapping>
+		<servlet-name>Faces Servlet</servlet-name>
+		<url-pattern>*.jsf</url-pattern>
+	</servlet-mapping-->
+	<servlet-mapping>
+		<servlet-name>Logout Servlet</servlet-name>
+		<url-pattern>/logout</url-pattern>
+	</servlet-mapping>
+	<!--servlet-mapping>
+		<servlet-name>ResourceServlet</servlet-name>
+		<url-pattern>/_global/*</url-pattern>
+	</servlet-mapping-->
+	<mime-mapping>
+		<extension>mht</extension>
+		<mime-type>message/rfc822</mime-type>
+	</mime-mapping>
+	<!-- pack script -->
+	<servlet>
+		<description>This is the servlet needed for cache.type servlet, returns the packed resources</description>
+		<display-name>PackServlet</display-name>
+		<servlet-name>PackServlet</servlet-name>
+		<servlet-class>net.sf.packtag.servlet.PackServlet</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>PackServlet</servlet-name>
+		<url-pattern>styles/combined*.css</url-pattern>
+	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>PackServlet</servlet-name>
+		<url-pattern>combined*.js</url-pattern>
+	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>PackServlet</servlet-name>
+		<url-pattern>styles/external*.css</url-pattern>
+	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>PackServlet</servlet-name>
+		<url-pattern>external*.js</url-pattern>
+	</servlet-mapping>
+	<context-param>
+		<param-name>
+			com.kingdee.bos.webframework.SCRIPT_DEBUG
+		</param-name>
+		<param-value>false</param-value>
+	</context-param>
+	<context-param>
+		<param-name>
+			com.kingdee.bos.webframework.SUPPORT_MULTILANG
+		</param-name>
+		<param-value>false</param-value>
+	</context-param>
+	<context-param>
+		<param-name>
+			com.kingdee.bos.webframework.LANGS
+		</param-name>
+		<param-value>L1,L2,L3</param-value>
+	</context-param>
+	<!--context-param>   
+	    <param-name>webAppRootKey</param-name>   
+	    <param-value>easweb.root</param-value> 
+	 </context-param-->
+	<!--listener>   
+	    <listener-class>   
+	    org.springframework.web.util.WebAppRootListener   
+	    </listener-class>   
+	 </listener-->
+	<filter>
+		<filter-name>WafHttpRequestFilter</filter-name>
+		<filter-class>com.kingdee.shr.base.syssetting.filter.ShrHttpRequestFilter</filter-class>
+		<init-param>
+			<param-name>CONVERSATION_SUPPORT</param-name>
+			<param-value>true</param-value>
+		</init-param>
+		<init-param>
+			<param-name>RESPONSE_BUFFER_SIZE</param-name>
+			<param-value>5000</param-value>
+		</init-param>
+	</filter>
+	<filter-mapping>
+		<filter-name>CAS Authentication Filter</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS Validation Filter</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<filter>
+		<filter-name>Waf2ContextFilter</filter-name>
+		<filter-class>
+            com.kingdee.shr.base.syssetting.filter.SHRContextFilter
+		</filter-class>
+	</filter>
+	<filter-mapping>
+		<filter-name>Waf2ContextFilter</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<filter-mapping>
+		<filter-name>WafHttpRequestFilter</filter-name>
+		<url-pattern>*.do</url-pattern>
+	</filter-mapping>
+	<!-- order:  SHRRequestWorkPlatformFilter -->
+	<filter>
+		<filter-name>SHRRequestWorkPlatformFilter</filter-name>
+		<filter-class>com.kingdee.shr.base.syssetting.web.filter.SHRRequestWorkPlatformFilter</filter-class>
+	</filter>
+	<filter-mapping>
+		<filter-name>SHRRequestWorkPlatformFilter</filter-name>
+		<url-pattern>*.html</url-pattern>
+	</filter-mapping>
+	<servlet>
+		<servlet-name>MVCServlet</servlet-name>
+		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
+		<init-param>
+			<param-name>contextConfigLocation</param-name>
+			<param-value>/WEB-INF/properties/applicationContext.xml</param-value>
+		</init-param>
+		<load-on-startup>1</load-on-startup>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>MVCServlet</servlet-name>
+		<url-pattern>*.do</url-pattern>
+	</servlet-mapping>
+	<!-- 500错误页面 -->
+	<error-page>
+		<error-code>500</error-code>
+		<location>/500.jsp</location>
+	</error-page>
+	<!-- 404错误页面 -->
+	<error-page>
+		<error-code>404</error-code>
+		<location>/404.jsp</location>
+	</error-page>
+	<listener>
+		<listener-class>com.kingdee.shr.base.syssetting.web.listener.SHRAppListener</listener-class>
+	</listener>
+	<listener>
+		<listener-class>com.kingdee.shr.base.syssetting.web.listener.SHRSessionListener</listener-class>
+	</listener>
+	<welcome-file-list>
+		<welcome-file>index.jsp</welcome-file>
+	</welcome-file-list>
+	<mime-mapping>
+		<extension>docx</extension>
+		<mime-type>application/vnd.openxmlformats-officedocument.wordprocessingml.document</mime-type>
+	</mime-mapping>
+	<mime-mapping>
+		<extension>xlsx</extension>
+		<mime-type>application/vnd.openxmlformats-officedocument.spreadsheetml.sheet</mime-type>
+	</mime-mapping>
+	<mime-mapping>
+		<extension>pptx</extension>
+		<mime-type>application/vnd.openxmlformats-officedocument.presentationml.presentation</mime-type>
+	</mime-mapping>
+</web-app>

