스펙을 보나가 요상한게 있어서..
<head>
<body>
<FORM action="http://somesite.com/prog/someprog" method="post">
<P>
<SELECT name="ComOS">
<OPTION selected label="none" value="none">None</OPTION>
<OPTGROUP label="PortMaster 3">
<OPTION label="3.7.1" value="pm3_3.7.1">PortMaster 3 with ComOS 3.7.1</OPTION>
<OPTION label="3.7" value="pm3_3.7">PortMaster 3 with ComOS 3.7</OPTION>
<OPTION label="3.5" value="pm3_3.5">PortMaster 3 with ComOS 3.5</OPTION>
</OPTGROUP>
<OPTGROUP label="PortMaster 2">
<OPTION label="3.7" value="pm2_3.7">PortMaster 2 with ComOS 3.7</OPTION>
<OPTION label="3.5" value="pm2_3.5">PortMaster 2 with ComOS 3.5</OPTION>
</OPTGROUP>
<OPTGROUP label="IRX">
<OPTION label="3.7R" value="IRX_3.7R">IRX with ComOS 3.7R</OPTION>
<OPTION label="3.5R" value="IRX_3.5R">IRX with ComOS 3.5R</OPTION>
</OPTGROUP>
</SELECT>
</FORM>
</body>
</head>
익스플러어 7.0는 lable값이 보이고,
firefox 2.0.0.4는 option태그안의 값이 보이는 특성을 가지고 있었다..
'web' 카테고리의 다른 글
Sitemesh #1 Tiles에서 Sitemesh로 변환하기 (0) | 2007.08.24 |
---|---|
multi-part/form-data (0) | 2007.08.23 |
HTTP content type(text/html) 전체 리스트 뽑아보기 (0) | 2007.08.23 |
HTTP post 길이 제한??? (있다, 없다) (0) | 2007.08.23 |
session clustering (0) | 2007.08.22 |
어제 스터디하다가 궁금한 내용을 또 찾아봅니다.
결론은.. RFC문서에서 정해놓은 BNF 식에 맞춰 해당 content type이 미리 정의되어있습니다.
type := discrete-type / composite-type
discrete-type := "text" / "image" / "audio" / "video" /
"application" / extension-token
composite-type := "message" / "multipart" / extension-token
extension-token := ietf-token / x-token
ietf-token := <An extension token defined by a
standards-track RFC and registered
with IANA.>
(ase insensitive하다는 걸 꼭 기억해주세요.)
Text/html은 여기에 나와있지 않지만, ietf-token에서 따라가다 보면 나옵니다. 이 글의 맨 마지막에 나옵니다.
참고로, 확장성을 위해서 ietf-token을 넣어둔것이죠. 그래서 content –type의 전체 리스트는 명확히 한정되어 있지 않습니다..
추적 내용
Html 4.0 스펙을 찾아가서 (http://www.w3.org/TR/html401/types.html#type-content-type) 보았습니다.
6.7 Content types (MIME types)
This type is represented in the DTD by %ContentType;. Content types are case-insensitive.
Examples of content types include "text/html", "image/png", "image/gif", "video/mpeg", "text/css", and "audio/basic". For the current list of registered MIME types, please consult [MIMETYPES].
Html 4.0 DTD 스펙에는 다음과 같이 content type을 정의하고 있습니다. (http://www.w3.org/TR/html401/sgml/dtd.html#ContentType)
<!ENTITY % ContentTypes "CDATA"
-- comma-separated list of media types, as per [RFC2045]
-->
"Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies", N. Freed and N. Borenstein, November 1996. Note that this RFC obsoletes RFC1521, RFC1522, and RFC1590.
IETF 2045
http://www.ietf.org/rfc/rfc2045.txt
제목은 다음과 같습니다.
Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies
5.1. Syntax of the Content-Type Header Field
In the Augmented BNF notation of RFC 822, a Content-Type header field
value is defined as follows:
content := "Content-Type" ":" type "/" subtype
*(";" parameter)
; Matching of media type and subtype
; is ALWAYS case-insensitive.
type := discrete-type / composite-type
discrete-type := "text" / "image" / "audio" / "video" /
"application" / extension-token
composite-type := "message" / "multipart" / extension-token
extension-token := ietf-token / x-token
ietf-token := <An extension token defined by a
standards-track RFC and registered
with IANA.>
x-token := <The two characters "X-" or "x-" followed, with
no intervening white space, by any token>
subtype := extension-token / iana-token
iana-token := <A publicly-defined extension token. Tokens
of this form must be registered with IANA
as specified in RFC 2048.>
parameter := attribute "=" value
attribute := token
; Matching of attributes
; is ALWAYS case-insensitive.
value := token / quoted-string
token := 1*<any (US-ASCII) CHAR except SPACE, CTLs,
or tspecials>
tspecials := "(" / ")" / "<" / ">" / "@" /
"," / ";" / ":" / "\" / <">
"/" / "[" / "]" / "?" / "="
; Must be in quoted-string,
; to use within parameter values
여기서 파라미터는 ; charset=us-ascii 이런거 되겠지요..
Extended-token으로 정의되어 있는 부분은 다음과 설명이 되어 있습니다. X-application-type 이런거 그 예가 되겠지요..iana는 RFC2048을 참조하라고 되어 있네요.
(1) Private values (starting with "X-") may be defined
bilaterally between two cooperating agents without
outside registration or standardization. Such values
cannot be registered or standardized.
(2) New standard values should be registered with IANA as
described in RFC 2048.
재미있는 것은 위의 스펙에서는 왜 text/html이 보이지 않는 걸까요?
이건 따로 스펙이 있습니다. (http://www.ietf.org/rfc/rfc2854.txt)
제목 : The'text/html' Media Type
MIME media type name: text
MIME subtype name: html
위의 ietf-token 토큰이 여기에 해당되지요..
Html의 content type 전체 리스트는 구하기 힘들지만, 대충은 알아볼 수 있을 것이라 생각됩니다..
'web' 카테고리의 다른 글
multi-part/form-data (0) | 2007.08.23 |
---|---|
html 4.0의 select-optgroup (0) | 2007.08.23 |
HTTP post 길이 제한??? (있다, 없다) (0) | 2007.08.23 |
session clustering (0) | 2007.08.22 |
쿠키 제한 값? size and length of cookie limit (0) | 2007.08.22 |
포스트 요청은 바디안에 정보가 들어가 있네요.
