A detailed description of web.xml configuration
1 Defining the header and root element deployment descriptor files like all XML files must start with an XML header. This header declares can use the XML version and give the character encoding of the file. DOCYTPE declaration must immediately appear after this header. This declaration tells the server to which the version of the servlet specification (such as 2.2 or 2.3) is specified and specifying the DTD (Document Type Definition, document type definition) of the syntax of this file. The top (root) element of all deployment descriptor files is a web-app. Note that XML elements are unlike HTML, they are sensitive. Therefore, both web-app and web-app are illegal, and the web-app must be written. 2 Deployment Descriptor Document The XML element is not only sensitive, but also they are sensitive to the order in other elements. For example, the XML head must be the first item in the file, and the DOCTYPE declaration must be the second item, and the web-app element must be the third item. In the web-app element, the order of the elements is also important. The server is not necessarily forced to require this order, but they allow (actually some servers doing this) completely refuse to perform web applications that contain elements in order incorrect. This means that the Web.xml file used in the order of the non-standard element is unmistable. The following list gives all the order necessary for all legitimate elements that can appear in the web-app element. For example, this list Description servlet elements must appear before all servlet-mapping elements. Please note that all of these elements are optional. Therefore, a certain element can be omitted, but it cannot be placed in an incorrect position. l icon icon elements indicate that the IDE and GUI tools are used to represent one and two image files of the web application. l Display-name Display-Name element provides a GUI tool that may be used to mark a name for this particular web application. The L Description Description element gives an illustrative text associated with this. l Context-param context-param element declares initialization parameters within the application range. l Filter filter elements Associate a name with a class that implements the Javax.Servlet.Filter interface. l Filter-Mapping Once a filter is named, use the filter-mapping element to associate it with one or more servlets or JSP pages. l Listener Servlet API version 2.3 adds support for event listeners, and event listeners are notified when establishing, modifying, and deleting sessions or servlet environments. The Listener element indicates the event listener class. l Servlet When you set an initialization parameter or a custom URL to the servlet or JSP page, you must first name the servlet or JSP page. The servlet element is used to complete this task. l Servlet-Mapping servers typically provide a default URL: http: // host / webappppppppppprefix / servlet / servletname. However, this URL is often changed so that servlets can access initialization parameters or more easily handle relative URLs. Using servlet-mapping elements when changing the default URL. l Session-config If a session is not accessed for a certain period of time, the server can discard it to save memory. The timeout value of a single session object can be explicitly set by using the HttpSession's setMaxinactiveInterVal method, or the default timeout value can be used to use the session-config element. l Mime-mapping If the web application has a special file, I hope to guarantee the assigned MIME type, then the mime-mapping element provides this guarantee.
l Welcom-file-list welcome-file-list element indicates which file when receiving a directory name instead of a file name instead of a file name. l Error-Page Error-Page element allows the page that will be displayed when the particular type of abnormality is returned, or when the particular type of exception is thrown. l Taglib Taglib Elements Specify an alias for tag libraryu descriptor file. This feature allows you to change the location of the TLD file without editing the JSP page using these files. l Resource-Env-Ref Resource-Env-Ref element declares a management object related to the resource. l Resource-Ref Resource-Ref element declares an external resource used by a resource factory. l Security-constraint security-constraint Elements Develop the URL that should be protected. It combines L login-config elements to specify how to use the login-config element to specify how the server is authorized to access the protected page to try to access the protected page. It is used in combination with the Sercurity-Constraint element. l Security-role security-role elements give a list of secure roles that will appear in the Role-Name sub-elements of the security-role-ref elementality within the servlet element. Declaration of the role separately makes advanced IDE processing security information easier. l Env-entry env-entry elements declare the environment item of the web application. l EJB-REF EJB-REF Elements Declare a reference to the primary directory of an EJB. l Ejb-local-ref ejb-local-ref element declares an application of an EJB local host directory. 3 Assign Names and customized ULs One of the most common tasks completed in Web.xml is to give the servlet or JSP page to the name and custom URL. Use the servlet element to associate the custom URL with the just assigned name using the servlet-mapping element. 3.1 Assignment Name In order to provide initialization parameters, define a custom URL or assign a security role to the servlet or JSP page, you must first give the servlet or JSP page a name. A name can be assigned via the servlet element. The most common formats include servlet-name and servlet-class sub-elements (within a web-app element), as shown below:
Similarly, servlet-name child elements of servlet must also appear before servlet-class. Section 5.2 "Deployment Descriptor Document" The order of elementality will be described in detail. For example, the program list 5-1 gives a simple servlet called TestServlet, which resides in the MoreServlets package. Because this servlet is part of a web application in a directory called DeployDemo, TestServlet.class is placed in DeployDemo / Web-INF / CLASSES / MORESERVLETS. Program Listing 5-2 gives a part of the web.xml file that will be placed in the deploydedeno / web-INF /. This web.xml file uses servlet-name and servlet-Class elements to associate name Test with TestServlet.class. Figures 5-1 and Figure 5-2 show the results when using the default URL and the registration name call TestServlet, respectively.
