Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is web.xml file and what are all things can I do with it?

The web.xml Deployment Descriptor Elements in Oracle's BEA WebLogic Server 8.1 Documentation pretty much sums up each element in a web.xml file. But I am also curious about points below:

  1. Is there any configuration parameter which should be avoided like plague?
  2. Any parameters related to performance or memory usage?
  3. Security related risk due to common mis-configuration?

What else should I know about web.xml apart from element names and their usage?

like image 967
Ravi Gupta Avatar asked Feb 22 '10 13:02

Ravi Gupta


People also ask

What is the Web XML file used for?

web. xml defines mappings between URL paths and the servlets that handle requests with those paths. The web server uses this configuration to identify the servlet to handle a given request and call the class method that corresponds to the request method.

Is WEB xml needed?

Since the servlet 3 specification (IIRC) a web. xml is not needed anymore. still depending on which application server he's gonna end up using, and to which extent he wants to use spring OP will be doomed to write not just a web. xml, but also another gazillion xml files.

How do I access WEB xml?

xml contents by just calling http://localhost:8080/context/test/WEB-INF/web.xml . Such a servlet is often implemented as part of homegrown MVC front controller or dispatcher pattern. Decent MVC frameworks like JSF and Spring MVC shouldn't have this issue.


2 Answers

What is web.xml file and what all things can I do with it ?

The /WEB-INF/web.xml file is the Web Application Deployment Descriptor of your application. This file is an XML document that defines everything about your application that a server needs to know (except the context path, which is assigned by the Application Deployer and Administrator when the application is deployed): servlets and other components like filters or listeners, initialization parameters, container-managed security constraints, resources, welcome pages, etc.

Note that reference you mentioned is pretty old (Java EE 1.4), there have been few changes in Java EE 5 and even more in Java EE 6 (which makes the web.xml "optional" and introduces Web Fragments).

Is there any configuration parameter which should be avoided like plague?

No.

Any parameters related to performance or memory usage?

No, such things are not configured at the application level but at the container level.

Security related risk due to common mis-configuration ?

Well, if you want to use container-managed security constraints and fail at configuring them properly, resources won't obviously be properly protected. Apart from that, the biggest security risks come from the code you'll deploy IMO.

like image 92
Pascal Thivent Avatar answered Oct 19 '22 13:10

Pascal Thivent


What all should I know about web.xml apart from element name and their usage ?

The SINGLE most important JSP configuration parameter of ALL TIME is in your web.xml. Ladies and gentlemen, I give you... the TRIM-DIRECTIVE-WHITESPACES option!

<jsp-config>     <jsp-property-group>         <url-pattern>*.jsp</url-pattern>         <trim-directive-whitespaces>true</trim-directive-whitespaces>     </jsp-property-group> </jsp-config> 

This removes all the hundreds or thousands of lines of white space that you'll get in your generated HTML if you use any tag libraries (loops are particularly ugly & wasteful).

The other big one is the default web page (the page you get automatically sent to when you don't enter a web page in the URL):

<welcome-file-list>     <welcome-file>index.jsp</welcome-file> </welcome-file-list>     
like image 25
Civil Disobedient Avatar answered Oct 19 '22 13:10

Civil Disobedient