HTTP 1.1은 길이 제한없습니다. 그러나, Http 1.0은 길이 제한 있을 수 있습니다.
스펙상 content-length값을 받기 때문에 해당값이 없으면, 문제가 생길 수 있습니다. 또한 content-length값을 user agent가 어떻게 받아들이냐에 따라 달라질 것입니다. 즉, 유효값의 범위가 명확지 않기 때문에 user agent가 다르게 처리할 수 있는 것이지요.
그래서, http 1.0을 쓰는 브라우져 혹은 서버에서는 이번 문제가 있어서 파일이 큰 multi-part 전송에 에러가 날 수 있지요.(전혀 그런 얘기를 들어본 적 있어요..)
참조
http://news-wap.com/ResearchTopic/summer2003/j2ee/webcontainer/http.htm
POST 요청 메소드
POST 메소드는 일반적으로 동적 자원에 접근하기 위해 사용된다. 전통적으로, POST 요청은 요청 종속적인 정보를 전송하기 위한 수단이며 서버에게 상당히 많은 양의 복잡한 정보를 전송할 필요가 있을 때 사용한다.
POST 요청은 multi-part 메시지들을 요청 몸체 속으로 캡슐화한다. 예를 들어, 텍스트나 이진 파일들을 업로드하기 위해 POST 요청을 사용할 수 있다. 이와 유사하게, 직렬화 가능한 자바 객체나 미가공 바이트들을 웹 서버에게 보내기 위해 애플릿 내에서 POST 요청을 사용할 수 있다. 그래서 POST 요청은 요청 내용에 따라 폭넓은 선택을 제공한다.
GET과 POST 요청에는 차이가 있다. GET 요청에서는 요청 매개변수들이 요청 URL에 추가된 질의 문자열로 전송된다. 그러나, POST 요청에서는 요청 매개변수들이 요청의 몸체 내에 넣어져서 전송된다. 이것은 두 가지 결과를 초래한다. 먼저, GET 요청은 완전한 요청 정보를 URL 자체에 추가시키기 때문에, 브라우저들이 그 페이지를 북마크하여 나중에 재방문할 수 있도록 해준다. 타입과 요청 매개변수들이 얼마나 민감한 것인가에 따라 바람직할 수도 있고 그렇지 않을 수도 있다. 두 번째로, 어떤 서버들은 요청 URL의 길이에 대한 제한을 둘 수 있다. 이러한 제한은 요청 URL에 추가될 수 있는 정보의 양을 제한한다. 하지만 HTTP1.1은 최대 길이 제한을 두고 있지 않다. HTTP1.0의 서버/클라이언트는 매우 긴 길이에 대해서는 지원하지 않을 수도 있다.
참조 HTTP 1.0 스펙
http://raonism.net/CSdb/protocol/rfc1945-kr.html
8.3 POST
POST 요구 메시지는 메시지의 entity body에 포함되어 있는 자원을 Request-Line에 있는 Request-URI에 지정되어 있는 대로 서버에서 수용해달라고 요청할 때 쓰인다. 즉, POST는 다음과 같은 기능을 수행하기 위한 한 가지 방법으로 설계되었다.
- 기존 문서에 주석을 붙일 때 (오홋)!!!
- BBS 게시판, 메일링 리스트, 뉴스그룹, 또는 글 모음 장소 등에 글을 올릴 때
- 어떤 프로그램의 실행을 위해 form과 같은 특정 규격의 데이타를 넘겨줄 때
- 부가적인 동작을 통해 데이타베이스를 확장하고자 할 때
POST method에 의해 수행되는 실제 동작은 서버에 의해 결정되고 통상 Request-URI에 의해 좌우된다. 포스팅되는 대상은, 하나의 화일이 어느 디렉토리에 자리하게 되고 뉴스가 포스팅되는 뉴스그룹에 올려지고 레코드가 데이타 베이스가 등록되는 등과 똑같은 방식으로 지정된 URI에 놓이게 된다.
POST는 대상 서버에 하나의 자원으로서 생성될 필요가 없고 추후의 참조를 위해 접근 가능해야 할 필요도 없다. 즉, POST method에 의해 수행되는 동작은 포스팅 되는 entity가 URI에 의해 지정될 수 있는 자원이 아니어도 된다는 것이다. 이 경우의 적절한 응답 결과 코드는 200 (ok) 또는 204 (no content)가 될 것인데, 응답 메시지에 entity가 포함되어 있느냐 있지 않느냐에 따라 구분이 될 것이다. 어떤 자원이 대상 서버에 생성되는 경우라면 응답 결과 코드는 201(created)이 되어야 하고 상태 정보나 생성된 새 자원에 대한 정보를 알려주는 entity가 포함되어 있어야 한다.
HTTP/1.0의 모든 POST 요구 메시지에는 Content-Length가 반드시 있어야 하며, 서버가 이에 대한 정보를 확보하지 못하게 되면 400(bad request) 메시지를 응답해야 한다.
(A valid Content-Length
is required on all HTTP/1.0 POST
requests. An HTTP/1.0 server should respond with a 400 (bad request) message if it cannot determine the length of the request message's content.)
응용 프로그램에서는 POST 요구 메시지에 대한 응답을 캐싱할 필요가 없다. 왜냐하면 서버가 추후의 요구 메시지에 대한 응답으로서 똑같은 응답을 할 것인지 알 수가 없기 때문이다.
여기서 저는 Content-length 길이에 대해서는 다음에 대해서 나와있지만, 유효값(0이상의 값, 적용되지 않을 때 정책은 나와있음) 은 나와있지 않습니다.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
HTTP 1.1
http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html
POST파트에 HTTP 1.0의 Content내용이 빠져있습니다. 그래서 길이 제한이 없다고 하는군요.
'web' 카테고리의 다른 글
html 4.0의 select-optgroup (0) | 2007.08.23 |
---|---|
HTTP content type(text/html) 전체 리스트 뽑아보기 (0) | 2007.08.23 |
session clustering (0) | 2007.08.22 |
쿠키 제한 값? size and length of cookie limit (0) | 2007.08.22 |
apache redirect 설정. (0) | 2007.06.14 |
Session clustering에 대한 조사입니다.
Session clustering을 WAS에서 대부분 제공되고 있나 봅니다. 톰캣, 웹 스피어 등등…
Session clustering의 특징을 요약해 보겠습니다.
