tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jaco Kroon <jkr...@cs.up.ac.za>
Subject RE: ManagerServlet (autherization on a percontext basis)
Date Tue, 16 Sep 2003 22:30:09 GMT
I hope I can use attachments.

Ok, first off, there are a few issues with this, as I've said, it's quick 
and extremely dirty.

Extract the archive, cd tuksmanager, ant.
This will produce a .jar file (If I haven't left it lying around - hope 
not).
This jar file needs to go into ${CATALINA_HOME}/server/lib
This jar file makes use of the org.apache.catalina.up namespace/package.
There should be a web.xml file, which I used, if not, just create one, the 
app doesn't require any params, so just a servlet and servlet-mapping will 
do.
The webapp needs to have privileged="true" set in order to function.

When changing the code, restart tomcat entirely :).

Be warned - it's ugly stuff, lots of error checking missing since I am the 
only person with shell access, the stuff I don't check should never break, 
if you want error checking, compare with 
${CATALINA_CVS}/catalina/src/share/org/apache/catalina/servlets/ManagerServlet.java

Jaco

On Tue, 16 Sep 2003, Jason Lanpher wrote:

> How about letting me see your code for your version of the manager app hack?
> I would love to play with it and any doc's you create to go along with it.
> 
> Jason Lanpher
>  
> jlanpher@stealthnetworking.com
>  
> http://www.stealthnetworking.com
>  
> 
> -----Original Message-----
> From: Jaco Kroon [mailto:jaco@kroon.co.za] 
> Sent: Tuesday, September 16, 2003 5:08 PM
> To: Tomcat Users List
> Subject: Re: ManagerServlet (autherization on a percontext basis)
> 
> 
> Actually no, reloadable="true" will only reload the classes and lib 
> directories (I've tried).  Also, having almost 315 (314 iirc) users on 
> the system each with his/her own webapp can get quite bad.  Also, tomcat 
> doesn't load all the contexts on startup unless there exists a 
> WEB-INF/web.xml file.
> 
> So, I had two possible solutions to this:
> 
> 1.  Hack the startup scripts to ensure that there exists a 
> WEB-INF/web.xml file - this does not solve the problem of users being 
> able to reload web.xml
> 
> 2.  Hack the manager app.  This is the path that I followed, the results 
> would have been viewable at http://hokusai.cs.up.ac.za:8080 but for the 
> IT departments firewall ...
> 
> Each user is now required to log in, then he/she is presented with the 
> options deploy,undeploy,start,stop,reload and my own creation restart, 
> along with logout.
> 
> I've now moved on to having trouble with the security policy.  It dies 
> on access denied to a file ${java.home}/jre/lib/xerces.properties, this 
> same policy works fine on tc4.0.3, but tc4.1.26 dies a horrible, but 
> quick death.
> 
> I see there is another thread on this also, my implementation is 
> extremely specific to our specific setup (there is no time to do it the 
> "correct" way - not that there seems to be one).
> 
> Jaco
> 
> Shapira, Yoav wrote:
> > Howdy,
> > You can't just set each <Context> to have reloadable="true" ?  That 
> > will reload their webapp when they edit web.xml...
> > 
> > Yoav Shapira
> > Millennium ChemInformatics
> > 
> > 
> > 
> >>-----Original Message-----
> >>From: Jaco Kroon [mailto:jaco@kroon.co.za]
> >>Sent: Sunday, September 14, 2003 12:15 PM
> >>To: tomcat-user@jakarta.apache.org
> >>Subject: ManagerServlet (autherization on a percontext basis)
> >>
> >>Hello,
> >>
> >>I need to allow users previliges to manage their applications on a 
> >>per-context basis.  We are providing students with a webapp, where 
> >>they need to build their practical.  However, whenever they change 
> >>web.xml they need to be able to restart their webapp.
> >>
> >>Considering there are over 300 users I don't want to use the 
> >>reloadable feature for the lib and classes directories either, as such 
> >>I would prefer if I can just allow them to reload, start and stop 
> >>their own webapps.
> >>
> >>Is there any existing way of doing this or will I have to continue my 
> >>hack to rewrite the ManagerServlet (or at least implement a similar 
> >>class and work it into tomcat?)
> >>
> >>btw, I'm using tomcat 4.0 (revision 0.3 at home and 1.24 where this 
> >>has to be implemented actually).
> >>
> >>I'm currently having trouble creating a subclass of HttpServlet 
> >>implementing ContainerServlet that'll actually load.
> >>
> >>Any ideas/help extremely welcome.
> >>
> >>Jaco
> >>
> >>
> >>---------------------------------------------------------------------
> >>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > 
> > 
> > 
> > 
> > 
> > This e-mail, including any attachments, is a confidential business 
> > communication, and may contain information that is confidential, 
> > proprietary and/or privileged.  This e-mail is intended only for the 
> > individual(s) to whom it is addressed, and may not be saved, copied, 
> > printed, disclosed or used by anyone else.  If you are not the(an) 
> > intended recipient, please immediately delete this e-mail from your 
> > computer system and notify the sender.  Thank you.
> > 
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > 
> > 
> > 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
Mime
  • Unnamed multipart/mixed (inline, None, 0 bytes)
View raw message