Resin Documentationapp server |
web application: tags
Web applications are configured with the <web-app> tag, which can occur in a number of places.
child of <web-app>
<access-log> configures a HTTP access log for an indivitual web-app. See access-log in the <host> tag for more information. child of <web-app>
<active-wait-time> sets a 503 busy timeout for requests trying to access a restarting web-app. If the timeout expires before the web-app complete initialization, the request will return a 503 Busy HTTP response. element active-wait-time { r_period-Type } child of <web-app>
The <allow-servlet-el> flag configures whether <servlet> tags allow EL expressions in the init-param. element allow-servlet-el { r_boolean-Type } child of <web-app>
<archive-path> configures the location of the web-app's .war file. In some configurations, the .war expansion might not use the directory, but will still want automatic war expantion.element archive-path { r_path-Type } <resin xmlns="http://caucho.com/ns/resin"> <cluster id=""> <host id=""> <web-app id="/foo" root-directory="/var/www/foo" archive-path="/var/www/wars/foo.war"/> </host> </cluster> </resin> child of <security-constraint>
Requires that authenticated users fill the specified role. In Resin's JdbcAuthenticator, normal users are in the "user" role. Think of a role as a group of users. The roles are defined by the authenticators (see Resin security). When using Resin's <management> authentication as a default, the role name is . (See Resin management.)
element auth-constraint { description*, role-name* } The following example protects the /admin subdirectory of a web-app by requiring a user to logon with Resin's <management> users, i.e. using the same requirement as /resin-admin. <web-app xmlns="http://caucho.com/ns/resin"> <login uri="basic:"/> <security-constraint url-pattern="/admin/*"> <auth-constraint role-name="resin-admin"/> </security-constraint> </web-app> child of <web-app>
<cache-mapping> specifies and times for cacheable pages.See caching for more information. <cache-mapping> is intended to provide Expires times for pages that have ETags or Last-Modified specified, but do not wish to hard-code the max-age timeout in the servlet. For example, Resin's FileServlet relies on cache-mapping to set the expires times for static pages. Using cache-mapping lets cacheable pages be configured in a standard manner. <cache-mapping> does not automatically make pages cacheable. Your servlets must already set the (or Last-Modified) header to activate <cache-mapping>.
The time interval defaults to seconds, but will allow other periods:
element cache-mapping { (url-pattern | url-regexp) & expires? & max-age? & s-max-age? }
<web-app xmlns="http://caucho.com/ns/resin"> <cache-mapping url-pattern='/*' max-age='10'/> <cache-mapping url-pattern='*.gif' max-age='15m'/> </web-app> child of <security-constraint>
Defines a custom constraint. Applications can define their own security constraints to handle custom authentication requirements.
element constraint { class & init? } child of <web-app>
Initializes application (ServletContext) variables.
element context-param { (param-name, param-value)* | (attribute * { string })* | (element * { string })* } <web-app xmlns="http://caucho.com/ns/resin"> <context-param> <param-name>baz</param-name> <param-value>value</param-value> </context-param> <!-- shortcut --> <context-param foo="bar"/> </web-app> child of <web-app>
The <cookie-http-only> flag configures the Http-Only attribute for all Cookies generated from the web-app. The Http-Only attribute can add security to a website by not forwarding HTTP cookies to SSL HTTPS requests. element cookie-http-only { r_boolean-Type } <resin xmlns="http://caucho.com/ns/resin"> <cluster id=""> <host id="www.foo.com"> <web-app id="" root-directory="/var/www/foo"> <cookie-http-only>true</cookie-http-only> <web-app id=""> </host> <host id="www.foo.com:443"> <web-app id="" root-directory="/var/www/foo-secure"> <secure/> <web-app id=""> </host> </cluster> </resin> child of <host>,<web-app>
Specifies ear expansion. ear-deploy can be used in web-apps to define a subdirectory for ear expansion.
