When we moved the console out to the main build and had it launch
automatically, I found some major issues.
It does not work with Tomcat.
Upon initial launch, Tomcat complains about the fact that there are
servlet mappings in the console's web.xml that don't have any servlets.
Upon further investigation, sure enough, the following servlet mappings
are invalid in the console-standard web.xml:
DerbyUsers
DerbyGroups
CertManager
This meant that Jetty was not being compliant and testing for this, so I
opened GERONIMO-872.
Second, we ended up with a security issue where the references realm is
not matching the application name. I discussed this in a previous
thread...and that I believe we need to follow the standard according to
Sun on how we name our realms according to application name (See
http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/LoginConfigFile.html).
In the mean time I hacked up the Tomcat that if it sees a
security-realm-name and it does not have an ancestor named this way, it
will create a TomcatJAASRealm adapter and name it appropriately. I have
not checked it in...yet...I would like to hear from others on this.
This is a big discussion and we need to make some decisions. IMHO, this
is a hack...and we need to look at the root of the problem.
Now to the main issue...
I implore the entire team, that before moving any main web based
component into G from sandbox, that it is tested on *both* Jetty and
Tomcat. This was clearly not tested and it has some nasty bugaboos in
it, including, but not limited to hard coded Jetty references in the
console code. See the following for details:
ObjectNameConstants.java
AJP13ConnectorPortlet.java
HttpConnectorPortlet.java
HttpsConnectorPortlet.java
WebManagerPortlet.java
IMHO, this should never have left sandbox until these issues were worked
out. As it stands...Tomcat spews when deploying the console.
I blame myself as I had the opportunity to -1 the move, but I did not
take the time to try it myself. I would just appreciate it if we could
all make this part of our process when we play with web based code and
test both containers.
I can use some help in fixing this up.
Thanks...and sorry for the frustrated tone.
Jeff
