DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5145>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=5145 Add validation of server.xml Summary: Add validation of server.xml Product: Tomcat 4 Version: 4.0.1 Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Please add strict validation of server.xml. In one example, we defined an SSL connector as follows: <Connector className="org.apache.catalina.connector.http.HttpConnector" port="443" proxyPort="443" minProcessors="5" maxProcessors="75" enableLookups="true" acceptCount="200" debug="0" scheme="https" secure="true" > keystoreFile="d:\data/config/.keystore" <Factory className="org.apache.catalina.net.SSLServerSocketFactory" clientAuth="false" protocol="TLS" /> </Connector> And Tomcat did not complain that 'keystore' is defined in the Connector element instead of the factory element. One practical way to perform the validation is to use a DTD based validation durign the XML parsing and to use the Doctype Changer library to force the validation of server.xml against the required DTD. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>