tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henri Gomez <>
Subject Re: [next] What's next ?
Date Thu, 02 Oct 2003 15:32:16 GMT
Jean-Francois Arcand a écrit :

> Henri Gomez wrote:
>> Henri Gomez a écrit :
>>>>> 3. Provide a complete working configuration example for a cluster of
>>>>> tomcat servers with a front-end tomcat as well, i.e. a pure 
>>>>> tomcat-only
>>>>> solution.  We already have the jvmRoute mechanism, but I think it 
>>>>> needs
>>>>> more examples/documentation so that people start using it.
>> One of the features I'd like to see in Tomcat 5.x, a features which 
>> prevent me to use TC 4.0.x, 4.1.x and 5.x on my production server is
>> the ability to use external entities from within a web.xml.
>> Let me explain :
>> We have many customers which run the same application but with 
>> differents settings. All the settings are present in the web.xml
>> via the use of external entities which are included at run-time. 
> +1
>> The security mechanism in TC 4.x and higher (due to digester)
>> avoid me to use such easy configuration tuning and so we have
>> to stay with Tomcat 3.3.x for now. 
> I'm probably missing something here....why the digester suffer from that 
> limitation? What kind of security exception are you seeing. If you give 
> all permissions to the Digester, does it change something?

i don't know how to setup digester to do it but the last time I tried 
with TC 4.1.x, I couldn't get external entities :

Here is a sample web.xml :

In my case env and defusr are located in ../../etc/webapp/app.xml
which differs from one client to another.
With the current limitation (tested on TC 4.1.x), I couldn't have them
loaded from ../../etc/webapp/app.xml...


<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 
2.2//EN" ""
[ <!ENTITY % appconf  SYSTEM "../../etc/webapp/app.xml"> %appconf; ]>







To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message