Tomcat4.1.24 以後為了安全問題 servelet 要在web.xml 中設置, 下面是Example中的例子:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<display-name>Tomcat Examples</display-name> <description> Tomcat Example servlets and JSP pages. </description>
<!-- Define servlet-mapped and path-mapped example filters --> <filter> <filter-name>Servlet Mapped Filter</filter-name> <filter-class>filters.ExampleFilter</filter-class> <init-param> <param-name>attribute</param-name> <param-value>filters.ExampleFilter.SERVLET_MAPPED</param-value> </init-param> </filter> <filter> <filter-name>Path Mapped Filter</filter-name> <filter-class>filters.ExampleFilter</filter-class> <init-param> <param-name>attribute</param-name> <param-value>filters.ExampleFilter.PATH_MAPPED</param-value> </init-param> </filter> <filter> <filter-name>Request Dumper Filter</filter-name> <filter-class>filters.RequestDumperFilter</filter-class> </filter>
<!-- Example filter to set character encoding on each request --> <filter> <filter-name>Set Character Encoding</filter-name> <filter-class>filters.SetCharacterEncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>gb2312</param-value> </init-param> </filter>
<filter> <filter-name>Compression Filter</filter-name> <filter-class>compressionFilters.CompressionFilter</filter-class>
<init-param> <param-name>compressionThreshold</param-name> <param-value>10</param-value> </init-param> <init-param> <param-name>debug</param-name> <param-value>0</param-value> </init-param> </filter>
<!-- Define filter mappings for the defined filters --> <filter-mapping> <filter-name>Servlet Mapped Filter</filter-name> <servlet-name>invoker</servlet-name> </filter-mapping> <filter-mapping> <filter-name>Path Mapped Filter</filter-name> <url-pattern>/servlet/*</url-pattern> </filter-mapping>
<!-- Example filter mapping to apply the "Set Character Encoding" filter to *all* requests processed by this web application --> <!-- <filter-mapping> <filter-name>Set Character Encoding</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> -->
<!-- <filter-mapping> <filter-name>Compression Filter</filter-name> <url-pattern>/CompressionTest</url-pattern> </filter-mapping> -->
<!-- <filter-mapping> <filter-name>Request Dumper Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> -->
<!-- Define example application events listeners --> <listener> <listener-class>listeners.ContextListener</listener-class> </listener> <listener> <listener-class>listeners.SessionListener</listener-class> </listener>
<!-- Define servlets that are included in the example application -->
<servlet> <servlet-name>SendMailServlet</servlet-name> <servlet-class>SendMailServlet</servlet-class> </servlet>
<servlet> <servlet-name> snoop </servlet-name> <servlet-class> SnoopServlet </servlet-class> <!-- <init-param> <param-name>foo</param-name> <param-value>bar</param-value> </init-param> --> <run-as> <description>Security role for anonymous access</description> <role-name>tomcat</role-name> </run-as> </servlet>
<servlet> <servlet-name> servletToJsp </servlet-name> <servlet-class> servletToJsp </servlet-class> </servlet> <servlet> <servlet-name> CompressionFilterTestServlet </servlet-name> <servlet-class> compressionFilters.CompressionFilterTestServlet </servlet-class>
</servlet>
<servlet-mapping> <servlet-name>invoker</servlet-name> <url-pattern>/servlet/*</url-pattern> </servlet-mapping>
<servlet-mapping> <servlet-name> CompressionFilterTestServlet </servlet-name> <url-pattern> /CompressionTest </url-pattern> </servlet-mapping>
<servlet-mapping> <servlet-name>SendMailServlet</servlet-name> <url-pattern>/SendMailServlet</url-pattern> </servlet-mapping>
<servlet-mapping> <servlet-name> snoop </servlet-name> <url-pattern> /snoop </url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name> servletToJsp </servlet-name> <url-pattern> /servletToJsp </url-pattern> </servlet-mapping>
<taglib> <taglib-uri> http://jakarta.apache.org/tomcat/debug-taglib </taglib-uri> <taglib-location> /WEB-INF/jsp/debug-taglib.tld </taglib-location> </taglib>
<taglib> <taglib-uri> http://jakarta.apache.org/tomcat/examples-taglib </taglib-uri> <taglib-location> /WEB-INF/jsp/example-taglib.tld </taglib-location> </taglib>
<resource-ref> <res-ref-name>mail/Session</res-ref-name> <res-type>javax.mail.Session</res-type> <res-auth>Container</res-auth> </resource-ref>
<security-constraint> <display-name>Example Security Constraint</display-name> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <!-- Define the context-relative URL(s) to be protected --> <url-pattern>/jsp/security/protected/*</url-pattern> <!-- If you list http methods, only those methods are protected --> <http-method>DELETE</http-method> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>PUT</http-method> </web-resource-collection> <auth-constraint> <!-- Anyone with one of the listed roles may access this area --> <role-name>tomcat</role-name> <role-name>role1</role-name> </auth-constraint> </security-constraint>
<!-- Default login configuration uses form-based authentication --> <login-config> <auth-method>FORM</auth-method> <realm-name>Example Form-Based Authentication Area</realm-name> <form-login-config> <form-login-page>/jsp/security/protected/login.jsp</form-login-page> <form-error-page>/jsp/security/protected/error.jsp</form-error-page> </form-login-config> </login-config>
<!-- Security roles referenced by this web application --> <security-role> <role-name>role1</role-name> </security-role> <security-role> <role-name>tomcat</role-name> </security-role>
<!-- Environment entry examples --> <!--env-entry> <env-entry-description> The maximum number of tax exemptions allowed to be set. </env-entry-description> <env-entry-name>maxExemptions</env-entry-name> <env-entry-value>15</env-entry-value> <env-entry-type>java.lang.Integer</env-entry-type> </env-entry--> <env-entry> <env-entry-name>minExemptions</env-entry-name> <env-entry-value>1</env-entry-value> <env-entry-type>java.lang.Integer</env-entry-type> </env-entry> <env-entry> <env-entry-name>foo/name1</env-entry-name> <env-entry-value>value1</env-entry-value> <env-entry-type>java.lang.String</env-entry-type> </env-entry> <env-entry> <env-entry-name>foo/bar/name2</env-entry-name> <env-entry-value>true</env-entry-value> <env-entry-type>java.lang.Boolean</env-entry-type> </env-entry> <env-entry> <env-entry-name>name3</env-entry-name> <env-entry-value>1</env-entry-value> <env-entry-type>java.lang.Integer</env-entry-type> </env-entry> <env-entry> <env-entry-name>foo/name4</env-entry-name> <env-entry-value>10</env-entry-value> <env-entry-type>java.lang.Integer</env-entry-type> </env-entry>
<!-- EJB Reference --> <ejb-ref> <description>Example EJB Reference</description> <ejb-ref-name>ejb/Account</ejb-ref-name> <ejb-ref-type>Entity</ejb-ref-type> <home>com.mycompany.mypackage.AccountHome</home> <remote>com.mycompany.mypackage.Account</remote> </ejb-ref>
<!-- Local EJB Reference --> <ejb-local-ref> <description>Example Local EJB Reference</description> <ejb-ref-name>ejb/ProcessOrder</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <local-home>com.mycompany.mypackage.ProcessOrderHome</local-home> <local>com.mycompany.mypackage.ProcessOrder</local> </ejb-local-ref>
</web-app>
|