element ear-deploy { path & archive-directory? & ear-default? & expand-cleanup-fileset? & expand-directory? & expand-path? & expand-prefix? & expand-suffix? & lazy-init? & redeploy-mode? & require-file* & url-prefix? } child of <web-app>
element error-page { (error-code | exception-type)? & location } By default, Resin returns a 500 Servlet Error and a stack trace for exceptions and a simple 404 File Not Found for error pages. Applications can customize the response generated for errors. <web-app xmlns="http://caucho.com/ns/resin"> <error-page> <error-code>404</error-code> <location>/file_not_found.jsp</location> </error-page> </web-app> <web-app xmlns="http://caucho.com/ns/resin"> <error-page exception-type="java.lang.NullPointerException" location="/nullpointer.jsp"/> </web-app> The error page can use request attributes to obtain information about the request that caused the error: <%@ page session="false" isErrorPage="true" %> <html> <head><title>404 Not Found</title></head> <body> <h1>404 Not Found</h1> The url <code>${requestScope["javax.servlet.error.request_uri"]}</code> was not found. </body> </html> Defines a filter name for later mapping. Because Filters are fully integrated with Resin-IoC, they can use dependency-injection, transactional aspects, custom interception with @InterceptorType, and event handling with @Observes.
element filter { filter-name & filter-class & init* & init-param* } The following example defines a filter alias 'image' <web-app xmlns="http://caucho.com/ns/resin"> <filter> <filter-name>image</filter-name> <filter-class>test.MyImage</filter-class> <init-param> <param-name>title</param-name> <param-value>Hello, World</param-value> </init-param> </filter> <filter-mapping> <filter-name>image</filter-name> <url-pattern>/images/*</url-pattern> </filter-mapping> </web-app> The full Servlet 2.3 syntax for is supported as well as a simple shortcut.<web-app id='/'> <filter filter-name='test.HelloWorld'> <init-param foo='bar'/> <init-param> <param-name>baz</param-name> <param-value>value</param-value> </init-param> </servlet> </web-app> Maps url patterns to filters. has two children, and . selects the urls which should execute the filter.
element filter-mapping { (url-pattern | url-regexp | servlet-name)+ & filter-name & dispatcher* } <web-app xmlns="http://caucho.com/ns/resin"> <filter> <filter-name>test-filter</filter-name> <filter-class>test.MyFilter</filter-class> </filter> <filter-mapping> <filter-name>test-filter</filter-name> <url-pattern>/hello/*</url-pattern> </filter-mapping> <servlet> <servlet-name>hello</servlet-name> <servlet-class>test.HelloWorld</servlet-class> </servlet> <servlet-mapping> <servlet-name>hello</servlet-name> <url-pattern>/hello</url-pattern> </servlet-mapping> </web-app>
child of <login-config>
Configures authentication using forms. The login form has specific parameters that the servlet engine's login form processing understands. If the login succeeds, the user will see the original page. If it fails, she will see the error page.
The form itself must have the action . It must also have the parameters and . Optionally, it can also have and . gives the next page to display when login succeeds. allows Resin to send a persistent cookie to the user to make following login easier.gives control to the user whether to generate a persistent cookie. It lets you implement the "remember me" button. By default, the authentication only lasts for a single session.
element form-login-config { form-login-page, form-error-page, internal-forward, form-uri-priority } The following is an example of a servlet-standard login page: <form action='j_security_check' method='POST'> <table> <tr><td>User:<td><input name='j_username'> <tr><td>Password:<td><input name='j_password'> <tr><td colspan=2>hint: the password is 'quidditch' <tr><td><input type=submit> </table> </form> child of <web-app>
The <idle-time> specifies the timeout for lazy-idle web-apps. In some configurations, web-apps are created only on demand and are closed when no requests access the web-app. The idle-time configures when those web-apps should be freed. For example, the resin-doc web-app uses idle-time for its child web-apps because there are a large number of sub-web-apps for the individual tutorials. element idle-time { r_period-Type } child of <web-app>
Configures JSP behavior.
