The fact is "grant codeBase" doesn't accept war file.
For example, I use Java Security Manager and want to allow ONLY webapp_1
write to /home/data. If I take "unpacked" dir approach, I would
grant codeBase "file:${Catalina.home}/webapps/webapp_1/-" {
permission java.io.FilePermission "/home/data/*","read,write";
};
But with java security manager, I will be forced to grant read/write to all
the webapps
grant {
Permission......;
};
So IMHO war only works for non-secured applications.
-----Original Message-----
From: Tim Shaw [mailto:[EMAIL PROTECTED]
Sent: June 25, 2003 2:28 PM
To: Tomcat Users List
Subject: Re: Tomcat's Ant Tasks
I haven't used the -security - access is by trusted souls (and
developers :-) on a closed network. I would tend to treat this as
othogonal to the development anyway, much as DB access and configuration
is within the J2EE environments.
I see install etc are deprecated in favour of deploy/undeploy in TC5, so
I guess I found the right route ...
Phillip Qin wrote:
> Do you use Tomcat? Do you start Tomcat with -security?
>
> -----Original Message-----
> From: Tim Shaw [mailto:[EMAIL PROTECTED]
> Sent: June 25, 2003 11:34 AM
> To: Tomcat Users List
> Subject: Re: Tomcat's Ant Tasks
>
> Personally, I use deploy/undeploy, even during development - saves
> worrying about copying files around and mapping network drives etc
> (apart from anything, I run load-tests automatically on both W2K and
> Linux servers, scripted from Ant). This is the way I work remotely/in
> production, and it's not a big overhead ... although I'd like to see
> recommendations as to size/whatever where performance difference became
> 'significant' [5 secs?]. For development I just have a local
> TC/MySQL/... setup - the only thing I ever need to change is the server
> hostname.
>
> Anyone think a comment on the plus/minus of the approaches worth
> following up?
>
> Thanks
>
> tim
>
> Phillip Qin wrote:
>
>>As I said in my previous post, I gave up using tomcat ant task to deploy
>
> my
>
>>app on production box due to the difficulty of granting permission to war.
>>If you don't start tomcat -security, catalina ant tasks are still the
>>easiest way to go.
>>
>>My lesson learnt from using Catalina tasks is, most of the errors are
>
> caused
>
>>by wrong path= and/or war=. Following suggestions are based on linux
>>
>>- install:
>>
>>path="${your.app.path}"
>>war="file:/${your.unpacked.dir.containing.your.webapp}" or
>>war="jar:file:/${your.dir.containing.war}/${your.war}!/"
>>
>>- remove: only works if you've "install"ed before
>>
>>path="${your.app.path}"
>>
>>- reload
>>
>>path="${your.app.path}"
>>
>>Other comments:
>>
>>Theoretically, correct me if I am wrong, if I install my webapp from my
>>local dev box to remote server, install task will lock your local dir as
>>in-use on win32 box.
>>
>>-----Original Message-----
>>From: Raible, Matt [mailto:[EMAIL PROTECTED]
>>Sent: June 24, 2003 6:19 PM
>>To: '[EMAIL PROTECTED]'
>>Subject: Tomcat's Ant Tasks
>>
>>I'm having trouble using Tomcat's Ant Tasks. I've written up a wiki page
>
> on
>
>>how I'm using them and the problems I'm experiencing. Any help is
>>appreciated.
>>
>>http://raibledesigns.com/wiki/Wiki.jsp?page=TomcatAntTasks
>>
>>Thanks,
>>
>>Matt
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: [EMAIL PROTECTED]
>>For additional commands, e-mail: [EMAIL PROTECTED]
>>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
