This is interesting. I'm forwarding it to the jboss dev list in case anyone there would like to comment.... Greg, This is the sort of thing I had in mind for the web-jetty.xml - it's great to see it being taken up so soon. Did you not think that there would be issues with trying to set up a virtual host deployment from the web-jetty.xml ? Could we clear this up ? I'd like to know whether this really is a solution, or not ? Jules
We're working toward offering jboss/jetty shared hosting accounts. In an effort to allow more flexibility, I just modified the code very slightly adding a registerHost(String) in HandlerContext that subsequently called addContext() on HttpServer. This way in the web-jetty.xml file, you can add virtual hosts very easily. It's been working fine. I didn't examine closely the extra code in addContext() that might cause duplicates to be in the map yet, though. There is of course one very big problem with doing this: This means that one user could try to specify a virtual host that belonged to someone else. So let's say the owner of mydomain.com put up his web application. But then on the same shared app server, another malicious user specified mydomain.com for his web application. Now exactly how Jetty would handle that is not really the issue--no matter how it did, it would potentially be disruptive, even if they just did something like mount a web app at: mydomain.com/makeFunOfMyDomain/ which would then look like it was put up by the owner of mydomain.com but wasn't. Anyway, there seems to be no easy way around it. I wanted to use the AutoDeploy functionality of JBoss and so didn't want to have to modify the jetty.xml file directly. In fact, since you can set up a listener from web-jetty.xml also, I think we could actually leave jetty.xml almost completely empty. Somehow I have to ensure that only an authorized owner of a domain name can use it to host their web app. Most of the ideas I have thought of so far are a little too complicated, so I'm trying to think of something simple and elegant. Anyway, if anyone has any ideas, I'd be happy to hear them. Thank you, Joel Shellman iKestrel Full Service Internet Solutions [ Design | Flash | eCommerce | Backend | Database | Hosting | Marketing ] http://www.ikestrel.com/ ------------------------ Yahoo! Groups Sponsor ---------------------~--> Secure your servers with 128-bit SSL encryption! Grab your copy of VeriSign's FREE Guide: "Securing Your Web Site for Business." Get it Now! http://us.click.yahoo.com/n7RbFC/zhwCAA/yigFAA/CefplB/TM ---------------------------------------------------------------------~-> For the latest information about Jetty, please see http://jetty.mortbay. Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