Listing 5-1 TestServlet.javapackage moreservlets; import java.io *;. Import javax.servlet *;. Import javax.servlet.http *;. / ** Simple servlet used to illustrate servlet naming * and custom URLs * <. P> * Taken from More Servlets and JavaServer Pages * from Prentice Hall and Sun Microsystems Press, * http://www.moreservlets.com/.* © 2002 Marty Hall;. may be freely used or adapted * / public class TestServlet extends HttpServlet {public void doGet (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {response.setContentType ( "text / html"); PrintWriter out = response.getWriter (); String uri = request.getRequestURI (); out.println ( ServletUTILITIES.HeadwithTitle ("Test servlet" "
/ n" "For example, you may want to close the default URL mapping to better enforce secure restrictions or prevent users from accidentally accessing a servlet without initialization parameters. If you prohibit the default URL, how do you access servlet? At this time, only the custom URL is used. To assign a custom URL, servlet-mapping elements can be used and its servlet-name, and url-pattern child elements. The servlet- name element provides an arbitrary name that can be used to reference the corresponding servlet; URL-Pattern describes the URL of the root directory relative to the web application. The value of the URL-Pattern element must be started in a slash (/). The following is given a simple web.xml excerpt, which allows URL http: // Host / WebAppPrefix / URLTEST instead of http: // host / webappppprefix / servlet / test or http: // hostvlets. TestServlet. Note that the XML header, DOCTYPE declaration, and web-app are closed elements. In addition, you can recall, the XML element is not casual. In particular, you need to put all servlet elements before all servlet-mapping elements.
Therefore, in order to name the JSP page, the JSP-File element can be replaced with servlet-calss elements, as shown below:
Program List 5-3 TestPage.jsp
What you need is to create an error message servlet and turn all match requests to the servlet using the URL-Pattern element discussed by the previous section. As long as you simply use:
Program List 5-5 Web.xml (Description JSP page Named Extract) XML Version = "1.0" Encoding = "ISO-8859-1"> * Taken from More Servlets and JavaServer Pages * from Prentice Hall and Sun Microsystems Press, * http: // www. MoreServlets.com/.* © 2002 Marty Hall; May Be Freely Used or Adapted. * / Public Class SorryServlet Extend s HttpServlet {public void doGet (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {response.setContentType ( "text / html"); PrintWriter out = response.getWriter (); String title = "Invoker Servlet Disabled."; out. Println (servletutilities.headwithtitle " Title h2> / n" "sorry, access to servlets by means Of / n " " Urls That Begin with / N " "
http: // host / webAppPrefix / servlet // n " " has been disabled./n " " BODY> HTML> ");} public void doPost (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {Doget (Request, Response);}} 4.2 Global Projection Activator: Tomcattomcat 4 is used to shut down the default URL is very different from Tomcat 3. Introduce these two methods: 1. Prohibit activator: Tomcat 4TOMCAT 4 closes the actuator servlet with the same way as the previous method, which is turned off with the URL-MAPPING element in Web.xml. Different situations in Tomcat uses a server-specific global web.xml in install_dir / confes File, and the front use is a standard web.xml file stored in a web-inf directory in each web application. So, in order to close the activator servlet in Tomcat 4, simply simply in install_dir / conf / web.xml In order to release the / servlet / * URL mapping item, as shown below:
Listing 5-7 InitServlet.javapackage moreservlets; import java.io *;. Import javax.servlet *;. Import javax.servlet.http *;. / ** Simple servlet used to illustrate servlet * initialization parameters *
