You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by Ivan <xh...@gmail.com> on 2009/08/27 08:30:10 UTC
Disable Tomcat JNDI
Hi,
I found some configurations like
--->
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml"/>
</GlobalNamingResources>
<---
in the var/catalina/server.xml file, since we use xbean-naming as our JNDI
implementation, we should disable Tomcat's own JNDI. While disabling
Tomcat's JNDI, we should not allow the users to define those settings in the
server.xml. I think, we need to remove GlbalNamingResources fragment from
the server.xml and add some comments, which tell the user never define those
resources in the server.xml.
Any comment ?
--
Ivan
Re: Disable Tomcat JNDI
Posted by chi runhua <ch...@gmail.com>.
okay. I'd like the document to be addressed as "what we support about
server.xml to configure the Tomcat in Geronimo now?
Web listeners only? Other than that, virtual hosts, security realm and other
configurations should be done via Gbeans just like before?
What about if users want to initialize a second Tomcat in Geronimo?
Jeff C
On Fri, Aug 28, 2009 at 1:12 PM, Ivan <xh...@gmail.com> wrote:
> Yes, for Tomcat allows to define datasource in the server.xml and add
> reference in the web.xml, by default, it uses DBCP as its db pool
> implmentation.
> While in Geronimo, we do not use it.
> I removed the fragments below from the server.xml
> <GlobalNamingResources>
> <!-- Editable user database that can also be used by
> UserDatabaseRealm to authenticate users
> -->
> <Resource name="UserDatabase" auth="Container"
> type="org.apache.catalina.UserDatabase"
> description="User database that can be updated and saved"
>
> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
> pathname="conf/tomcat-users.xml"/>
> </GlobalNamingResources>
> and
> <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
> resourceName="UserDatabase"/>
> Also, I set the catalina.userNaming=false. From my side, it works well.
> But, we may need to document it, for currently, we will not support to
> define those things in the server.xml, including resource declaration.
> Any comment ?
>
>
> 2009/8/28 viola.lu <vi...@gmail.com>
>
>
>> hi,
>> This naminglister causes warning:NamingContextListener failed to register
>> in
>> JMX:javax.naming.exception when staring geronimo server . If disable it,
>> warning will disapper, right?
>>
>> Ivan Xu wrote:
>> >
>> > The way I could see is set the catalina.useNaming=false in the system
>> > properties, then Tomcat will not start the naminglistener.
>> > But if we do it, we should not have resource setting in the server.xml
>> > file,
>> > or NullPointerException will throw, for those resources try to
>> > register/lookup themselves in the tomcat's jndi context.
>> >
>> > 2009/8/27 David Jencks <da...@yahoo.com>
>> >
>> >> I think this is a good idea if it doesn't break stuff. I think I
>> recall
>> >> having some difficulty figuring out how to completely disable tomcat
>> >> jndi.
>> >> Perhaps you will be able to figure out how :-)
>> >>
>> >> thanks
>> >> david jencks
>> >>
>> >>
>> >> On Aug 26, 2009, at 11:30 PM, Ivan wrote:
>> >>
>> >> Hi,
>> >>> I found some configurations like
>> >>> --->
>> >>> <GlobalNamingResources>
>> >>> <!-- Editable user database that can also be used by
>> >>> UserDatabaseRealm to authenticate users
>> >>> -->
>> >>> <Resource name="UserDatabase" auth="Container"
>> >>> type="org.apache.catalina.UserDatabase"
>> >>> description="User database that can be updated and
>> >>> saved"
>> >>>
>> >>> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
>> >>> pathname="conf/tomcat-users.xml"/>
>> >>> </GlobalNamingResources>
>> >>> <---
>> >>> in the var/catalina/server.xml file, since we use xbean-naming as our
>> >>> JNDI implementation, we should disable Tomcat's own JNDI. While
>> >>> disabling
>> >>> Tomcat's JNDI, we should not allow the users to define those settings
>> in
>> >>> the
>> >>> server.xml. I think, we need to remove GlbalNamingResources fragment
>> >>> from
>> >>> the server.xml and add some comments, which tell the user never define
>> >>> those
>> >>> resources in the server.xml.
>> >>> Any comment ?
>> >>>
>> >>> --
>> >>> Ivan
>> >>>
>> >>
>> >>
>> >
>> >
>> > --
>> > Ivan
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Disable-Tomcat-JNDI-tp25166967s134p25182824.html
>> Sent from the Apache Geronimo - Dev mailing list archive at Nabble.com.
>>
>>
>
>
> --
> Ivan
>
Re: Disable Tomcat JNDI
Posted by Ivan <xh...@gmail.com>.