- 여러대의 JVM에서 돌아가는 서버들이 하나의 공통된 HTTP Session table을 사용한다.
- Load balancing도 같이 된다. (의미 때문에)
- Server 2.2 스펙에서는 하나의 세션에 대해서 여러 리쿼스트가 여러 jvm에 있어서는 안된다고 되어 있어서 각 WAS별로 솔루션을 제공하고 있다.
n 예) websphere에서는 클러스터내의 한 서버에서 session 처리가 실패하면 클러스트터내의 다른 서버로 session table을 보내고, session처리가 가능하게 하도록 함.
http://publib.boulder.ibm.com/infocenter/wasinfo/v4r0/index.jsp?topic=/com.ibm.websphere.v4.doc/wasa_content/001102.html
0.11.2: What is session clustering?
The Session Manager session support allows multiple application server instances to share a common pool of sessions, known as a session cluster. A session cluster is the binding of the session to more than one active application server Java virtual machine (JVM) sharing a common HTTP session table.
The implementation of clustering in IBM WebSphere Application Server allows failover. This preserves session data integrity and the common pool of sessions in the event of a system failure in one or more of the clustered JVMs running servlets within a group of servers.
The session clustering implementation also allows load balancing, whereby the session workload is distributed among the JVMs that comprise the cluster.
Session clustering requires an affinity mechanism so that all requests for a particular session are directed to the same Java Virtual Machine (JVM) in the cluster. This conforms to the Servlet 2.2 Specification in that multiple requests for a session cannot coexist in multiple JVMs. One such solution provided by IBM WebSphere Application Server is Session Affinity in a server group; this solution is available as part of the WebSphere plug-ins for Web servers. If one of the servers in the cluster fails, it is possible for the request to be rerouted to another server in the cluster. The new server can access session data from the common SESSIONS table. This is transparent to the servlet, browser, and user.
The same Web application must be present on each of the servers that can access the session. This can be accomplished by installing a Web module into a server group. Each of the servers in the group can then access the Web application; if a persistence mechanism is used, sessions can fail over between servers.
Manually cloned environments (that is, those not in WebSphere server groups) can share session data between servers if the identical Web application is installed with the same virtual host name on each of the servers. These environments also require an affinity mechanism to ensure that the session is active in only one JVM at any given time.
If the JVM fails during the writing of session information in the session database, the update to the database does not get committed. Still, the common pool of sessions continues to function, including the session being processed at the time of failure.
For non-catastrophic failures (such as when the JVM remains functional), any session changes that cannot be completed are rolled back. The session reverts to its state prior to the start of the persistence operation. If instead the write operation is completed successfully and the changes are committed, the session is still accessible, regardless of the failure.
<톰캣 5>
http://tomcat.apache.org/tomcat-5.0-doc/cluster-howto.html
serialization을 이용하여 클러스터링을 할 수 있다.
· All your session attributes must implement java.io.Serializable
· Uncomment the Cluster element in server.xml
· Uncomment the Valve(ReplicationValve) element in server.xml
· If your Tomcat instances are running on the same machine, make sure the tcpListenPort attribute is unique for each instance.
· Make sure your web.xml has the <distributable/> element
Component Levels:
|
'web' 카테고리의 다른 글
HTTP content type(text/html) 전체 리스트 뽑아보기 (0) | 2007.08.23 |
---|---|
HTTP post 길이 제한??? (있다, 없다) (0) | 2007.08.23 |
쿠키 제한 값? size and length of cookie limit (0) | 2007.08.22 |
apache redirect 설정. (0) | 2007.06.14 |
Trust in E-commerce (0) | 2006.07.20 |
어디서 쿠키 제한이 왔을까요? 브라우져의 특성인가요?
익스플러어는 RFC 2109의 미니멈 제한을 따른다고 되어 있습니다. (http://support.microsoft.com/kb/306070)
그 내용은 다음과 같습니다.
- 적어도 300개
- 쿠키당 4096byte
- Unique host나 도메인에 20개까지
RTC 2109편 (http://www.faqs.org/rfcs/rfc2109.html) RFC 2109 - HTTP State Management Mechanism의 6.3을 보도록 하겠습니다.
즉, 브라우져(user agent) 특성에 따라 쿠키의 사이즈를 제한할 수 있다고 나오는군요. 제한도 없을 수도 있구요.
6.3 Implementation Limits
Practical user agent implementations have limits on the number and
size of cookies that they can store. In general, user agents' cookie
support should have no fixed limits. They should strive to store as
many frequently-used cookies as possible. Furthermore, general-use
user agents should provide each of the following minimum capabilities
individually, although not necessarily simultaneously:
* at least 300 cookies
* at least 4096 bytes per cookie (as measured by the size of the
characters that comprise the cookie non-terminal in the syntax
description of the Set-Cookie header)
* at least 20 cookies per unique host or domain name
User agents created for specific purposes or for limited-capacity
devices should provide at least 20 cookies of 4096 bytes, to ensure
that the user can interact with a session-based origin server.
The information in a Set-Cookie response header must be retained in
its entirety. If for some reason there is inadequate space to store
the cookie, it must be discarded, not truncated.
Applications should use as few and as small cookies as possible, and
they should cope gracefully with the loss of a cookie.
'web' 카테고리의 다른 글
HTTP post 길이 제한??? (있다, 없다) (0) | 2007.08.23 |
---|---|
session clustering (0) | 2007.08.22 |
apache redirect 설정. (0) | 2007.06.14 |
Trust in E-commerce (0) | 2006.07.20 |
FTP의 passive, active mode 설명 (0) | 2006.02.20 |
출처
http://blog.javastudy.co.kr/mgtech/tag/virtual%20host
■ Rewrite 사용예
1.www.ddobb.com:8000으로 들어오는 모든것을 leon.ddobb.com 으로 가도록 설정한 예 이다.
: www.ddobb.com:8000 뒤에 붙는 모든것들은 그대로 두고 도메인만 변경되는 것이다.
<VirtualHost 192.168.1.100:8000>
ServerAdmin webmaster@test.com
DocumentRoot /supp1/webdocs/
ServerName www.ddobb.com
ServerAlias ddobb.com *.ddobb.co.kr
RewriteEngine on
RewriteRule (.*) https://leon\.ddobb\.com$1 [C]
ErrorDocument 404 "http://www.ddobb.com/inedx.html"
</VirtualHost>
2. www.ddobb.com/aaa/bbb.jsp 라는 파일이 요청되면 www.ddobb.com/index2.html로 가도록 설정한 예이다.