. * Taken from More Servlets and JavaServer Pages * from Prentice Hall and Sun Microsystems Press, * http://www.moreservlets.com/.* © 2002 Marty Hall; may be freely used or adapted * / public class InitServlet extends HttpServlet {. private String firstName, emailAddress; public void init () {ServletConfig config = getServletConfig (); firstName = config.getInitParameter ( "firstName"); emailAddress = config.getInitParameter ( "emailAddress");} public void doGet (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {response.setContentType ( "text / html"); PrintWriter out = response.getWriter (); String uri = request.getRequestURI (); out.println (ServletUtilities.headWithTitle ( "Init Servlet") "
/ n" "/ servlet-class>
Generally, http: //host/deploydeMo/InitPage.jsp form URL The URL will activate the version of this page does not have an initialization parameter access, thereby displays NULL for the firstName and EmailAddress variables. However, the web.xml file (Program List 5-10) assigns a registration name and then associates the registration name with the URL mode / ITPAGE.JSP.
Program List 5-9 INTPAGE.Jsp
The initialization value within these systems can be declared using the context-param element. Context-param elements should include param-name, param-value, and optional Description sub-elements, as shown below:
The filter can be intercepted and modified to enter a request for a servlet or a JSP page or from a servlet or JSP page. Before performing a servlet or JSP page, the DOFILTER method of the first correlation filter must be performed. When the filter is called DOFILTER, the next filter in the chain is called for its FilterChain object. If there is no other filter, a servlet or a JSP page is executed. The filter has all access to the arrival of the servletRequest object, so they can view the client name and find the cookie. In order to access the output of the Servlet or JSP page, the filter can wrap the response object in a stand-in object, and the output is accumulated to a buffer. After calling the Dofilter method of the FilterChain object, the filter checks the buffer. If necessary, it is modified, then transferred to the client. For example, a program list 5-11 empire is difficult to have a simple filter, just access the relevant servlet or JSP page, it intercepts the request and prints a report on the standard output (most of the development process is running on the desktop system, most This filter can be used by the server). Program List 5-11 ReportFilter.javaPackage MoreServlets; import java.io. *; Import javax.servlet. *; Import javax.servlet.http. *; Import java.util. *; / ** SIMPLE FILTER THATS A Report on the standard output * whenever the associated servlet or JSP page is accessed. *
* Taken from More Servlets and JavaServer Pages * from Prentice Hall and Sun Microsystems Press, * http://www.moreservlets.com/.* © 2002 marty Hall; may be freely used or adapted * / public class ReportFilter implements Filter {public void doFilter (ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {HttpServletRequest req = (HttpServletRequest) request;. System.out.println ( Req.getRemoteHost () "Tried to Access" Req.getRequestURL () "On" new date () "."); chain.dofilter (Request, response);} public void init (FilterConfig Config) ServletException {}}} Once a filter is established, you can use Filter elements and filter-name, file-class, file-class (optional) The init-params child element declares it.
Please note that the order of the elements appear in the web-app element of Web.xml is not arbitrary; allowing the server (but not required) to force the desired order, and some of the actual servers do this. But here you should pay attention, all Filter elements must appear before any Filter-Mapping element, the filter-mapping element must appear before all servlets or servlet-mapping elements. For example, given the above ReportFilter class, the following Filter declaration can be made in Web.xml. It is associated with the actual class REPORTFILTER (in the MoreServlets package).
