tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 55675] New: Checking and handling invalid configuration option values
Date Fri, 18 Oct 2013 22:00:53 GMT

            Bug ID: 55675
           Summary: Checking and handling invalid configuration option
           Product: Tomcat 8
           Version: trunk
          Hardware: PC
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina

Hi all,

I was using Tomcat for a while, but found Tomcat sometimes does not handle
misconfiguration well, which causes unnecessary confusion. 

Specifically, when users provide a wrong configuration option and Tomcat
produces a wrong result (or crashes), Tomcat should explicitly dump error
message pointing to the mis-configured option, rather than just dumping stack
traces, or simply restoring to the default behavior. At least, the invalid
configuration values should be logged. 

Strictly speaking, this may not be a bug, but (I think) it is definitely worth
improving to give better user experience. I have found many places in Tomcat.
Here is a very simple case for illustration purpose (I have more complex
examples, which I can post if they are of general interest):


public long getDropTime() {
        String p = properties.getProperty("memberDropTime");
        return new Long(p).longValue();

If a careless user uses "1o" (not 0) as the value of configuration option:
"memberDropTime", Tomcat will throw an exception when parsing this string.
Similar cases occur to me a few times; often, the effect of a misconfigured
option propagates through the program and causes some *delayed* problem, making
it even harder to localize the original misconfigured option.

I would suggest to add timely check immediate after reading a configuration
option value. For the above case, check whether p is a long value or not, and
also checking its permitted ranges. (yes, many places in Tomcat do this, but
still many places like the above case miss the checking). I would like Tomcat
to explicitly warn the user (or at least log) which option is misconfigured
rather than delaying the effect until the program crashes.

I found a couple of such places. and wondering whether Tomcat developers would
like to know them, and how do you think about such "mis-handling"? 



You are receiving this mail because:
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message