Roytman, Alex wrote:
Dear Tomcat developers,

I would like to implement context config file encryption. It is a pretty useful feature since passwords to various resources are stored in those files
Unfortunately the way how context config files are read is hard coded (InputSource for Digester is created from FileInputStream) and does not let me do so.


It would be great if tomcat 5.5 provided some pluggable ConfigFileLoader in 
HostConfig (and may be on Engine level as well) to return InputStream for a 
given config file name (or decorator for FileInputStream ).
It would be also great if it were possible to register context config file 
extensions other then *.xml - it would allow to use *.exml for encrypted XML 
config files (will save us a test of the file to se if it is encrypted or plain 
text)

If it is not possible to make this enhancement may be you could re-factor 
ContextConfig class so it can be effectively subclassed and its input stream 
logic altered

All you would need to do is to factor out

protected void processContextConfig(InputStream) {
}



from

protected void processContextConfig(File file) {
if (log.isDebugEnabled())
log.debug("Processing context [" + context.getName() + "] configuration file " + file);
// Add as watched resource so that cascade reload occurs if a default
// config file is modified/added/removed
context.addWatchedResource(file.getAbsolutePath());


        InputSource source = null;
        InputStream stream = null;
        try {
            if (file.exists()) {
                stream = new FileInputStream(file);
                source =
                    new InputSource("file://" + file.getAbsolutePath());
            } else if (log.isDebugEnabled()) {
                log.debug("Context [" + context.getName() + "] configuration file " + 
file + " not found");
            }
        } catch (Exception e) {
            log.error(sm.getString("contextConfig.defaultMissing") + file);
        }
        if (source == null)
            return;
        if (contextDigester == null){
            contextDigester = createContextDigester();
        }
        synchronized (contextDigester) {
            try {
                source.setByteStream(stream);

.....

If processContextConfig(InputStream) is available, we can override this method, read from encrypted stream, decrypt create decrypted stream in memory and pass it to the original (superclass) processContextConfig(InputStream)

You should be able to easily plug your own Host or Context listener for configuration.


Rémy

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Reply via email to