Henri Gomez a écrit :
Henri Gomez a écrit :
Jean-Francois Arcand a écrit :
+1
The security mechanism in TC 4.x and higher (due to digester)
avoid me to use such easy configuration tuning and so we have
to stay with Tomcat 3.3.x for now.
I'm probably missing something here....why the digester suffer from that limitation? What kind of security exception are you seeing. If you give all permissions to the Digester, does it change something?
Same problem with TC 5.0.12 ;(
To reproduce, I added an external entity file in the web.xml of the provided servlet-examples webapp web.xml :
----
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd";>
[ <!ENTITY % appconf SYSTEM "../../../etc/webapp/appconf.xml"> %appconf; ]
Great it seems to works with :
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd";[ <!ENTITY % appconf SYSTEM "file:../etc/webapp/appconf.xml"> %appconf; ]
>
<web-app>
<display-name>Servlet 2.4 Examples</display-name>
<description>
Servlet 2.4 Examples.
</description>.....
So should I assume that the current directory is webapps ?
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