<VirtualHost 192.168.1.100:80>
ServerAdmin webmaster@test.com
DocumentRoot /supp1/webdocs/
ServerName www.ddobb.com
ServerAlias ddobb.com *.ddobb.co.kr
RewriteEngine on
RewriteRule /aaa/bbb.jsp http://%{HTTP_HOST}/index2.html [C]
ErrorDocument 404 "http://www.directsamsung.com/inedx.html"
</VirtualHost>
'web' 카테고리의 다른 글
session clustering (0) | 2007.08.22 |
---|---|
쿠키 제한 값? size and length of cookie limit (0) | 2007.08.22 |
Trust in E-commerce (0) | 2006.07.20 |
FTP의 passive, active mode 설명 (0) | 2006.02.20 |
[펌] Axis Webservice 설치및 테스트 (0) | 2005.09.03 |
온라인상으나 오프라인상이나 Trust는 상당히 중요하다. 아니, 상도에서는 제일 중요하다고 볼 수 있다.
이 기사는 Trust에 대해서 분석적으로 접근하여 전자 상거래의 유발의 순차적이고 관계성을 View로 보고 있다.
엔지니어에게는 상당히 추상적으로 느껴질 수 있을 것이다.
인터넷 사용에 대한 믿음은 전자 상거래 웹싸이트에 대한 자세와 특정 웹 벤더에 대한 신뢰가 그 벤더에 대한 사용 의지를 높여 방문을 자주 하게 되고, 이런 과정을 통해서 웹 벤더와 사용자간의 relationship을 형성한다. 이런 관계의 발전을 극대화하여 신뢰를 구축하게 되고, 이 신뢰를 통해서 전자 상거래를 이루게 하여, 제품 구매자와 제품 공급자가 서로 가치를 얻을 수 있는 상태를 얻도록 하는 것이 이 기사의 주된 내용디ㅏ.
결과적으로 신뢰는 기술적, 행동학적, 사회학적, 심리학적인 복잡한 현상으로서, 인간과 비인간간의 구조적인 상호관계를 이룰 수 있다고 믿고 있다. 즉 고객과 온라인 비즈니스 사업자가 긴 시간동안의 신뢰성을 가지도록 하는 것을 통해 온라인 비즈니스 사업자가 돈을 벌 수 있는 방법에 대해서 강조하고 있다.
사실 개인적으로 특정 전자 상거래를 구입하기 위해서는 그 동안의 정(情)을 생각하고 구매를 결정하는 경우가 많다. 같은 제품이고 같은 가격이면, 나랑 관계가 있고, 과거의 구매경험이 있는 경우를 생각하고 구매한다고 본다면, 어느 정도 맞을 수 있다고 본다.
또한, 인간적인 신뢰 관계를 웹 벤더와 고객간의 관계를 최대한 극대화 하여 상대방이 돈을 쓰도록 구매할 수 있는 좋은 효과적인 방법을 웹 벤더는 생각해야 한다. 그러기 위해서는 꾸준한 컨텐츠를 통해서 기반 인프라를 바탕으로 좋은 정보를 보내줌으로서, 잠재 구매자에게 어필을 하는 것이 중요하다. 구매 결정을 할 수 있는 건덕지를 웹 벤더가 적용하는 것이 좋을 것이다.
내가 하는 있는 TV분야에서는 어떻게 적용하는 것이 좋을까? 결국 구매력을 가진 잠재력을 최대한 늘리기 위해서, 그리고, 양방향 데이터 방송에 대한 접근을 편리하게 하고, 좀 더 친밀감있게 접근하여 장기적으로 데이터 방송에 친숙하게 하여 신뢰를 튼튼히 한다. 그리고, 실제 구매력이 필요한 시점에서 자연스럽게 구매를 할 수 있는 형태의 호소력이 있는 T-commerce 어플리케이션을 이용하는 것이 효과적이라고 생각한다.
'web' 카테고리의 다른 글
쿠키 제한 값? size and length of cookie limit (0) | 2007.08.22 |
---|---|
apache redirect 설정. (0) | 2007.06.14 |
FTP의 passive, active mode 설명 (0) | 2006.02.20 |
[펌] Axis Webservice 설치및 테스트 (0) | 2005.09.03 |
[펌] web.xml 사용법 (0) | 2005.07.23 |
출처 http://slacksite.com/other/ftp.html
Active FTP vs. Passive FTP, a Definitive Explanation
Contents:
- Introduction
- The Basics
- Active FTP
- Active FTP Example
- Passive FTP
- Passive FTP Example
- Other Notes
- Summary
- References
- Appendix 1: Configuration of Common FTP Servers
Introduction
One of the most commonly seen questions when dealing with firewalls and other Internet connectivity issues is the difference between active and passive FTP and how best to support either or both of them. Hopefully the following text will help to clear up some of the confusion over how to support FTP in a firewalled environment.
This may not be the definitive explanation, as the title claims, however, I've heard enough good feedback and seen this document linked in enough places to know that quite a few people have found it to be useful. I am always looking for ways to improve things though, and if you find something that is not quite clear or needs more explanation, please let me know! Recent additions to this document include the examples of both active and passive command line FTP sessions. These session examples should help make things a bit clearer. They also provide a nice picture into what goes on behind the scenes during an FTP session. Now, on to the information...
The Basics
FTP is a TCP based service exclusively. There is no UDP component to FTP. FTP is an unusual service in that it utilizes two ports, a 'data' port and a 'command' port (also known as the control port). Traditionally these are port 21 for the command port and port 20 for the data port. The confusion begins however, when we find that depending on the mode, the data port is not always on port 20.
Active FTP
In active mode FTP the client connects from a random unprivileged port (N > 1023) to the FTP server's command port, port 21. Then, the client starts listening to port N+1 and sends the FTP command PORT N+1
to the FTP server. The server will then connect back to the client's specified data port from its local data port, which is port 20.
From the server-side firewall's standpoint, to support active mode FTP the following communication channels need to be opened:
- FTP server's port 21 from anywhere (Client initiates connection)
- FTP server's port 21 to ports > 1023 (Server responds to client's control port)
- FTP server's port 20 to ports > 1023 (Server initiates data connection to client's data port)
- FTP server's port 20 from ports > 1023 (Client sends ACKs to server's data port)
When drawn out, the connection appears as follows:
PORT 1027
. The server then sends an ACK back to the client's command port in step 2. In step 3 the server initiates a connection on its local data port to the data port the client specified earlier. Finally, the client sends an ACK back as shown in step 4.
