tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject cvs commit: jakarta-tomcat/src/doc readme
Date Sat, 18 Nov 2000 00:07:01 GMT
craigmcc    00/11/17 16:07:01

  Modified:    src/doc  Tag: tomcat_32 readme
  Remove the old comment about security constraints and RequestDispatcher, which
  turned out to be incorrect.
  Add a new "Known Issue" comment about the fact that the generated configuration
  files (such as tomcat-apache.conf) for web server integration known nothing
  about the contents of "web.xml".
  Revision  Changes    Path
  No                   revision
  No                   revision   +12 -13    jakarta-tomcat/src/doc/readme
  Index: readme
  RCS file: /home/cvs/jakarta-tomcat/src/doc/readme,v
  retrieving revision
  retrieving revision
  diff -u -r1.8.2.5 -r1.8.2.6
  --- readme	2000/11/05 07:25:02
  +++ readme	2000/11/18 00:07:00
  @@ -1,4 +1,4 @@
  -$Id: readme,v 2000/11/05 07:25:02 craigmcc Exp $
  +$Id: readme,v 2000/11/18 00:07:00 craigmcc Exp $
                              Release Notes for:
  @@ -270,17 +270,16 @@
   Tomcat, then invoking those links would carry the mismatched case to Tomcat
   where it cause the resource not to be found.
  -6.8 Container Managed Security Constraints
  +6.8 Generated Configuration Files for Web Connectors
  -Due to the way that Tomcat 3.2 is implemented, container managed security
  -constraints are imposed both on the original request URI *and* on subrequests
  -initiated to handle RequestDispatcher.forward() or RequestDispatcher.include()
  -calls.  Whether or not this should actually be done was not defined in the
  -Servlet 2.2 Specification, but has been clarified in 2.3 -- security
  -constraints should only be applied on the original request URI.
  -For future compatibility, you should be aware of this issue as you design your
  -security constraint architecture, to avoid portability problems if you ever
  -migrate to a different Servlet 2.2 container (which might implement this
  -differently), or to a Servlet 2.3 container at a later date.
  +At startup time, Tomcat normally generates configuration files like
  +"tomcat-apache.conf" to reflect the contexts that are defined.  However, the
  +generated files do NOT reflect any configuration settings found inside the
  +web application deployment descriptor file (web.xml) for your application.
  +You will need to configure any such settings that are relevant directly into
  +your web server's configuration files.
  +This is a known limitation of the design of the web connectors for Tomcat 3.2,
  +and will be addressed by the introduction of the MOD_WARP connector in
  +Tomcat 4.0.

View raw message