Yes, for Tomcat allows to define datasource in the server.xml and add
reference in the web.xml, by default, it uses DBCP as its db pool
implmentation.
While in Geronimo, we do not use it.
I removed the fragments below from the server.xml
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml"/>
</GlobalNamingResources>
and
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
Also, I set the catalina.userNaming=false. From my side, it works well.
But, we may need to document it, for currently, we will not support to
define those things in the server.xml, including resource declaration.
Any comment ?
2009/8/28 viola.lu <vi...@gmail.com>
>
> hi,
> This naminglister causes warning:NamingContextListener failed to register
> in
> JMX:javax.naming.exception when staring geronimo server . If disable it,
> warning will disapper, right?
>
> Ivan Xu wrote:
> >
> > The way I could see is set the catalina.useNaming=false in the system
> > properties, then Tomcat will not start the naminglistener.
> > But if we do it, we should not have resource setting in the server.xml
> > file,
> > or NullPointerException will throw, for those resources try to
> > register/lookup themselves in the tomcat's jndi context.
> >
> > 2009/8/27 David Jencks <da...@yahoo.com>
> >
> >> I think this is a good idea if it doesn't break stuff. I think I recall
> >> having some difficulty figuring out how to completely disable tomcat
> >> jndi.
> >> Perhaps you will be able to figure out how :-)
> >>
> >> thanks
> >> david jencks
> >>
> >>
> >> On Aug 26, 2009, at 11:30 PM, Ivan wrote:
> >>
> >> Hi,
> >>> I found some configurations like
> >>> --->
> >>> <GlobalNamingResources>
> >>> <!-- Editable user database that can also be used by
> >>> UserDatabaseRealm to authenticate users
> >>> -->
> >>> <Resource name="UserDatabase" auth="Container"
> >>> type="org.apache.catalina.UserDatabase"
> >>> description="User database that can be updated and
> >>> saved"
> >>>
> >>> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
> >>> pathname="conf/tomcat-users.xml"/>
> >>> </GlobalNamingResources>
> >>> <---
> >>> in the var/catalina/server.xml file, since we use xbean-naming as our
> >>> JNDI implementation, we should disable Tomcat's own JNDI. While
> >>> disabling
> >>> Tomcat's JNDI, we should not allow the users to define those settings
> in
> >>> the
> >>> server.xml. I think, we need to remove GlbalNamingResources fragment
> >>> from
> >>> the server.xml and add some comments, which tell the user never define
> >>> those
> >>> resources in the server.xml.
> >>> Any comment ?
> >>>
> >>> --
> >>> Ivan
> >>>
> >>
> >>
> >
> >
> > --
> > Ivan
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/Disable-Tomcat-JNDI-tp25166967s134p25182824.html
> Sent from the Apache Geronimo - Dev mailing list archive at Nabble.com.
>
>
--
Ivan
Re: Disable Tomcat JNDI
Posted by "viola.lu" <vi...@gmail.com>.
hi,
This naminglister causes warning:NamingContextListener failed to register in
JMX:javax.naming.exception when staring geronimo server . If disable it,
warning will disapper, right?
Ivan Xu wrote:
>
> The way I could see is set the catalina.useNaming=false in the system
> properties, then Tomcat will not start the naminglistener.
> But if we do it, we should not have resource setting in the server.xml
> file,
> or NullPointerException will throw, for those resources try to
> register/lookup themselves in the tomcat's jndi context.
>
> 2009/8/27 David Jencks <da...@yahoo.com>
>
>> I think this is a good idea if it doesn't break stuff. I think I recall
>> having some difficulty figuring out how to completely disable tomcat
>> jndi.
>> Perhaps you will be able to figure out how :-)
>>
>> thanks
>> david jencks
>>
>>
>> On Aug 26, 2009, at 11:30 PM, Ivan wrote:
>>
>> Hi,
>>> I found some configurations like
>>> --->
>>> <GlobalNamingResources>
>>> <!-- Editable user database that can also be used by
>>> UserDatabaseRealm to authenticate users
>>> -->
>>> <Resource name="UserDatabase" auth="Container"
>>> type="org.apache.catalina.UserDatabase"
>>> description="User database that can be updated and
>>> saved"
>>>
>>> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
>>> pathname="conf/tomcat-users.xml"/>
>>> </GlobalNamingResources>
>>> <---
>>> in the var/catalina/server.xml file, since we use xbean-naming as our
>>> JNDI implementation, we should disable Tomcat's own JNDI. While
>>> disabling
>>> Tomcat's JNDI, we should not allow the users to define those settings in
>>> the
>>> server.xml. I think, we need to remove GlbalNamingResources fragment
>>> from
>>> the server.xml and add some comments, which tell the user never define
>>> those
>>> resources in the server.xml.