patch/profiles/server1/config/portalConfig/CASLoginConfig.properties

@@ -0,0 +1,11 @@
+solutionName=eas
+dataCenter=scy01
+locale=L2
+DBType=0
+userAuthPattern=BaseDB
+isPureWeb=true
+redirectTo=null
+userDomain= 
+loginFlow=true
+sso.user.mapping=false
+sso.user.useExternalUser=false

patch/profiles/server1/config/portalConfig/WSConfig.xml

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<config>
+	<class>
+		<server>192.168.17.70*9090#http://192.168.61.120:6910/easweb/cp/uc/imsso.jsp?username=#useraccount&amp;redirectTo=http://192.168.61.120:6910/easweb/cp/uc/checkUrl.jsf</server>
+		<path>com.kingdee.eas.custom.messageWebService.OAMessageWebServiceDao</path>
+		<dataCenter>scy01</dataCenter>
+		<task value="true">
+			<workflow>true</workflow>
+		</task>
+		<notice value="true">
+			<workflow>true</workflow>
+			<forwarn>true</forwarn>
+			<urgent>true</urgent>
+		</notice>
+		<online value="true">
+		</online>
+	</class>
+</config>

patch/profiles/server1/config/portalConfig/easWebConfig.xml

@@ -0,0 +1,114 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 rel. 2 U (http://www.xmlspy.com) by whli (asdf) -->
+<config>
+   <configitem name="module_promote">
+      <attribute key="enable" value="true" />
+      <attribute key="url" value="http://appcenter.cmcloud.cn/subjectList.do?pid=S3S001S001&amp;columnNum=3&amp;rowNum=4" />
+   </configitem><configitem name="module_help">
+      <attribute key="enable" value="true" />
+      <attribute key="url" value="http://faq.kisdee.com/html/product/eas/" />
+   </configitem><configitem name="module_onlineService">
+      <attribute key="enable" value="true" />
+      <attribute key="url" value="http://service.kingdee.com/csso/customer/productLogin.action?easType=http://service.kingdee.com/easPortal/index.action&amp;source=3&amp;productno=" />
+   </configitem><configitem name="module_appStore">
+      <attribute key="enable" value="true" />
+      <attribute key="url" value="http://images.kisdee.com/cmcloud/images/appcenter/client/appstore/index.htm?pid=S3S001S001&amp;ver=7.0" />
+   </configitem><configitem name="module_pj">
+      <attribute key="enable" value="true" />
+      <attribute key="url" value="http://appcenter.cmcloud.cn/feedback/feedbackAction.do" />
+   </configitem><configitem name="XT_EAS">
+      <!--  客户申请的3g号(需要修改)-->
+      <attribute key="cust3gNo" value="" />
+      <!--  讯通的baseUrl-->
+      <attribute key="xtUrl" value="http://mcloud.kingdee.com:6899/xuntong/empeclite/ZY3efgVc16A=/" />
+      <!--  讯通Agent的url-->
+      <attribute key="xtAgentUrl" value="http://mcloud.kingdee.com:6899/xtweb" />
+      <!--  系统移动应用的配置目录(需要修改)-->
+      <attribute key="keyPath" value="server/properties/mobile/" />
+   </configitem><configitem name="XT">
+      <!--与XT集成的参数-->
+      <attribute key="endPoint" value="http://mcloud.kingdee.com:6899/xtapi/open.action" />
+      <attribute key="appID" value="XTAPP100" />
+      <!--  客户申请的3g号(需要修改)-->
+      <attribute key="mid" value="11819" />
+      <!--  是否发送通知消息（false为不发送，true为发送）-->
+      <attribute key="isSend" value="false" />
+   </configitem>
+   <configitem name="defaultpage">
+      <!--true：登陆后转到集成页；false:登陆后到easportal-->