element jsp { auto-compile & deferred-syntax-allowed-as-literal? & dependency-check-interval? & el-ignored? & fast-jsf? & fast-jstl? & ide-hack? & ignore-el-exception? & is-xml? & page-encoding? & precompile? & print-null-as-blank? & recompile-on-error? & recycle-tags? & require-source? & scripting-invalid? & session? & static-page-generates-class? & tld-dir? & tld-file-set? & trim-directive-whitespaces? & validate-taglib-schema? & velocity-enabled? } <jsp-config> configure standard settings for JSP files.
element jsp-config { taglib*, jsp-property-group* } element jsp-property-group { url-pattern*, deferred-syntax-allowed-as-literal?, el-ignored?, page-encoding? scripting-invalid? trim-directive-whitespaces? is-xml? include-prelude* include-coda* } <lazy-servlet-validate> defers validation of servlet classes until the servlet is used. Some servlet libraries are bundled with web.xml files which include servlets with no available classes. Since Resin will normally send an error in this situation, <lazy-servlet-validate> lets you turn the validation off. element lazy-servlet-validate { r_boolean-Type } <listener> configures servlet event listeners. The listeners are registered based on interfaces they implement. The listener instances are fully Resin-IoC aware, including dependency injection, observing events, and supporting aspects.
element listener { listener-class, init? } child of <web-app>
default no authenticationConfigures the login method for authentication, one of BASIC, DIGEST or FORM. See also: Resin security for an overview.
HTTP Authentication is defined in the RFC HTTP Authentication: Basic and Digest. HTTP digest authentication is discussed in Digest Passwords. element login-config { class? & auth-method? & authenticator? & form-login-config? & init? & realm-name? child of <web-app>
Maps url patterns to mime-types.
element mime-mapping { extension, mime-type } <web-app xmlns="http://caucho.com/ns/resin"> <mime-mapping> <extension>.foo</extension> <mime-type>text/html</mime-type> </mime-mapping> <!-- resin shortcut syntax --> <mime-mapping extension='.bar' mime-type='text/html'/> </web-app> Resin has a long list of default mime types in child of <web-app>
Enables multipart-mime for forms and file uploads. multipart-mime is disabled by default. For an uploaded file with a form name of , the parameter value contains the path name to a temporary file containing the uploaded file. contains the uploaded filename, and contains the content-type of the uploaded file.
If the upload is larger than the limit or if multipart-form processing is disabled, Resin will not parse the request and will set an error message in the " " request attribute. The " " will contain the attempted upload size.Requests can set the maximum by setting the request attribute " " with an Integer or Long value.By default, multipart-form is disabled. element multipart-form { enable? & upload-max? } child of <web-app>
Maps url patterns to real paths. If using a server like IIS, you may need to match the server's path aliases.
element path-mapping { (url-pattern | url-regexp) & real-path } <web-app xmlns="http://caucho.com/ns/resin"> <path-mapping url-pattern='/resin/*' real-path='e:\resin'/> <path-mapping url-regexp='/~([^/]*)' real-path='e:\home\$1'/> </web-app> child of <servlet>,<servlet-mapping>
<protocol> configures a remoting protocol for a Java bean. The bean is configured with the <servlet> and <servlet-mapping> tags, since it will process HTTP URL requests. Protocol drivers extend the AbstractProtocolServletFactory interface and can register a URI alias to simplify configuration.
element protocol { (class | uri) & init? } <web-app xmlns="http://caucho.com/ns/resin"> <servlet-mapping url-pattern="/hello"> servlet-class="example.MyHello"> <protocol uri="hessian:"/> </servlet-mapping> </web-app> child of <web-app>
default 60s<redeploy-check-interval> specifies how often Resin should check if a .war file has been updated or added to a <web-app-deploy> directory. element redeploy-check-interval { r_period-Type } child of <web-app>
default automatic<redeploy-mode> specifies how Resin handles updates to web-apps and .war files. By default, Resin restarts web-apps when classes or configuration files change.