The main problem with active mode FTP actually falls on the client side. The FTP client doesn't make the actual connection to the data port of the server--it simply tells the server what port it is listening on and the server connects back to the specified port on the client. From the client side firewall this appears to be an outside system initiating a connection to an internal client--something that is usually blocked.
Active FTP Example
Below is an actual example of an active FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d
) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.
There are a few interesting things to consider about this dialog. Notice that when the PORT
command is issued, it specifies a port on the client (192.168.150.80) system, rather than the server. We will see the opposite behavior when we use passive FTP. While we are on the subject, a quick note about the format of the PORT
command. As you can see in the example below it is formatted as a series of six numbers separated by commas. The first four octets are the IP address while the last two octets comprise the port that will be used for the data connection. To find the actual port multiply the fifth octet by 256 and then add the sixth octet to the total. Thus in the example below the port number is ( (14*256) + 178), or 3762. A quick check with netstat
should confirm this information.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2 Connected to testbox2.slacksite.com. 220 testbox2.slacksite.com FTP server ready. Name (testbox2:slacker): slacker ---> USER slacker 331 Password required for slacker. Password: TmpPass ---> PASS XXXX 230 User slacker logged in. ---> SYST 215 UNIX Type: L8 Remote system type is UNIX. Using binary mode to transfer files. ftp> ls ftp: setsockopt (ignored): Permission denied ---> PORT 192,168,150,80,14,178 200 PORT command successful. ---> LIST 150 Opening ASCII mode data connection for file list. drwx------ 3 slacker users 104 Jul 27 01:45 public_html 226 Transfer complete. ftp> quit ---> QUIT 221 Goodbye.
Passive FTP
In order to resolve the issue of the server initiating the connection to the client a different method for FTP connections was developed. This was known as passive mode, or PASV
, after the command used by the client to tell the server it is in passive mode.
In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. When opening an FTP connection, the client opens two random unprivileged ports locally (N > 1023 and N+1). The first port contacts the server on port 21, but instead of then issuing a PORT
command and allowing the server to connect back to its data port, the client will issue the PASV
command. The result of this is that the server then opens a random unprivileged port (P > 1023) and sends the PORT P
command back to the client. The client then initiates the connection from port N+1 to port P on the server to transfer data.
From the server-side firewall's standpoint, to support passive mode FTP the following communication channels need to be opened:
- FTP server's port 21 from anywhere (Client initiates connection)
- FTP server's port 21 to ports > 1023 (Server responds to client's control port)
- FTP server's ports > 1023 from anywhere (Client initiates data connection to random port specified by server)
- FTP server's ports > 1023 to remote ports > 1023 (Server sends ACKs (and data) to client's data port)
When drawn, a passive mode FTP connection looks like this:
PASV
command. The server then replies in step 2 with PORT 2024
, telling the client which port it is listening to for the data connection. In step 3 the client then initiates the data connection from its data port to the specified server data port. Finally, the server sends back an ACK in step 4 to the client's data port.
While passive mode FTP solves many of the problems from the client side, it opens up a whole range of problems on the server side. The biggest issue is the need to allow any remote connection to high numbered ports on the server. Fortunately, many FTP daemons, including the popular WU-FTPD allow the administrator to specify a range of ports which the FTP server will use. See Appendix 1 for more information.
The second issue involves supporting and troubleshooting clients which do (or do not) support passive mode. As an example, the command line FTP utility provided with Solaris does not support passive mode, necessitating a third-party FTP client, such as ncftp.
With the massive popularity of the World Wide Web, many people prefer to use their web browser as an FTP client. Most browsers only support passive mode when accessing ftp:// URLs. This can either be good or bad depending on what the servers and firewalls are configured to support.
Passive FTP Example
Below is an actual example of a passive FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d
) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.
Notice the difference in the PORT
command in this example as opposed to the active FTP example. Here, we see a port being opened on the server (192.168.150.90) system, rather than the client. See the discussion about the format of the PORT
command above, in the Active FTP Example section.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2 Connected to testbox2.slacksite.com. 220 testbox2.slacksite.com FTP server ready. Name (testbox2:slacker): slacker ---> USER slacker 331 Password required for slacker. Password: TmpPass ---> PASS XXXX 230 User slacker logged in. ---> SYST 215 UNIX Type: L8 Remote system type is UNIX. Using binary mode to transfer files. ftp> passive Passive mode on. ftp> ls ftp: setsockopt (ignored): Permission denied ---> PASV 227 Entering Passive Mode (192,168,150,90,195,149). ---> LIST 150 Opening ASCII mode data connection for file list drwx------ 3 slacker users 104 Jul 27 01:45 public_html 226 Transfer complete. ftp> quit ---> QUIT 221 Goodbye.
Other Notes
A reader, Maarten Sjouw, pointed out that active FTP will not function when used in conjunction with a client-side NAT (Network Address Translation) device which is not smart enough to alter the IP address info in FTP packets.
Summary
The following chart should help admins remember how each FTP mode works:
Active FTP : command : client >1023 -> server 21 data : client >1023 <- server 20 Passive FTP : command : client >1023 -> server 21 data : client >1023 -> server >1023
A quick summary of the pros and cons of active vs. passive FTP is also in order:
Active FTP is beneficial to the FTP server admin, but detrimental to the client side admin. The FTP server attempts to make connections to random high ports on the client, which would almost certainly be blocked by a firewall on the client side. Passive FTP is beneficial to the client, but detrimental to the FTP server admin. The client will make both connections to the server, but one of them will be to a random high port, which would almost certainly be blocked by a firewall on the server side.
Luckily, there is somewhat of a compromise. Since admins running FTP servers will need to make their servers accessible to the greatest number of clients, they will almost certainly need to support passive FTP. The exposure of high level ports on the server can be minimized by specifying a limited port range for the FTP server to use. Thus, everything except for this range of ports can be firewalled on the server side. While this doesn't eliminate all risk to the server, it decreases it tremendously. See Appendix 1 for more information.
References
An excellent reference on how various internet protocols work and the issues involved in firewalling them can be found in the O'Reilly and Associates book, Building Internet Firewalls, 2nd Ed, by Brent Chapman and Elizabeth Zwicky.