+      <attribute key="integration" value="false" />
+   </configitem>
+   <configitem name="integration">
+      <configitem name="integrationInfo">
+         <!--attribute key="key值" value="系统名#访问地址#图片地址#是否新开窗口"-->
+         <attribute key="1" value="人力资源系统#http://localhost:6888/easportal#hr#true" />
+         <attribute key="2" value="办公自动化系统#http://localhost:6888/easportal#oa#true" />
+         <attribute key="3" value="协同平台#/easportal/layout.do#general#false" />
+      </configitem>
+   </configitem>
+   <configitem name="fileUpdate">
+      <!--true：按需下载；false：全下载-->
+      <attribute key="ondemandUpdate" value="true" />
+      <!--1：按断点续传；0：一次性下载-->
+      <attribute key="netFox" value="1" />
+      <!--下载失败继续试n次-->
+      <attribute key="totalTryCount" value="3" />
+      <!--netfox方式：每次下载n kb-->
+      <attribute key="onceDownKBytes" value="256" />
+   </configitem>
+   <configitem name="yiruan_OA">
+      <!--与怡软OA集成的url地址-->
+      <attribute key="url" value="/easoa/login/kingdee_sso_login.jsp?module=workflow" />
+   </configitem>
+   <configitem name="debug">
+      <!--true：为调试模式 false：非调试模式-->
+      <attribute key="debug" value="false" />
+      <!--本地加载路径-->
+      <attribute key="easclienthome" value="C:\kingdee\eas\client" />
+      <!--本地元数据加载路径-->
+      <attribute key="metadatapath" value="C:\kingdee\eas\client\metadata\" />
+   </configitem>
+   <configitem name="defaultColorStyle">
+      <!--css配置文件路径-->
+      <attribute key="skinPath" value="/skin/01" />
+      <attribute key="isSimple" value="false" />
+   </configitem>
+   <configitem name="defaultInstallMode">
+      <!--默认用户安装模式 started启动触发 starting启动后触发 beStart 启动前触发-->
+      <attribute key="installMode" value="started" />
+   </configitem>
+   <configitem name="loginMode">
+      <!--是否从portal直接登录到gui-->
+      <attribute key="portalToGui" value="true" />
+   </configitem>
+   <configitem name="otherSystem">
+      <!--是否启用与第三方系统消息集成-->
+      <attribute key="toSys" value="true" />
+      <attribute key="letGet" value="false" />
+   </configitem>
+   <configitem name="cacheResource">
+      <!--缓存资源-->
+      <attribute key="cacheMime" value=".js,.htc,.css,.gif,.jpeg,.jpg,.png,.xml,.gz,.html" />
+      <attribute key="isGZ" value="true" />
+      <attribute key="gzMime" value=".js,.htc,.css,.xml,.html" />
+      <attribute key="maxAge" value="1209600" />
+      <attribute key="expires" value="365" />
+   </configitem>
+   <configitem name="ValidateCodeParam">
+      <attribute key="isEnableValidateCode" value="true" />
+   </configitem>
+   <!-- web登录语言项由bosconfig.xml移到此处 -->
+   <configitem name="supportlanguage">
+      <!--key的格式为"AA#BB"，其中AA为EAS系统语言（例如L1,L2,L3，与solution中一致），
+             BB为该语言在多语言控件中的显示简称， value为该语言的显示名称-->
+      <attribute key="L2#CH" value="简体中文" />
+      <attribute key="L3#TW" value="繁体中文" />
+      <!-- <attribute key="L1#EN" value="English" />  -->
+   </configitem>
+   <configitem name="XT_EAS">
+      <attribute key="cust3gNo" value="15757" />
+      <attribute key="xtAgentUrl" value="http://xunt.im/xtweb" />
+      <!-- <attribute key="L1#EN" value="English" />  -->
+   </configitem>
+</config>
+