element redeploy-mode { automatic | manual } child of <cluster>,<host>,<web-app>
See the Resource tag documentation for a full list of resources available to the web-app. All resource tags are available to the <web-app>, like databases, IoC beans and components, EJB stateful, stateless and message beans, JMS queues, remote clients, etc. <web-app xmlns="http://caucho.com/ns/resin"> <database jndi-name="jdbc/test"> <driver type="org.postgresql.Driver"> <url>jdbc:postgresql://localhost/test</url> <user>caucho</user> </driver> </database> </web-app> <web-app xmlns="http://caucho.com/ns/resin"> <bean jndi-name="jdbc/test" type="example.Theater> <init name="Balboa Theater"> <movie title="Attack of the Killer Tomatoes"/> <movie title="Snakes on a Plane"/> <movie title="Casablanca"/> </init> </bean> </web-app> child of <cluster>,<host>,<web-app>
<rewrite-dispatch> defines a set of rewriting rules for dispatching and forwarding URLs. Applications can use these rules to redirect old URLs to their new replacements. See rewrite-dispatch for more details. <web-app xmlns="http://caucho.com/ns/resin"> <rewrite-dispatch> <dispatch regexp="\.(php|gif|css|jpg|png)"/> <forward regexp="^" target="/index.php"/> </rewrite-dispatch> </web-app> child of <cluster>,<host>,<web-app>
<rewrite-real-path> lets you rewrite the URL to physical path mapping, to allow aliasing or for filesystem organization.
element rewrite-real-path { element rewrite { regexp & replacement }* & element rewrite { regexp & target }* } <web-app xmlns="http://caucho.com/ns/resin"> <rewrite-real-path> <real-path regexp="^/foo" target="/bar"/> </rewrite-real-path> </web-app> child of <web-app>
The <secure> flag requires that the web-app only be accessed in a secure/SSL mode. Equivalent to a <security-constraint>. element secure { r_boolean-Type } child of <web-app>
Specifies protected areas of the web site. Sites using authentication as an optional personalization feature will typically not use any security constraints. See Resin security for an overview. Security constraints can also be custom classes. See Resin security for an overview of security issues and configuration.
element security-constraint { auth-constraint* & constraint* & ip-constraint* & role-name* & user-data-constraint* & url-pattern? & web-resource-collection* } <web-app xmlns="http://caucho.com/ns/resin"> <security-constraint> <web-resource-collection> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint role-name='user'> </security-constraint> </web-app> Defines a servlet to process HTTP URL requests. The servlet class can either implement javax.servlet.Servlet to handle the HTTP request directly or it can use a remoting protocol like SOAP or Hessian to handle remoting requests. Since servlets are full Resin-IoC beans, they can use dependency injection, EJB aspects like @TransactionAttribute, custom @InterceptorType interceptors, and listen for @Observes events.