Finally, the definitive reference on FTP would be RFC 959, which sets forth the official specifications of the FTP protocol. RFCs can be downloaded from numerous locations, including http://www.faqs.org/rfcs/rfc959.html.
'web' 카테고리의 다른 글
apache redirect 설정. (0) | 2007.06.14 |
---|---|
Trust in E-commerce (0) | 2006.07.20 |
[펌] Axis Webservice 설치및 테스트 (0) | 2005.09.03 |
[펌] web.xml 사용법 (0) | 2005.07.23 |
Tomcat 4.1.12 버전에서 서블릿 접근 (0) | 2005.02.08 |
작성자: 김인태 (http://blog.naver.com/inking007)
제목: Axis WebService 설치및 테스트
참고 : http://www.javaworld.com/javaworld/jw-04-2003/jw-0411-axis_p.html
-------------------------------------------------------------------------
Axis 설치
1) Apache Tomcat 설치
버전 4.1 이상 Full 버전으로 설치해야만 한다.
2) JDK 설치
버전 1.3 이상으로 설치 해야만 한다.
3) Axis 다운로드 후 CLASSPATH를 설정한다.
c:\axis에 설치했다고 가정하면 다음과 같이 설정해 준다.
set AXIS_HOME=c:\axis
set AXIS_LIB=%AXIS_HOME%\lib
set AXISCLASSPATH=%AXIS_LIB%\axis.jar;%AXIS_LIB%\commons-discovery.jar;
%AXIS_LIB%\commons-logging.jar;%AXIS_LIB%\jaxrpc.jar;%AXIS_LIB%\saaj.jar;
%AXIS_LIB%\log4j-1.2.8.jar;%AXIS_LIB%\xml-apis.jar;%AXIS_LIB%\xercesImpl.jar;%AXIS_LIB%\wsdl4j.jar
set CLASSPATH=%CLASSPATH%;%AXISCLASSPATH%
CLASSPATH에 있는 xml-apis.jar 파일과 xercesImpl.jar 파일은 http://xml.apache.org/xerces2-j/ 에 접속해서 다운로드 받으면 된다.
4) c\axis\webapps\axis 디렉토리를 tomcat의 webapps에 복사한다.
5) 톰켓 실행
6) 테스트
> 연결 테스트
> 라이브러리 테스트
http;//localhost:8080/axis/happyaxis.jsp
> SOAP 테스트
http://localhost:8080/axis/services/Version?method=getVersion
다음과 같이 출력되어야 한다. (build date와 version등은 다를수 있다.)
<?xml version="1.0" encoding="UTF-8" ?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<getVersionResponse
soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<getVersionReturn
xsi:type="xsd:string">
Apache Axis version: 1.1 Built on Apr 04, 2003 (01:30:37 PST)
</getVersionReturn>
</getVersionResponse>
</soapenv:Body>
</soapenv:Envelope>
> AdminClient 테스트
cd c:\axis\stock
java -cp %AXISCLASSPATH% org.apache.axis.client.AdminClient -lhttp://localhost:8080/axis/services/AdminService deploy.wsdd
ClassNotFoundException 오류가 발생한경우 CLASSPATH를 확인해 볼것
deploy가 성공했는지 확인한다.
http://localhost:8080/axis/servlet/AxisServlet
다음과 같이 웹서비스가 설치되었는지 확인해 본다.
urn:xmltoday-delayed-quotes (wsdl)
test
getQuote
> 클라이언트 수행 테스트
java -cp .;%AXISCLASSPATH% samples.stock.GetQuote -lhttp://localhost:8080/axis/servlet/AxisServlet -uuser1 -wpass1 XXX
실행결과가 55.25가 출력된 경우.. 성공!!
웹서비스를 알려면 SOAP, WSDL, WSDD 대해서 꼭 알아야 한다.
자세한 내용은 추후에 설명하도록 한다.
SOAP (Simple Object Access Protocol)
WSDL (Web Service Description Langauge)
WSDD (Web Service Deployment Descriptor)
프로그램을 작성하는 순서
1. 서버 Interface와 구현 Class를 작성한후 컴파일 한다.
2. 구현 클래스로 부터 WSDL 파일을 생성한다.
3. WSDL 파일로 부터 deploy.wsdd 파일을 생성한다.
4. deploy.wsdd 파일을 이용해서 웹서비스를 deploy하고 server-config.wsdd 파일을 생성 수정한다.
5. 구현클래스로 부터 client-side 클래스를 생성한다.
프로그램 작성 플로우
1) 자바 Interface와 자바 Implement 클래스 작성
//begin - HelloIF.java
package webservice.hello;
public interface HelloIF extends java.rmi.Remote {
public String hello(java.lang.String name) throws java.rmi.RemoteException;
}
//end - HelloIF.java
//begin - HelloImpl.java
package webservice.hello;
public class HelloImpl implements HelloIF {
public HelloImpl() {
}
public String hello(String name) {
System.out.println(name);
return "hi " + name;
}
}
//end - HelloImpl.java
컴파일
javac -d . HelloImpl.java
컴파일 후 webservice/hello 디렉토리밑에 HelloImpl.class 와 HelloIF.class가 생성되었는지 확인한다.
생성된 class파일을 C:\lecture\Tomcat 4.1\webapps\axis\WEB-INF\classes 디렉토리에 패키지 디렉토리를 포함해서 복사한다.
