I am migrating my project(uses servlets / jsp / jdbc / jndi) build on Weblogic 10c to an Apache Tomcat 7.0.22. I have managed to configure the ldap authentication server and also to replace the xxx-jdbc.xml used by weblogic. Now my problem is that i am trying to migrate the weblogic.xml file found in web Content/WEB-INF directory. The contents of the xml file are the following:
<?xml version = '1.0' encoding = 'UTF-8'?>
<weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-web-app http://www.bea.com/ns/weblogic/weblogic-web-app/1.0/weblogic-web-app.xsd"
xmlns="http://www.bea.com/ns/weblogic/weblogic-web-app">
<security-role-assignment>
<role-name>REGISTERED_USER</role-name>
<principal-name>GROUP_NAME_FROM_LDAP</principal-name>
</security-role-assignment>
<session-descriptor>
<debug-enabled>false</debug-enabled>
<tracking-enabled>true</tracking-enabled>
<cookie-name>nameOfCookie</cookie-name>
<cookie-max-age-secs>-1</cookie-max-age-secs>
<url-rewriting-enabled>false</url-rewriting-enabled>
<encode-session-id-in-query-params>false</encode-session-id-in-query-params>
<sharing-enabled>false</sharing-enabled>
</session-descriptor>
<context-root>my_app_context_root</context-root>
<servlet-descriptor>
<servlet-name>FileDownload</servlet-name>
</servlet-descriptor>
</weblogic-web-app>
From top to bottom i have the security-role-assignment which maps users from an ldap group to have the REGISTERED_USER. The tag session-descriptor i think is self explained. Then there is my apps context root context-root. And then some servlet definition that is used to register the servlet to Weblogic (this is also defined in web.xml and i think this will not need any more handling).
So what is the best way to migrate this weblogic.xml file in my application?
Best Answer
In Tomcat, these things can be defined in a couple of different places.
For the
security-role
re-mapping, use the standard<security-role-ref>
in web.xml to re-map role names.If you are using a servlet-3.0-spec webapp, then many of your session- and cookie-related items are available via web.xml:
Otherwise, you'll have to resort to some acrobatics. First, I'll assume that you are using a
META-INF/context.xml
file within your webapp for deployment to Tomcat.Session cookie name
Cookie max-age
Use the standard
<session-config><session-timeout />
in web.xml. (Technically, this configures the max-age of the session, but the effect is the same: the cookie will essentially become invalid after the session expires. If you really need cookie max-age, read this thread: http://markmail.org/thread/u2ysiz3uxays2w4i)Cookie debug/tracking are not supported by configuration. You will have to write your own
Filter
(s) to duplicate these features.Disabling URL rewriting will require that you write a
Filter
that overridesHttpServletResponse.encodeURL
andHttpServletResponse.encodeRedirectURL
to be no-ops on theirString
arguments.