Java – Migration from Weblogic to Apache Tomcat

javamigrationservletstomcatweblogic

I am migrating my project(uses servlets / jsp / jdbc / jndi) build on Weblogic 10c to an Apache Tomcat 7.0.22. I have managed to configure the ldap authentication server and also to replace the xxx-jdbc.xml used by weblogic. Now my problem is that i am trying to migrate the weblogic.xml file found in web Content/WEB-INF directory. The contents of the xml file are the following:

<?xml version = '1.0' encoding = 'UTF-8'?>
<weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-web-app http://www.bea.com/ns/weblogic/weblogic-web-app/1.0/weblogic-web-app.xsd"
              xmlns="http://www.bea.com/ns/weblogic/weblogic-web-app">
  <security-role-assignment>
    <role-name>REGISTERED_USER</role-name>
    <principal-name>GROUP_NAME_FROM_LDAP</principal-name>
  </security-role-assignment>
  <session-descriptor>
    <debug-enabled>false</debug-enabled>
    <tracking-enabled>true</tracking-enabled>
    <cookie-name>nameOfCookie</cookie-name>
    <cookie-max-age-secs>-1</cookie-max-age-secs>
    <url-rewriting-enabled>false</url-rewriting-enabled>
    <encode-session-id-in-query-params>false</encode-session-id-in-query-params>
    <sharing-enabled>false</sharing-enabled>
  </session-descriptor>
  <context-root>my_app_context_root</context-root>
  <servlet-descriptor>
    <servlet-name>FileDownload</servlet-name>
  </servlet-descriptor>
</weblogic-web-app>

From top to bottom i have the security-role-assignment which maps users from an ldap group to have the REGISTERED_USER. The tag session-descriptor i think is self explained. Then there is my apps context root context-root. And then some servlet definition that is used to register the servlet to Weblogic (this is also defined in web.xml and i think this will not need any more handling).

So what is the best way to migrate this weblogic.xml file in my application?

Best Answer

In Tomcat, these things can be defined in a couple of different places.

For the security-role re-mapping, use the standard <security-role-ref> in web.xml to re-map role names.

If you are using a servlet-3.0-spec webapp, then many of your session- and cookie-related items are available via web.xml:

<session-config>
  <cookie-config>
    <name>nameOfCookie</name>
    <max-age>-1</max-age>
  </cookie-config>
  <!-- just don't use "URL" to disable rewriting -->
  <tracking-mode>COOKIE</tracking-mode>
</session-config>

Otherwise, you'll have to resort to some acrobatics. First, I'll assume that you are using a META-INF/context.xml file within your webapp for deployment to Tomcat.

  1. Session cookie name

    <Context sessionCookieName="nameOfCookie" />

  2. Cookie max-age
    Use the standard <session-config><session-timeout /> in web.xml. (Technically, this configures the max-age of the session, but the effect is the same: the cookie will essentially become invalid after the session expires. If you really need cookie max-age, read this thread: http://markmail.org/thread/u2ysiz3uxays2w4i)

  3. Cookie debug/tracking are not supported by configuration. You will have to write your own Filter(s) to duplicate these features.

  4. Disabling URL rewriting will require that you write a Filter that overrides HttpServletResponse.encodeURL and HttpServletResponse.encodeRedirectURL to be no-ops on their String arguments.

Related Topic