tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jaco Kroon <jkr...@cs.up.ac.za>
Subject RE: ManagerServlet (autherization on a percontext basis)
Date Wed, 17 Sep 2003 06:41:36 GMT
K, seems I can't.  Anyway, here is a link, hope it is available from 
outside the firewall ...

http://kanagawa.up.ac.za/~s21191493/tuksmanager.tgz

On Wed, 17 Sep 2003, Jaco Kroon wrote:

> I hope I can use attachments.
> 
> Ok, first off, there are a few issues with this, as I've said, it's quick 
> and extremely dirty.
> 
> Extract the archive, cd tuksmanager, ant.
> This will produce a .jar file (If I haven't left it lying around - hope 
> not).
> This jar file needs to go into ${CATALINA_HOME}/server/lib
> This jar file makes use of the org.apache.catalina.up namespace/package.
> There should be a web.xml file, which I used, if not, just create one, the 
> app doesn't require any params, so just a servlet and servlet-mapping will 
> do.
> The webapp needs to have privileged="true" set in order to function.
> 
> When changing the code, restart tomcat entirely :).
> 
> Be warned - it's ugly stuff, lots of error checking missing since I am the 
> only person with shell access, the stuff I don't check should never break, 
> if you want error checking, compare with 
> ${CATALINA_CVS}/catalina/src/share/org/apache/catalina/servlets/ManagerServlet.java
> 
> Jaco
> 
> On Tue, 16 Sep 2003, Jason Lanpher wrote:
> 
> > How about letting me see your code for your version of the manager app hack?
> > I would love to play with it and any doc's you create to go along with it.
> > 
> > Jason Lanpher
> >  
> > jlanpher@stealthnetworking.com
> >  
> > http://www.stealthnetworking.com
> >  
> > 
> > -----Original Message-----
> > From: Jaco Kroon [mailto:jaco@kroon.co.za] 
> > Sent: Tuesday, September 16, 2003 5:08 PM
> > To: Tomcat Users List
> > Subject: Re: ManagerServlet (autherization on a percontext basis)
> > 
> > 
> > Actually no, reloadable="true" will only reload the classes and lib 
> > directories (I've tried).  Also, having almost 315 (314 iirc) users on 
> > the system each with his/her own webapp can get quite bad.  Also, tomcat 
> > doesn't load all the contexts on startup unless there exists a 
> > WEB-INF/web.xml file.
> > 
> > So, I had two possible solutions to this:
> > 
> > 1.  Hack the startup scripts to ensure that there exists a 
> > WEB-INF/web.xml file - this does not solve the problem of users being 
> > able to reload web.xml
> > 
> > 2.  Hack the manager app.  This is the path that I followed, the results 
> > would have been viewable at http://hokusai.cs.up.ac.za:8080 but for the 
> > IT departments firewall ...
> > 
> > Each user is now required to log in, then he/she is presented with the 
> > options deploy,undeploy,start,stop,reload and my own creation restart, 
> > along with logout.
> > 
> > I've now moved on to having trouble with the security policy.  It dies 
> > on access denied to a file ${java.home}/jre/lib/xerces.properties, this 
> > same policy works fine on tc4.0.3, but tc4.1.26 dies a horrible, but 
> > quick death.
> > 
> > I see there is another thread on this also, my implementation is 
> > extremely specific to our specific setup (there is no time to do it the 
> > "correct" way - not that there seems to be one).
> > 
> > Jaco
> > 
> > Shapira, Yoav wrote:
> > > Howdy,
> > > You can't just set each <Context> to have reloadable="true" ?  That 
> > > will reload their webapp when they edit web.xml...
> > > 
> > > Yoav Shapira
> > > Millennium ChemInformatics
> > > 
> > > 
> > > 
> > >>-----Original Message-----
> > >>From: Jaco Kroon [mailto:jaco@kroon.co.za]
> > >>Sent: Sunday, September 14, 2003 12:15 PM
> > >>To: tomcat-user@jakarta.apache.org
> > >>Subject: ManagerServlet (autherization on a percontext basis)
> > >>
> > >>Hello,
> > >>
> > >>I need to allow users previliges to manage their applications on a 
> > >>per-context basis.  We are providing students with a webapp, where 
> > >>they need to build their practical.  However, whenever they change 
> > >>web.xml they need to be able to restart their webapp.
> > >>
> > >>Considering there are over 300 users I don't want to use the 
> > >>reloadable feature for the lib and classes directories either, as such 
> > >>I would prefer if I can just allow them to reload, start and stop 
> > >>their own webapps.
> > >>
> > >>Is there any existing way of doing this or will I have to continue my 
> > >>hack to rewrite the ManagerServlet (or at least implement a similar 
> > >>class and work it into tomcat?)
> > >>
> > >>btw, I'm using tomcat 4.0 (revision 0.3 at home and 1.24 where this 
> > >>has to be implemented actually).
> > >>
> > >>I'm currently having trouble creating a subclass of HttpServlet 
> > >>implementing ContainerServlet that'll actually load.
> > >>
> > >>Any ideas/help extremely welcome.
> > >>
> > >>Jaco
> > >>
> > >>
> > >>---------------------------------------------------------------------
> > >>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > >>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > > 
> > > 
> > > 
> > > 
> > > 
> > > This e-mail, including any attachments, is a confidential business 
> > > communication, and may contain information that is confidential, 
> > > proprietary and/or privileged.  This e-mail is intended only for the 
> > > individual(s) to whom it is addressed, and may not be saved, copied, 
> > > printed, disclosed or used by anyone else.  If you are not the(an) 
> > > intended recipient, please immediately delete this e-mail from your 
> > > computer system and notify the sender.  Thank you.
> > > 
> > > 
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > > 
> > > 
> > > 
> > 
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > 
> > 
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > 
> > 
> 

Mime
View raw message