> > Pfingstl Gernot wrote: > > If I define a resource in <GlobalNamingResources> (in server.xml) I > > can use this resource in my web-application only if I use > > <ResourceLink> in my context. So it seems to me it isn't possible to > > use a resource defined in <GlobalNamingResources> unless I permit the > > use with a <ResourceLink> in the context or the engine. > > > > Is this right?? > > Indeed. You can add the ResourceLink in a DefaultContext with 5.0, for > convinience, if, for example, you want to allow it in a whole virtual > host. I don't remember if I ported the feature and if it's also in 4.1.29. > > > Is this behaviour specified somewhere or is it subject to change? > > No, it's not subject to a change. I think it's implied: nowhere it is > written that global resources define stuff in the webapp naming contexts. In http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/globalresources.html there's the paragraph: <GlobalNamingResources ...> ... <Environment name="maxExemptions" value="10" type="java.lang.Integer" override="false"/> ... </GlobalNamingResources> This is equivalent to the inclusion of the following element in the web application deployment descriptor (/WEB-INF/web.xml): <env-entry> <env-entry-name>maxExemptions</param-name> <env-entry-value>10</env-entry-value> <env-entry-type>java.lang.Integer</env-entry-type> </env-entry>
The sentence above "...is equivalent..." can be interpreted in the way, that there no ResourceLink is needed. > > > This behavoiur is important to me, becaue I will explicitely permit > > (or deny) the access to a global resource per context. Its a security > > problem. > > That's the reason behind the ResourceLink. > Thank you for your answer, Gernot --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]