element servlet { servlet-name < (servlet-class | jsp-file) < init* < init-param* < load-on-startup? < protocol? < run-as? < run-at? } <web-app xmlns="http://caucho.com/ns"> <servlet> <servlet-name>hello</servlet-name> <servlet-class>test.HelloWorld</servlet-class> <init-param> <param-name>title</param-name> <param-value>Hello, World</param-value> </init-param> </servlet> <!-- using Resin shortcut syntax --> <servlet servlet-name='cron' servlet-class='test.DailyChores'> <init-param title='Daily Chores'/> <load-on-startup/> <run-at>3:00</run-at> </servlet> <!-- mapping a url to use the servlet --> <servlet-mapping url-pattern='/hello.html' servlet-name='hello'/> </web-app> Several configurations might configure the same servlet class with different values. Each will have a separate .<web-app xmlns="http://caucho.com/ns/resin"> <servlet servlet-name='foo-a'> <servlet-class>test.FooServlet</servlet-class> <init-param name='foo-a sample'/> </servlet> <servlet servlet-name='foo-b'> <servlet-class>test.FooServlet</servlet-class> <init-param name='foo-b sample'/> </servlet> </web-app> can specify an (optional) integer value. If the value is 0 or greater, it indicates an order for servlets to be loaded, servlets with higher numbers get loaded after servlets with lower numbers. There are a number of named servlets that are usually available to a Resin application, as defined in .<servlet servlet-name="directory" servlet-class="com.caucho.servlets.DirectoryServlet"/> <servlet servlet-name="file" servlet-class="com.caucho.servlets.FileServlet"/> <servlet servlet-name="jsp" servlet-class="com.caucho.jsp.JspServlet"/> <servlet servlet-name="xtp" servlet-class="com.caucho.jsp.XtpServlet"/> <servlet servlet-name="j_security_check" servlet-class="com.caucho.server.security.FormLoginServlet"/> Maps url patterns to servlets. has two children, and . selects the urls which should execute the servlet.
element servlet-mapping { init? & protocol? & servlet-class? & servlet-name? < url-pattern* < url-regexp* } <web-app xmlns="http://caucho.com/ns/resin"> <servlet> <servlet-name>hello</servlet-name> <servlet-class>test.HelloWorld</servlet-class> </servlet> <servlet-mapping> <url-pattern>/hello.html</servlet-class> <servlet-name>hello</servlet-class> </servlet-mapping> <!-- resin shortcut syntax --> <servlet-mapping url-pattern='*.xtp' servlet-name='com.caucho.jsp.XtpServlet'/> </web-app>
In Resin, the special <web-app xmlns="http://caucho.com/ns/resin"> <!-- used with urls like http://localhost:8080/servlets/test.HelloServlet --> <servlet-mapping url-pattern="/servlet/*" servlet-name="invoker"/> </web-app> There are a number of mappings to servlets that are usually available to a Resin application, as defined in .<cluster> <web-app-default> <servlet-mapping url-pattern="*.jsp" servlet-name="jsp"/> <servlet-mapping url-pattern="*.xtp" servlet-name="xtp"/> <servlet-mapping url-pattern="/servlet/*" servlet-name="invoker"/> <servlet-mapping url-pattern="/" servlet-name="file"/> </web-app-default> </cluster> The plugins use servlet-mapping to decide which URLs to send to Resin. The following servlet-name values are used by the plugins:
Maps URL by regular expressions to custom servlets. element servlet-regexp { init? & servlet-class? & servlet-name? & url-regexp } <servlet-regexp url-regexp="/([^.]*).do" servlet-class="qa.\${regexp[1]}Servlet"> <init a="b"/> </servlet-regexp> <session-config> configures Resin's session handling, including the cookies Resin sends, the maximum sessions, and session persistence and clustering. See also: Resin clustering for more information about distributed sessions and persistence.
element session-config { always-load-session? & always-save-session? & cookie-append-server-index? & cookie-domain? & cookie-length? & cookie-max-age? & cookie-port? & cookie-secure? & cookie-version? & enable-cookies? & enable-url-rewriting? & ignore-serialization-errors? & invalidate-after-listener? & reuse-session-id? & save-mode? & save-on-shutdown? & serialization-type? & session-max? & session-timeout? & use-persistent-store? } The <web-app id='/dir'> <session-config> <!-- 2 hour timeout --> <session-timeout>120</session-timeout> <session-max>4096</session-max> </session-config> </web-app> is used to limit the maximum length for the session's generated cookie for special situations like WAP devices. Reducing this value reduces the randomness in the cookie and increases the chance of session collisions. defaults to true so that Resin can share the session id amongst different web-apps. The class that corresponds to <session-config> is The maximum time Resin will wait for requests to finish before closing the web-app. default 15selement shutdown-wait-max { r_period-Type } <statistics-enable> enables more detailed statistics for the
element statistics-enable { r_boolean-Type } Forces servlet-mapping to follow strict Servlet 2.2, disallowing PATH_INFO. Value is or .element strict-mapping { r_boolean-Type } <web-app xmlns="http://caucho.com/ns/resin"> <strict-mapping>true</strict-mapping> </web-app> child of <security-constraint>
Restricts access to secure transports, such as SSL
element user-data-constraint { transport-guarantee } child of <host>,<web-app>
web-app configures a web application.
