tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rjgallac <rgallac...@ufi.com>
Subject RE: one webapp - two security constraints
Date Thu, 11 Feb 2010 16:18:30 GMT

that brilliant.  Thank you very much...  You've answered a lot of my
questions and then some
ta
Rob

n828cl wrote:
> 
>> From: rjgallac [mailto:rgallacher@ufi.com]
>> Subject: one webapp - two security constraints
> 
> You didn't bother to tell us the version of Tomcat you're using, so the
> following comments are based on using a 6.0.x level (but should also apply
> to 5.5.x).
> 
>> <Host name="host1" appBase="webapps/files" unpackWARs="true"
> 
> The appBase setting is wrong; it should be just "webapps", not
> "webapps/files".  Having appBase the same as any docBase is illegal.
> 
>> <Context path="" docBase="${catalina.home}/webapps/files">
> 
> It's really, really bad form to put <Context> elements in server.xml.  In
> addition, the above gets you *two* deployments for this <Host>, since the
> webapp will be deployed once as ROOT, and again as "files".  Name the
> webapp directory or .war file ROOT (case sensitive), move the <Context>
> element to webapps/ROOT/META-INF/context.xml where it belongs, and remove
> the illegal path and docBase attributes.
> 
>> 		<Host name="host2" appBase="webapps/files"
> 
> Ditto.
> 
>> <Context path="" docBase="${catalina.home}/webapps/files">
> 
> Ditto.
> 
>> So the question is two hosts. One web app.
> 
> No, you actually had four webapps, since there was double deployment for
> each <Host>.  Each <Host> will *always* have a separate copy of the
> webapp, even if they point to the same appBase.  (BTW, having two <Host>
> elements using the same appBase is a tad risky if you ever try
> redeployment on the fly.)  You cannot have multiple <Host> elements
> sharing a webapp in memory - it simply doesn't work that way.
> 
> You could use SecurityFilter to keep just one copy of the webapp and have
> that filter check for whether or not to apply the security constraint. 
> Look here for details:
> http://securityfilter.sourceforge.net/
> 
>  - Chuck
> 
> 
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If you
> received this in error, please contact the sender and delete the e-mail
> and its attachments from all computers.
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> 

-- 
View this message in context: http://old.nabble.com/one-webapp---two-security-constraints-tp27418280p27549907.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message