2) 구현 클래스로부터 WSDL 작성
java org.apache.axis.wsdl.Java2WSDL -o c:\javaprogram\webservice\hello\Hello.wsdl -l http://localhost:8080/axis/services/Hello -n http://hello.webservice -pwebservice.hello http://hello.webservice webservice.hello.HelloIF
Java2WSDL 인자 (http://ws.apache.org/axis/java/reference.html)
인자 |
의미 |
-o 파일경로 |
wsdl 생성 위치 |
-l URL |
client가 접속할 URL |
-n 네임스페이스 |
WSDL의 타켓 네임스페이스 |
-p패키지 네임스페이스 |
네임스페이스와 네임스페이스 매핑 |
Target |
인터페이스 이름 |
생성된 wsdl 파일
<?xml version="1.0" encoding="UTF-8"?> <wsdl:message name="helloResponse"> <wsdl:part name="helloReturn" type="xsd:string"/> </wsdl:message> <wsdl:message name="helloRequest"> <wsdl:part name="in0" type="xsd:string"/> </wsdl:message> <wsdl:portType name="HelloIF"> <wsdl:operation name="hello" parameterOrder="in0"> <wsdl:input name="helloRequest" message="impl:helloRequest"/> <wsdl:output name="helloResponse" message="impl:helloResponse"/> </wsdl:operation> </wsdl:portType> <wsdl:binding name="HelloSoapBinding" type="impl:HelloIF"> <wsdlsoap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/> <wsdl:operation name="hello"> <wsdlsoap:operation soapAction=""/> <wsdl:input name="helloRequest"> <wsdlsoap:body use="encoded" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" namespace="http://hello.webservice"/> </wsdl:input> <wsdl:output name="helloResponse"> <wsdlsoap:body use="encoded" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" namespace="http://hello.webservice"/> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:service name="HelloIFService"> <wsdl:port name="Hello" binding="impl:HelloSoapBinding"> <wsdlsoap:address location="http://localhost:8080/axis/services/Hello"/> </wsdl:port> </wsdl:service> </wsdl:definitions> |
3), 4) WSDL 파일로 부터 deploy.wsdd 파일 생성 및 client-side 자바 클래스 생성
java org.apache.axis.wsdl.WSDL2Java -o c:\javaprogram\webservice\hello\ -d Application -s c:\javaprogram\webservice\hello\Hello.wsdl
c:\javaprogram\webservice\hello 디렉토리 하위에 webservice/hello 새로운 디렉토리가 생성된것을 확인 할수 있다.
그 디렉토리에 deploy.wsdd 파일과 새롭게 생성된 자바 파일이 존재해야 한다.
WSDL2Java 인자
인자 |
의미 |
-o 디렉토리경로 |
wsdd 파일과 클래스파일이 생길 디렉토리 |
-d scope |
설치 영역 – Application, Request , Session |
-s |
wsdd 파일 생성 |
Target |
wsdl 파일 경로 |
deploy.wsdd 파일 수정
wsdd 파일은 wsdl 파일만 가지고 생성되었기 때문에 실제 구현클래스가 무엇인지 제대로 설정이 안되어 있으므로 그부분을 수정해 주어야한다.
<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> <!-- Services from HelloIFService WSDL service --> <service name="Hello" provider="java:RPC" style="rpc" use="encoded"> <parameter name="wsdlTargetNamespace" value="http://hello.webservice"/> <parameter name="wsdlServiceElement" value="HelloIFService"/> <parameter name="wsdlServicePort" value="Hello"/> <parameter name="className" value="webservice.hello.HelloImpl"/> <parameter name="wsdlPortType" value="HelloIF"/> <operation name="hello" qname="operNS:hello" xmlns:operNS="http://hello.webservice" returnQName="helloReturn" returnType="rtns:string" xmlns:rtns="http://www.w3.org/2001/XMLSchema" > <parameter name="in0" type="tns:string" xmlns:tns="http://www.w3.org/2001/XMLSchema"/> </operation> <parameter name="allowedMethods" value="hello"/> <parameter name="scope" value="Application"/> </service> </deployment> |
서비스 디플로이먼트
java org.apache.axis.client.AdminClient -lhttp://localhost:8080/axis/services/AdminService deploy.wsdd
디플로이먼트 확인하기
http://localhost:8080/axis/servlet/AxisServlet
'Hello' 라는 서비스가 설치된것을 확인할 수 있다.
서비스 테스트하기
'web' 카테고리의 다른 글
Trust in E-commerce (0) | 2006.07.20 |
---|---|
FTP의 passive, active mode 설명 (0) | 2006.02.20 |
[펌] web.xml 사용법 (0) | 2005.07.23 |
Tomcat 4.1.12 버전에서 서블릿 접근 (0) | 2005.02.08 |
web.xml 설명. (0) | 2005.02.04 |
Understanding web.xml Files | 펌글 | 2004/11/23 11:22 | ||
http://blog.naver.com/joy7600/40008189699 | |||
http://www.shockrave.com/v1/handlers/index.cfm?id=19399&method=full
Understanding web.xml Files by Matt Horn Deployment Descriptor OverviewDeployment descriptors are text-based XML files whose elements describe how to deploy and assemble components into a specific environment. They also contain information about the components that can specify settings not contained in the code of the components themselves, such as initialization parameters and security settings.This section explains the various types of deployment descriptors found in J2EE-compliant systems and then focuses on the web.xml file, the web component deployment descriptor. Types of deployment descriptorsDeployment descriptors come in several flavors as defined by the J2EE specification. There are three major deployment descriptors, which correspond to three major pieces of the J2EE:
This article does not address the J2EE application client module and J2EE connector module, which also have their own deployment descriptors. Furthermore, Tag Library Descriptor (TLD) files which describe custom JSP tag libraries are not discussed. The following illustration shows two web modules, app1.war and app2.war, each containing an assortment of web components (such as JSPs, and servlets) as well as static web files (HTML files and GIFs), within a J2EE application. It also shows an EJB module with EJB components (app_ejbs.jar). Notice that just as each web and EJB module has its own deployment descriptor, so does the J2EE application.