When specified by , the application will be initialized on server start. When specified by , the application will be initialized at the first request. This means that servlets may start later than expected for applications.The following example creates a web-app for /apache using the Apache htdocs directory to serve pages. <host id=''> <web-app id='/apache' document-directory='/usr/local/apache/htdocs'> ... </host> The following example sets the root web-app to the IIS root directory. <web-app id='/' document-directory='C:/inetpub/wwwroot'> When the is specified with a , can use replacement variables ( ).In the following, each user gets his or her own independent application using .<host id=''> <web-app url-regexp='/~([^/]*)' document-directory='/home/$1/public_html'> ... </web-app> </host> child of <cluster>,<host>,<web-app>
Establishes the defaults for a <web-app>. When initializing a web-app, all the tags in the web-app-defaults sections configure the web-app. In other words, the web-app-default value is essentially a macro that is cut-and-pasted before the web-app configuration. web-app-default is used for defining server-wide behavior, like *.jsp handling, and for host-wide behavior. <host> <web-app-default> <servlet servlet-name='test' servlet-class='test.MyServlet'/> <servlet-mapping url-pattern='*.text' servlet-class='test'/> </web-app-default> </host> child of <host>,<web-app>
Specifies war expansion. web-app-deploy can be used in web-apps to define a subdirectory for war expansion. The tutorials in the documentation use web-app-deploy to allow servlet/tutorial/helloworld to be an independent war file.
element web-app-deploy { archive-directory? expand-cleanup-fileset? expand-directory? expand-prefix? expand-suffix? path? redeploy-check-interval? redeploy-mode? require-file* startup-mode? url-prefix? versioning? web-app-default* web-app* } Overriding web-app-deploy configurationThe web-app-deploy can override configuration for an expanded war with a matching <web-app> inside the <web-app-deploy>. The <document-directory> is used to match web-apps. <resin xmlns="http://caucho.com/ns/resin"> <cluster id=""> <host id=""> <web-app-deploy path="webapps"> <web-app context-path="/wiki" document-directory="wiki"> <context-param database="jdbc/wiki"> </web-app> </web-app-deploy> </host> </cluster> </resin> versioningThe versioning attribute of the <web-app-deploy> tag improves web-app version updates by enabling a graceful update of sessions. The web-apps are named with numeric suffixes, e.g. foo-10, foo-11, etc, and can be browsed as /foo. When a new version of the web-app is deployed, Resin continues to send current session requests to the previous web-app. New sessions go to the new web-app version. So users will not be aware of the application upgrade. child of <security-constraint>
Specifies a collection of areas of the web site for security purposes. See Resin security for an overview.
element web-resource-collection { url-method* & http-method* & web-resource-name? } child of <web-app>
Sets the files to use as when no filename is present in url. According to the spec, each file is in a <welcome-file> element. element welcome-file-list { string | welcome-file* } <web-app xmlns="http://caucho.com/ns/resin"> <welcome-file-list> <welcome-file>index.jsp</welcome-file> <welcome-file>index.xtp</welcome-file> <welcome-file>home.xtp</welcome-file> </welcome-file-list> </web-app> Resin also provides a shortcut where you can just list the files: <web-app xmlns="http://caucho.com/ns/resin"> <welcome-file-list> index.jsp, index.xtp, home.xtp </welcome-file-list> </web-app>
|