On Wed, 1 Aug 2001, Christopher Cain wrote:
> Yep, I can certainly implement it that way if you like. How does that
> jive with the current server.xml setup, though? Isn't there still a
> separate <Connector> tag in 3.3 for SSL? Does that then go away in favor
> of the Interceptor, or does the Interceptor become the "secured" cert
> option and the current connector become the "unsecured" option (with
> appropriate commenting, of course)?
The interceptors are the extension mechanism for tomcat3.3 ( well, all
functionality in 3.3 is implemented in interceptors/modules ).
That includes request processing, but also configuration, listening for
connections, threads, etc ( similar with Apache2.0 and MPM ).
> Also, I'm a little confused about why an Interceptor makes sense here.
> All I need to do is prompt for a password on container startup, then use
> that value to open the keystore rather than grabbing it from the
> "keystorePass" parameter on the <Connector> tag. Isn't the purpose of
> Interceptors to process client requests (can you tell I've never used
> them :-)? Maybe I just need a little clarification.
The "<Connector>" is just a module ( interceptor ) like any other.
BTW, server.xml is read by ServerXmlInterceptor, web.xml is read by
WebXmlInterceptor, users are read by SimpleRealm ( another interceptor ).
Tomcat itself just provide the core objects ( Request, etc), stores the
list of contexts and modules, and calls back the various hooks that are
implemented in modules.
> I assume you didn't like my "grab the keystorePass attribute if it's
> there, prompt if it's not idea"?
It should work ok, but it requires changes to the Http listener
interceptor, and I think it would be better to just use the normal setter.
Costin