patch/profiles/server2/config/portalConfig/WSConfig.xml

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<config>
+	<class>
+		<server>192.168.17.70*9090#http://192.168.61.120:6910/easweb/cp/uc/imsso.jsp?username=#useraccount&amp;redirectTo=http://192.168.61.120:6910/easweb/cp/uc/checkUrl.jsf</server>
+		<path>com.kingdee.eas.custom.messageWebService.OAMessageWebServiceDao</path>
+		<dataCenter>scy01</dataCenter>
+		<task value="true">
+			<workflow>true</workflow>
+		</task>
+		<notice value="true">
+			<workflow>true</workflow>
+			<forwarn>true</forwarn>
+			<urgent>true</urgent>
+		</notice>
+		<online value="true">
+		</online>
+	</class>
+</config>

patch/profiles/server2/config/portalConfig/easWebConfig.xml

@@ -0,0 +1,114 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 rel. 2 U (http://www.xmlspy.com) by whli (asdf) -->
+<config>
+   <configitem name="module_promote">
+      <attribute key="enable" value="true" />
+      <attribute key="url" value="http://appcenter.cmcloud.cn/subjectList.do?pid=S3S001S001&amp;columnNum=3&amp;rowNum=4" />
+   </configitem><configitem name="module_help">
+      <attribute key="enable" value="true" />
+      <attribute key="url" value="http://faq.kisdee.com/html/product/eas/" />
+   </configitem><configitem name="module_onlineService">
+      <attribute key="enable" value="true" />
+      <attribute key="url" value="http://service.kingdee.com/csso/customer/productLogin.action?easType=http://service.kingdee.com/easPortal/index.action&amp;source=3&amp;productno=" />
+   </configitem><configitem name="module_appStore">
+      <attribute key="enable" value="true" />
+      <attribute key="url" value="http://images.kisdee.com/cmcloud/images/appcenter/client/appstore/index.htm?pid=S3S001S001&amp;ver=7.0" />
+   </configitem><configitem name="module_pj">
+      <attribute key="enable" value="true" />
+      <attribute key="url" value="http://appcenter.cmcloud.cn/feedback/feedbackAction.do" />
+   </configitem><configitem name="XT_EAS">
+      <!--  客户申请的3g号(需要修改)-->
+      <attribute key="cust3gNo" value="" />
+      <!--  讯通的baseUrl-->
+      <attribute key="xtUrl" value="http://mcloud.kingdee.com:6899/xuntong/empeclite/ZY3efgVc16A=/" />
+      <!--  讯通Agent的url-->
+      <attribute key="xtAgentUrl" value="http://mcloud.kingdee.com:6899/xtweb" />
+      <!--  系统移动应用的配置目录(需要修改)-->
+      <attribute key="keyPath" value="server/properties/mobile/" />
+   </configitem><configitem name="XT">
+      <!--与XT集成的参数-->
+      <attribute key="endPoint" value="http://mcloud.kingdee.com:6899/xtapi/open.action" />
+      <attribute key="appID" value="XTAPP100" />
+      <!--  客户申请的3g号(需要修改)-->
+      <attribute key="mid" value="11819" />
+      <!--  是否发送通知消息（false为不发送，true为发送）-->
+      <attribute key="isSend" value="false" />
+   </configitem>
+   <configitem name="defaultpage">
+      <!--true：登陆后转到集成页；false:登陆后到easportal-->
+      <attribute key="integration" value="false" />
+   </configitem>
+   <configitem name="integration">
+      <configitem name="integrationInfo">
