We received a number of patches and enhancements in the /admin web
applications, and I also added a number of pages for easier testing.
There are few problems:
- /admin is a trusted application ( it has full access to tomcat internals
and permissions ). For security it will be much better to keep it small.
- It's not a good idea to add a lot of new code before the release ( but
it's a bad idea to ignore good contributions )
What I'm proposing is:
1. Split /admin in 2 web applications: /admin will contain only a minimal
set of pages/servlets, and minimal/no user interface.
2. /adminUI will contain all UI pages and applications that don't require
special permissions.
3. /adminUI will not be part of the "standard" 3.3 distribution. Starting
with M1, the /test application is also distributed separately, and I would
like to have a separate distribution for /adminUI. ( that means it'll be
in a separate .war file you can download and install - if you want ).
The benefits:
- more security. Less code running in trusted apps
- we can commit the contributed code ( UI, user admin, etc) and develop
the /adminUI without affecting the stability of the code.
- independent release cycle - after 3.3 is released, we can still work on
the /adminUI and provide a better version without requiring a full release
cycle for tomcat.
- clear separation between UI and the admin services.
--
Costin
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