>>> Any comment ?
>>>
>>> --
>>> Ivan
>>>
>>
>>
>
>
> --
> Ivan
>
>
--
View this message in context: http://www.nabble.com/Disable-Tomcat-JNDI-tp25166967s134p25182824.html
Sent from the Apache Geronimo - Dev mailing list archive at Nabble.com.
Re: Disable Tomcat JNDI
Posted by Ivan <xh...@gmail.com>.
The way I could see is set the catalina.useNaming=false in the system
properties, then Tomcat will not start the naminglistener.
But if we do it, we should not have resource setting in the server.xml file,
or NullPointerException will throw, for those resources try to
register/lookup themselves in the tomcat's jndi context.
2009/8/27 David Jencks <da...@yahoo.com>
> I think this is a good idea if it doesn't break stuff. I think I recall
> having some difficulty figuring out how to completely disable tomcat jndi.
> Perhaps you will be able to figure out how :-)
>
> thanks
> david jencks
>
>
> On Aug 26, 2009, at 11:30 PM, Ivan wrote:
>
> Hi,
>> I found some configurations like
>> --->
>> <GlobalNamingResources>
>> <!-- Editable user database that can also be used by
>> UserDatabaseRealm to authenticate users
>> -->
>> <Resource name="UserDatabase" auth="Container"
>> type="org.apache.catalina.UserDatabase"
>> description="User database that can be updated and saved"
>>
>> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
>> pathname="conf/tomcat-users.xml"/>
>> </GlobalNamingResources>
>> <---
>> in the var/catalina/server.xml file, since we use xbean-naming as our
>> JNDI implementation, we should disable Tomcat's own JNDI. While disabling
>> Tomcat's JNDI, we should not allow the users to define those settings in the
>> server.xml. I think, we need to remove GlbalNamingResources fragment from
>> the server.xml and add some comments, which tell the user never define those
>> resources in the server.xml.
>> Any comment ?
>>
>> --
>> Ivan
>>
>
>
--
Ivan
Re: Disable Tomcat JNDI
Posted by David Jencks <da...@yahoo.com>.
I think this is a good idea if it doesn't break stuff. I think I
recall having some difficulty figuring out how to completely disable
tomcat jndi. Perhaps you will be able to figure out how :-)
thanks
david jencks
On Aug 26, 2009, at 11:30 PM, Ivan wrote:
> Hi,
> I found some configurations like
> --->
> <GlobalNamingResources>
> <!-- Editable user database that can also be used by
> UserDatabaseRealm to authenticate users
> -->
> <Resource name="UserDatabase" auth="Container"
> type="org.apache.catalina.UserDatabase"
> description="User database that can be updated and
> saved"
>
> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
> pathname="conf/tomcat-users.xml"/>
> </GlobalNamingResources>
> <---
> in the var/catalina/server.xml file, since we use xbean-naming as
> our JNDI implementation, we should disable Tomcat's own JNDI. While
> disabling Tomcat's JNDI, we should not allow the users to define
> those settings in the server.xml. I think, we need to remove
> GlbalNamingResources fragment from the server.xml and add some
> comments, which tell the user never define those resources in the
> server.xml.
> Any comment ?
>
> --
> Ivan
Re: Disable Tomcat JNDI
Posted by Jack Cai <gr...@gmail.com>.
Have we done a little test to make sure that removing/disabling Tomcat's
JNDI does not break things? If everything looks good, it certainly makes
good sense to do that. :-)
-Jack
On Thu, Aug 27, 2009 at 2:30 PM, Ivan <xh...@gmail.com> wrote:
> Hi,
> I found some configurations like
> --->
> <GlobalNamingResources>
> <!-- Editable user database that can also be used by
> UserDatabaseRealm to authenticate users
> -->
> <Resource name="UserDatabase" auth="Container"
> type="org.apache.catalina.UserDatabase"
> description="User database that can be updated and saved"
>
> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
> pathname="conf/tomcat-users.xml"/>
> </GlobalNamingResources>
> <---
> in the var/catalina/server.xml file, since we use xbean-naming as our
> JNDI implementation, we should disable Tomcat's own JNDI. While disabling
> Tomcat's JNDI, we should not allow the users to define those settings in the
> server.xml. I think, we need to remove GlbalNamingResources fragment from
> the server.xml and add some comments, which tell the user never define those
> resources in the server.xml.
> Any comment ?
>
> --
> Ivan
>