tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henri Gomez <hgo...@apache.org>
Subject Re: [next] What's next ?
Date Thu, 02 Oct 2003 15:32:16 GMT
Jean-Francois Arcand a écrit :

> 
> 
> Henri Gomez wrote:
> 
>> Henri Gomez a écrit :
>>
>>>
>>>>> 3. Provide a complete working configuration example for a cluster of
>>>>> tomcat servers with a front-end tomcat as well, i.e. a pure 
>>>>> tomcat-only
>>>>> solution.  We already have the jvmRoute mechanism, but I think it 
>>>>> needs
>>>>> more examples/documentation so that people start using it.
>>>>
>>>>
>>
>> One of the features I'd like to see in Tomcat 5.x, a features which 
>> prevent me to use TC 4.0.x, 4.1.x and 5.x on my production server is
>> the ability to use external entities from within a web.xml.
>>
>> Let me explain :
>>
>> We have many customers which run the same application but with 
>> differents settings. All the settings are present in the web.xml
>> via the use of external entities which are included at run-time. 
> 
> 
> +1
> 
>>
>>
>> The security mechanism in TC 4.x and higher (due to digester)
>> avoid me to use such easy configuration tuning and so we have
>> to stay with Tomcat 3.3.x for now. 
> 
> 
> I'm probably missing something here....why the digester suffer from that 
> limitation? What kind of security exception are you seeing. If you give 
> all permissions to the Digester, does it change something?

i don't know how to setup digester to do it but the last time I tried 
with TC 4.1.x, I couldn't get external entities :

Here is a sample web.xml :

In my case env and defusr are located in ../../etc/webapp/app.xml
which differs from one client to another.
With the current limitation (tested on TC 4.1.x), I couldn't have them
loaded from ../../etc/webapp/app.xml...



---


<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 
2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd"
[ <!ENTITY % appconf  SYSTEM "../../etc/webapp/app.xml"> %appconf; ]>

<web-app>

   <context-param>
     <param-name>def.user</param-name>
     <param-value>&defusr;</param-value>
   </context-param>

   <servlet>
     <servlet-name>startup</servlet-name>
     <servlet-class>my.StartupServlet</servlet-class>

    <init-param>
       <param-name>env</param-name>
       <param-value>&envid;</param-value>
    </init-param>

   </servlet>

   <session-config>
     <session-timeout>30</session-timeout>
   </session-config>
   <welcome-file-list>
     <welcome-file>/index</welcome-file>
   </welcome-file-list>
</web-app>



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message