At 20:38 3/14/2007, you wrote:
http://tomcat.apache.org/faq/misc.html#evil
-Tim
All very good points escpecially since it will load classes outside
the webapps sandbox. Definately evil.
What I would probably do in the large # of servlets situation for a
single webapp during development is generate the web.xml file as part
of the build process and have the build scan the proper source
directory and create it dynamicly before deployment.
Alas hard to do in ant without scripts but would make development easier.
PK
Paul Mendelson wrote:
I recently installed Tomacat 6.0 and see that I now need to make my
web application privalaged in order to use InvokerServlet to allow
users to execute arbitrary servlets. This seems to continue a
trend that may eventually result in Invoker being widthdrawn.
My question is why is allowing execution of arbitrary servlets so
discouraged. In my opinion JSPs are essentially servlets with a
differnt deployment convention and there is no prohibition on
running jsps without "registering them."
I like to build web applications with hundreds of servlets and I
prefer not to explicitly define each one in web.xml. Is there any
sanctioned method of doing this in a tomcat world?
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]