Return-Path: X-Original-To: apmail-tomcat-dev-archive@www.apache.org Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 22BB710AB1 for ; Fri, 13 Sep 2013 16:24:36 +0000 (UTC) Received: (qmail 39034 invoked by uid 500); 13 Sep 2013 16:24:35 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 38979 invoked by uid 500); 13 Sep 2013 16:24:35 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 38970 invoked by uid 99); 13 Sep 2013 16:24:35 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Sep 2013 16:24:35 +0000 X-ASF-Spam-Status: No, hits=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE X-Spam-Check-By: apache.org Received-SPF: error (nike.apache.org: local policy) Received: from [76.96.62.80] (HELO qmta08.westchester.pa.mail.comcast.net) (76.96.62.80) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Sep 2013 16:24:26 +0000 Received: from omta16.westchester.pa.mail.comcast.net ([76.96.62.88]) by qmta08.westchester.pa.mail.comcast.net with comcast id Qd6E1m0061uE5Es58gPlW0; Fri, 13 Sep 2013 16:23:45 +0000 Received: from Christophers-MacBook-Pro.local ([69.143.106.98]) by omta16.westchester.pa.mail.comcast.net with comcast id QgPl1m00U27QCxh3cgPlWu; Fri, 13 Sep 2013 16:23:45 +0000 Message-ID: <52333C11.3000207@christopherschultz.net> Date: Fri, 13 Sep 2013 12:23:45 -0400 From: Christopher Schultz User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 MIME-Version: 1.0 To: Tomcat Developers List Subject: Re: Problem with o.a.c.webresources and packed WARs References: <52331014.3010005@apache.org> In-Reply-To: <52331014.3010005@apache.org> X-Enigmail-Version: 1.5.2 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="gW0gOo47STQjCrMDw708r7sN4lSCoAFmV" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20121106; t=1379089425; bh=FlsSKU0CNcOBSCMPSH0S/zPZ/tgKylLpK3gdotnf5Xo=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=gTkF5yHbQulkcm6yc3Zav7O695tGsUO9ns0+mCTWqzZmoGiLzUHEgfkMW5yfwdTWc IlZ93UnaABejVTO1Cp5VDIcvOhIuRplYM/+IO6WfK6ixcx0j8ubAI0oFbpvXzNhFLq Bcv++FyQxIb7+HuuGpuncuhomUjIUoB03sPlZOapQJHEIMLoMfiJ1MeoJuLLRfbK+W hversCAoOF+DwXX7NYd7zNuxI7vTE3pL/5b1bK9EhSIfxsa5vbPb/ygE81/20ISclR K2jlEj4g2+clmNv8Qr30oj/UPy893mMbEGD7DDlB75AWz30K2roX9gWB+mvBjYm7Fi b8QxyQNSqy3jw== X-Virus-Checked: Checked by ClamAV on apache.org --gW0gOo47STQjCrMDw708r7sN4lSCoAFmV Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Mark, On 9/13/13 9:16 AM, Mark Thomas wrote: > The Javadoc for ServletContext#getResource() [3] is clear. The containe= r > must provide a URL for every resource and that URL must be usable. Usable by whom? (Sounds like a dumb question, but please see below) > There > is an immediate issue with resources located inside the > META-INF/resources directory of a JAR which is itself located inside a > WAR when unpacking WARs is disabled. There is no support from the JRE > for accessing those resources with a URL. If the JRE does not support this, then I don't believe it's possible to return a URL to the caller that is "usable" unless the URL is accompanied by a URL handler that Tomcat also provides. If the URL must be universally applicable (e.g. works outside of Tomcat, works with custom URL handlers that subvert Tomcat's hooks, etc.), then I believe this is an impossible situation. > I see three possible solutions to this: > a) Unpack JAR resources to the work dir and return a URL to the unpacke= d > location -1 due to security considerations plus it really should be possible to run without expanding WAR files. > b) Restore something like the jndi url scheme (renamed to tomcat to > reduce the likelihood of clashes) You could use any kind of URL scheme, right? There's no reason that the scheme needs to be conflated with JNDI -- unless there is something that makes the combination of the two advantageous. > c) Create a war url scheme only for accessing resources inside WARs I kind of like this: it just seems like architecturally the right decision (the problem is the URL, so fix the URL/handler instead of writing a whole new subsystem to get around it). Plus, it's going to be much less work and will probably handle all the currently-desired cases. If it doesn't stand the test of time, you can always invest the time in re-writing a whole bunch of stuff. > In trying to decide between b) and c) I came to the conclusion that it > would be better to keep the war:// url scheme and generic tomcat:// url= > schemes separated even if we went for option b). Therefore, I intend to= > go ahead with implementing c) and keep an eye on the users and dev list= > to see if a case for implementing b) emerges. +1 -chris --gW0gOo47STQjCrMDw708r7sN4lSCoAFmV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSMzwRAAoJEBzwKT+lPKRYTxAP/An1VhjGQCDNaOrhlwu++1mN UdIwcampL+bBM7ylQr/qQsWEOsLpW1LsE/w8bp60on+w0AtPmDVsvBEaVNr6ZY1S 8fnf1P+csw38YLsBv8hDom/Z8YWYExHKa0qPbu4ieVaQUSQ9hRPvI0/Rl+ITEYB3 gLTmz9uH4NpUD0ynDiOQMvRGyQqbJtmOlcBnFSENFsTUd6pNZfauYtCc8e7GfO0Q OoPgYxw287pofovBYdfQAJ34Hl6msFW3ojMxAeVUA+FpQhQcItrxJ/TSYRBECYk3 UixGYmSqyOYD3+0XsOPldyl7SLyTEp11VCE1tteX1YcSlw5QaFELBWp+Vaw5J6+V x7EMftgu3bMtDhHW9BVo+Xqfn1Y+CYqeYvTMD+RxIyge3QH0RyPG7SfZJkaj+D3X eZYBKKbCqgWLnB/I6jjzZknc6ARzylEeO+7wntq4pRe0mqii7eAfp+8jQ2szy/XF kITJELVsOYQwDz7O63PfnWJWT4PZOMZ7xrjkHGN9rifofMvXsGrx+D2G7oYjNvDb WQDBi64LYYXYCJllQyqX1Lq2Zjw9IsTQ18FVkgRaZMw27OMksCS58x6UdlYw3DEY XB/TzKZsHnIKfN+Rk/8M75NtgKy4xSdwbjfnMTf2Gr2uejOMlcNxMX7FvvqnsC01 /yJr1NjfTkr4wEYJgaJW =kSNn -----END PGP SIGNATURE----- --gW0gOo47STQjCrMDw708r7sN4lSCoAFmV--