On Fri, Aug 7, 2009 at 10:33, M4N - Arjan Tijms <arjan.ti...@m4n.nl> wrote:
> Either you trust the web application or you don't. If you don't trust the > web application the maintainer of a Tomcat instance puts his own context.xml > in conf/Catalina, thereby overriding whatever the web application defines. > If you do trust the web application, you don't put anything in > conf/Catalina. Unfortunately it's not that simple. Take for example the most common case, a <Resource> definition for a JDBC database connection. The app writer has to provide part of the definition (the resource name, e.g. "jdbc/myAppDB") and the sysadmin has to provide another part (the address of the DB server). When the application vendor is different from the installer/maintainer, the context.xml has to be customized at install time. With most software, you get a text file that has to be edited to customize the configuration data before you run the app. The difference with Tomcat is that the app is usually packed into a .war file and it's a PITA to edit context.xml and re-pack the .war. The alternative is to deploy the app (which will unpack context.xml into conf/Catalina and then crash) and then edit the site-specific configuration info. Neither way is terribly convenient. -- Len
