You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/08/25 23:13:14 UTC
DO NOT REPLY [Bug 22715] New: -
tomcat-user.xml re-writing with xml entities
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22715>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22715
tomcat-user.xml re-writing with xml entities
Summary: tomcat-user.xml re-writing with xml entities
Product: Tomcat 4
Version: 4.1.27
Platform: PC
OS/Version: All
Status: NEW
Severity: Minor
Priority: Other
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: paul.extance@spirent.com
I'm using the UserDatabase (org.apache.catalina.UserDatabase /
org.apache.catalina.users.MemoryUserDatabaseFactory) as configured by default
with Tomcat 4.1.27.
Our System admin made a basic XML error, and in tomcat-users.xml put and entry
in like...
<user username="tomcat" password="tom&cat" roles="tomcat" />
Obviously the '&' makes this invalid XML, and tomcat doesn't start...
We changed the & to & the XML was then valid, the user account worked,
life was good....
A few days later, after he restarted the server, it was broke again...
Seems that when Tomcat re-wrote out the tomcat-users.xml file, instead of
escaping the & and writing it back out as & it just put it out a &, so we
were back to square one!
Question:
1) Is this a bug?
2) Can I stop the 're-writing' part of this as a work around?
3) Are XML entities not allowed in tomcat-users.xml?