Michael Segel wrote:
On Wednesday 02 November 2005 09:46, Kristian Waagan wrote:
Ok,
Silly question on either Sun's or Tomcat.
Is this a potential security risk? What's the default parameters?
I guess all you need to do is to limit access to that directory....
You can disable both dynamic reloading (changes in already deployed
applications) and autodeploy, but I believe the default is that these
features are enabled for both appservers mentioned.
You are also correct in that the security mechanism for these features
is the OS/filesystem access control. It is also possible to specify
autodeploy directories per application, so that developers for that
application don't need access to the main autodeploy directory (for
SJSAS, don't know for Tomcat - anybody?).
I mean its great for prototyping, but in production?
I browsed some docs, and it is stated that the dynamic reloading feature
may cause some performance degradation.
I suppose many system admins would disable these features in a
production environment.
--
Kristian
Now the reason I'm asking is that I'm being buggered to have a lightweight web
interface in to an app that I'm working on. (Derby is the backend DB).
This will allow for a central copy of the DB that will synch with the
individual copies.
One nice thing about Derby.
You can have your complete App and the DB all on a simple memory stick.
Hello,
Just want to inform that the Sun Java System Application Server actually
does redeploy if you overwrite, or touches, the already existing
deployment archive in the autodeploy directory.
I have not worked much with Tomcat, so I grabbed it to see what it does.
I observed that it also redeploys when you overwrite an existing
deployment archive in the webapps directory. I tried this on Solaris 10
with Tomcat version 5.5.12.
This means that you might be able to use the Prototype integration
approach to redeploy your application (and have it use Derby) without
restarting/refreshing the server. It is at least worth a try :)
(you might get stopped by the current server configuration though)
Regards,
--
Kristian