+         <!--attribute key="key值" value="系统名#访问地址#图片地址#是否新开窗口"-->
+         <attribute key="1" value="人力资源系统#http://localhost:6888/easportal#hr#true" />
+         <attribute key="2" value="办公自动化系统#http://localhost:6888/easportal#oa#true" />
+         <attribute key="3" value="协同平台#/easportal/layout.do#general#false" />
+      </configitem>
+   </configitem>
+   <configitem name="fileUpdate">
+      <!--true：按需下载；false：全下载-->
+      <attribute key="ondemandUpdate" value="true" />
+      <!--1：按断点续传；0：一次性下载-->
+      <attribute key="netFox" value="1" />
+      <!--下载失败继续试n次-->
+      <attribute key="totalTryCount" value="3" />
+      <!--netfox方式：每次下载n kb-->
+      <attribute key="onceDownKBytes" value="256" />
+   </configitem>
+   <configitem name="yiruan_OA">
+      <!--与怡软OA集成的url地址-->
+      <attribute key="url" value="/easoa/login/kingdee_sso_login.jsp?module=workflow" />
+   </configitem>
+   <configitem name="debug">
+      <!--true：为调试模式 false：非调试模式-->
+      <attribute key="debug" value="false" />
+      <!--本地加载路径-->
+      <attribute key="easclienthome" value="C:\kingdee\eas\client" />
+      <!--本地元数据加载路径-->
+      <attribute key="metadatapath" value="C:\kingdee\eas\client\metadata\" />
+   </configitem>
+   <configitem name="defaultColorStyle">
+      <!--css配置文件路径-->
+      <attribute key="skinPath" value="/skin/01" />
+      <attribute key="isSimple" value="false" />
+   </configitem>
+   <configitem name="defaultInstallMode">
+      <!--默认用户安装模式 started启动触发 starting启动后触发 beStart 启动前触发-->
+      <attribute key="installMode" value="started" />
+   </configitem>
+   <configitem name="loginMode">
+      <!--是否从portal直接登录到gui-->
+      <attribute key="portalToGui" value="true" />
+   </configitem>
+   <configitem name="otherSystem">
+      <!--是否启用与第三方系统消息集成-->
+      <attribute key="toSys" value="true" />
+      <attribute key="letGet" value="false" />
+   </configitem>
+   <configitem name="cacheResource">
+      <!--缓存资源-->
+      <attribute key="cacheMime" value=".js,.htc,.css,.gif,.jpeg,.jpg,.png,.xml,.gz,.html" />
+      <attribute key="isGZ" value="true" />
+      <attribute key="gzMime" value=".js,.htc,.css,.xml,.html" />
+      <attribute key="maxAge" value="1209600" />
+      <attribute key="expires" value="365" />
+   </configitem>
+   <configitem name="ValidateCodeParam">
+      <attribute key="isEnableValidateCode" value="true" />
+   </configitem>
+   <!-- web登录语言项由bosconfig.xml移到此处 -->
+   <configitem name="supportlanguage">
+      <!--key的格式为"AA#BB"，其中AA为EAS系统语言（例如L1,L2,L3，与solution中一致），
+             BB为该语言在多语言控件中的显示简称， value为该语言的显示名称-->
+      <attribute key="L2#CH" value="简体中文" />
+      <attribute key="L3#TW" value="繁体中文" />
+      <!-- <attribute key="L1#EN" value="English" />  -->
+   </configitem>
+   <configitem name="XT_EAS">
+      <attribute key="cust3gNo" value="15757" />
+      <attribute key="xtAgentUrl" value="http://xunt.im/xtweb" />
+      <!-- <attribute key="L1#EN" value="English" />  -->
+   </configitem>
+</config>
+