Audit.irs.gov Tried to Access http://mycompany.com/deploydemo/urltest2/business/tax-plan.htmlon Tue Dec 25 13:12:29 Edt 2001. List 5-12 Web.xml (Description Filter Usage Excerpt) XML Version = "1.0" eNCoding = "ISO-8859-1">
8 Specify the error page. Now I know, you never make mistakes when developing a Servlet and JSP pages, and all of your pages are clear, and the general programmers will not be confused by them. However, it will always make mistakes, and users may provide non-specified parameters, using incorrect URLs or not provide the necessary form field values. In addition, other developers may not be so careful, they should have some tools to overcome their shortcomings. Error-Page element is used to overcome these problems. It has two possible child elements, namely error-code and exception- type. The first child element error-code indicates the URL used during a given HTTP error code. The second child element ExcPETITION-TYPE indicates that the URL used in the appearance of a given Java but does not capture. Error-Code and Exception-Type use the Location element to indicate the corresponding URL. This URL must start. The page pointed out at the location indicated by the HTTPSERVLETREQUEST object can access information about the error, which two attributes are: javax.servlet.error.Status_code and javax.servlet.error.MESSAGE. Memories can be memo that the child elements of the web-app are declared in the correct order in Web.xml. As long as you remember, Error-Page appears near the end of the web.xml file, the servlet, servlet-name, and Welcome-file-List can be. 8.1 Error-Code Element In order to better understand the value of the error-code element, consider if the file name is incorrect, most sites will reflect. Doing so generally a 404 error message, it means that it cannot be found, but there is almost no more useful information. On the other hand, you can try at www.microsoft.com, www.ibm.com or especially at www.bea.com, output unknown file names. This is a useful message that provides a selectable location in order to find the page of interest. Providing such useful error pages for web applications is worth it. In fact, RM-Error-Page Child Elements). The HTML form given by Form-Login-Page must have a J_Security_Check's action property, a username text field named J_USERNAME and a password field named J_Password. For example, program list 5-19 indicates that the server uses a form-based verification. A page named login.jsp in the top of the web application will collect usernames and passwords, and the failed login will be reported by the page of login-error.jsp in the same directory.
Program List 5-19 Web.xml (Description Login-Config) XML Version = "1.0" Encoding = "ISO-8859-1">
For example, the servlet can use the MVC architecture to find data, put it in the bean, send requests to extract data from the bean and display it. We hope that it will never access protected JSP pages directly, but just access it by establishing this page will be used. URL-Pattern and Auth-Contraint elements can provide this guarantee by declaring any users to directly access JSP pages directly. However, this uniform behavior may allow developers to relax and make them chance to provide unrestricted access to protected resources. l Auth-constraint Although the web-resource-cololion element has been protected, the Auth-Constraint element indicates which users should have access to protected resources. This element should include one or more user category Role-Name elements that have access rights, and the Description element that contains (optional) a descriptive role. For example, the Security-Constraint element department in Web.XML specifies only access to the specified resource only by specifying an Administrator or Big Kahuna (or both).
For example, the following indicates that the server only allows HTTPS connections to the relevant resources:
Memories can be recalled in Web.xml to declare the web-app child element in the appropriate order. However, just remember that Icon, Display-Name and Description are the first three legal elements within the web-app elements of web.xml. l iConicon elements indicate a GUI tool to represent one and two image files that represent the web application. A 16 x 16 GIF or JPEG image can be specified using the Small-ICON element, specifying an image of 32 x 32 with the Large-ICON element. Let's take an example:
Taglib-URI elements should match something for the URI attribute used for JSP taglib elements. The Taglib-Location element gives the actual location of the TLD file. For example, if you put the file chart-tags- 1.3beta.TLD in WebApp / Web-INF / TLDS. Now, if Web.xml contains the following contents within a web-app element.
Listing 5-20 ContextReporterjavapackage moreservlets; import javax.servlet *;. Import java.util *;. / ** Simple listener that prints a report on the standard output * when the ServletContext is created or destroyed *
* Taken. from More Servlets and JavaServer Pages * from Prentice Hall and Sun Microsystems Press, * http://www.moreservlets.com/.* © 2002 Marty Hall;. may be freely used or adapted * / public class ContextReporter implements ServletContextListener {public void contextInitialized (ServletContextEvent event) {System.out.println ( "Context created on" new Date () ".");} public void contextDestroyed (ServletContextEvent event) {System.out.println ( "Context destroyed on" new Date () ".");}} Listing 5-21 Web.xml (Declare an excerpt of a listener) XML Version = "1.0" Encoding = "ISO-8859-1">