patch/properties/scy/OASSOConfig.properties

@@ -0,0 +1,10 @@
+#OA认证
+authorizePath=http://oa.shichuangyi.cn:8080/sso/oauth2.0/authorize
+client_id=4385e7ea-16cc-4328-a9dc-a3046c5b1614
+response_type=code
+redirect_uri1=http://ehr.shichuangyi.cn:8080/shr/api/oAToSHR
+getAccessTokenPath=http://oa.shichuangyi.cn:8080/sso/oauth2.0/accessToken
+client_secret=OtuYO2Uwxp9mjrOcbiWcTWMA
+redirect_uri2=http://ehr.shichuangyi.cn:8080/shr/api/oAToSHR
+getLoginIdPath=http://oa.shichuangyi.cn:8080/sso/oauth2.0/profile
+serverName=http://ehr.shichuangyi.cn:8080

patch/properties/scy/receiveOAConfig.properties

@@ -0,0 +1,5 @@
+#推送OA待办消息地址
+receiveOAPath=http://oa.shichuangyi.cn:8080/rest/ofs/ReceiveRequestInfoByJson
+#异构系统标识
+syscode=SHR
+serverName=http://ehr.shichuangyi.cn:8080

patch/properties/scy/syncMJConfig.properties

@@ -0,0 +1,3 @@
+jdbc=jdbc:sqlserver://10.0.3.23:1433;databaseName=kaoqin;encrypt=true;trustServerCertificate=true;
+user=zhongkong
+password=6554+oijhh@

patch/properties/scy/syncOAConfig.properties

@@ -0,0 +1,16 @@
+key=90b7fe25-f2a6-4ec1-8013-2e5bfa5c18a7
+url=http://10.0.3.149:8080
+#获取部门列表
+getHrmdepApiUrl=http://10.0.3.149:8080/api/hrm/resful/getHrmdepartmentWithPage
+#获取岗位列表
+getJobtitleApiUrl=http://10.0.3.149:8080/api/hrm/resful/getJobtitleInfoWithPage
+#获取人员信息列表
+getHrmUserApiUrl=http://10.0.3.149:8080/api/hrm/resful/getHrmUserInfoWithPage
+#同步分部
+synSubcompany=http://10.0.3.149:8080/api/hrm/resful/synSubcompany
+#同步部门
+syncOrgUnitApiUrl=http://10.0.3.149:8080/api/hrm/resful/synDepartment
+#同步岗位
+syncPositionApiUrl=http://10.0.3.149:8080/api/hrm/resful/synJobtitle
+#同步人员
+syncPersonApiUrl=http://10.0.3.149:8080/api/hrm/resful/synHrmresource

patch/部署说明.txt

@@ -0,0 +1,3 @@
+1、部署文件
+
+2、

properties/scy/OASSOConfig.properties

@@ -0,0 +1,10 @@
+#OA认证
+authorizePath=http://oa.shichuangyi.cn:8080/sso/oauth2.0/authorize
+client_id=4385e7ea-16cc-4328-a9dc-a3046c5b1614
+response_type=code
+redirect_uri1=http://ehr.shichuangyi.cn:8080/shr/api/oAToSHR
+getAccessTokenPath=http://oa.shichuangyi.cn:8080/sso/oauth2.0/accessToken
+client_secret=OtuYO2Uwxp9mjrOcbiWcTWMA
+redirect_uri2=http://ehr.shichuangyi.cn:8080/shr/api/oAToSHR
+getLoginIdPath=http://oa.shichuangyi.cn:8080/sso/oauth2.0/profile
+serverName=http://ehr.shichuangyi.cn:8080

properties/scy/receiveOAConfig.properties

@@ -0,0 +1,5 @@
+#推送OA待办消息地址
+receiveOAPath=http://oa.shichuangyi.cn:8080/rest/ofs/ReceiveRequestInfoByJson
+#异构系统标识
+syscode=SHR
+serverName=http://ehr.shichuangyi.cn:8080