Why you need deployment descriptorsDeployment descriptors relate installation and configuration information about applications to the application servers. They can also be used to convey information about the application to other people involved in the development process. If you want to create an application that can be deployed without the headache of manually configuring its components, then packaging it as a WAR, JAR, or EAR file is the best approach. Each of these files requires a deployment descriptor. Overlapping elementsThe following bulleted lists are meant to show the overlap of deployment descriptor elements. Common elements in all descriptors (web.xml, application.xml, and ejb- jar.xml):Elements in only web.xml and ejb-jar.xml deployment descriptors:Elements in application.xml deployment descriptor only:Elements in web.xml deployment descriptor only:Elements in ejb-jar.xml deployment descriptor only:As you can see, there can be overlapping of elements in the deployment descriptors. Each of the modules have their own common elements such as descriptions, icons and display names. While these elements share element names and syntax, it is important to remember that they affect only the module whose deployment descriptor they are in. However, sometimes the modules define elements that interact with other module's elements. For example, the application.xml, ejb-jar.xml and web.xml files can all define security roles. It is the role of the application assembler to make sure that the descriptors complement one another rather than provide contradictory configuration information. For complete descriptions of the various XML files and their allowed values, you can view the DTDs in the module specifications. The elements of the web.xml file are described in detail in "web.xml Elements". The rest of this article provides information on the web application deployment descriptor file. For information on the EJB and J2EE deployment descriptors, refer to their respective specifications. Introduction to the web.xml FileThe web.xml file is used by the J2EE application server during deployment of a web module. It describes the web components used by that web module, environment variables, and security requirements. This information is stored as /WEB-INF/web.xml. For example, the default application's deployment descriptor might be stored as /usr/jrun/servers/default/default-app/WEB-INF/web.xml. You must add a web.xml deployment descriptor to any WAR file you want to deploy as a web application. You can then add your web module to a J2EE application, which has its own deployment descriptor (application.xml) in addition to the web module's web.xml. Who creates web.xml filesJRun and the web component creator share in the creation of the web.xml deployment descriptor. Some but not all of the settings in the web.xml file can be created or edited programmatically by using JMC panels. For example, there is currently no panel to write user/role/group information to the web.xml file. For detailed information on which elements in a web.xml file can be defined by JMC panels, review the descriptions in the following sections. A table in third part of this series lists all the primary elements and shows which JMC panel defines that element. web.xml ElementsThe web.xml file can define the following information, as defined by the web application deployment descriptor data type definition (DTD) in the Servlet specification: Note the following syntax rules for a DTD:
The web.xml file contains the following types of elements:
These elements are described in the next two parts of this three-part series. The second installment discusses the types of elements contained in the web.xml file. The third installment discusses using environment variables and creating web.xml files, and shows complete examples of web.xml files. Click here to read the next installment.
Understanding the web.xml Deployment Descriptor, Part 2 This is the second installment of a three installment series, and describes the syntax of web.xml files. This second installment has two parts. The continuation of this second installment can be viewed here. The first installment introduced the basics of deployment descriptors. The third installment discusses using environment variables and creating web.xml files, and shows complete examples of web.xml files. web-app element<web-app>web.xml elements</web-app> <web-app>The Application elementsApplication elements define attributes that apply to an entire web application. General application elementsGeneral application elements allow you to specify a description and application name. When you create an application using the Create An Application panel in the JMC, you cannot set the general elements described in this section. You can set them in the Edit An Application panel or use a text or XML editor and edit the web.xml file directly. <description>description</description>? <display-name>name</display-name>? <description>description</description>?Provides a description of the web application. Define this element in the <display-name>name</display-name>?Provides a short web application name. This element is intended for use in graphical programming tools. You define this element in the Icon
<icon>? <large-icon>file path</large-icon>? <small-icon>file path</small-icon>? </icon> <icon>?Defines an icon. <Large-icon>?Location within the web application of a 32x32 GIF or JPEG file containing an icon image. <Small-icon>?Location within the web application of a 16x16 GIF or JPEG file containing an icon image. Context-param*
<context-param>* <param-name>name</param-name> <param-value>value</param-value> <description>description</description>? </context-param> <context-param>*Defines a context parameter. <param-name>Specifies the parameter name. You define this element through the <param-value>Specifies the parameter value. You define this element through the <Description>Specifies the parameter description. This parameter cannot be set in the JMC. You can specify it by editing the web.xml file using a text editor or an XML editor. For more information on the variables available to the components in a servlet container environment, refer to "Environment Variables". Welcome-file-list?The <welcome-file-list>? <welcome-file>file name</welcome-file>+ </welcome-file-list> <welcome-file-list>?Contains one or more <welcome-file>+Specifies a default welcome file. Error-page*The For more information on how error pages are used, refer to Developing Applications with JRun. <error-page>* <error-code>HTTP error code</error-code> <exception-type>Java exception class</exception-type> <location>location</location> </error-page> <error-page>*Contains elements that define an HTTP error code or Java exception. <error-code>Specifies an HTTP error code. You specify either <exception-type>Specifies a Java exception class. You specify either <location>Specifies the location of the error-page in the web application. Session-config*The Note that <session-config>* <session-timeout>timeout in minutes</session-timeout>? </session-config> <session-config>*Contains the <session-timeout>?Specifies the session timeout interval in minutes. Servlet-mapping*The <servlet-mapping>* <servlet-name>name</servlet-name> <url-pattern>mapping pattern</URL-pattern> </servlet-mapping> <servlet-mapping>*Contains servlet mapping elements. <servlet-name>Specifies the registered servlet name (also known as the alias), as defined in the JMC or the <URL-pattern>Specifies a URL pattern. When a URL that matches Mime-mapping*The <mime-mapping>* <extension>extension</extension> <mime-type>mime type</mime-type> </mime-mapping> <mime-mapping>*Contains an <extension>Specifies a file extension. You define this element through the <mime-type>Specifies the MIME type associate with the extension. You define this element through the For example, if you are creating a WAP applications, you might add the following MIME mappings: <mime-mapping> <extension>wml</extension> <mime-type>text/vnd.wap.wml</mime-type> </mime-mapping> <mime-mapping> <extension>wbmp</extension> <mime-type>image/vnd.wap.wbmp</mime-type> </mime-mapping> Taglib*The <taglib>* <taglib-uri>uri</taglib-uri> <taglib-location>location</taglib-location> </taglib> <taglib>*Contains elements that associate a taglib URI with a physical location. <taglib-uri>Specifies a URI that JSP pages use to identify the tag library in the <taglib-location>Specifies the location of the tag library's TLD file. For example, Resource-ref*The <resource-ref>* <description>description</description>? <res-ref-name>resource factory reference name</res-ref-name> <res-type>java class</res-type> <res-auth>CONTAINER or SERVLET</res-auth> </resource-ref> <resource-ref>*Contains elements that describe an external reference. <Description>?Specifies a brief description. <res-ref-name>Specifies the resource factory reference name. <res-type>Specifies the Java class of the data source. <res-auth>Indicates that the application performs a resource login programmatically ( Servlet elementsServlet elements define servlets and their usage. You typically define servlet settings through the JMC. The servlet element has the following general form: <servlet>* sub-elements </servlet> This is the second installment of a three installment series, and describes the syntax of web.xml files. This second installment has two parts. The continuation of this second installment can be viewed here. The first installment introduced the basics of deployment descriptors. The third installment discusses using environment variables and creating web.xml files, and shows complete examples of web.xml files.
Understanding the web.xml Deployment Descriptor, Part 2 (continued) This is the continuation of the second installment of a three part series, and describes the syntax of web.xml files. The first part of the second installment can be found here. The first installment introduced the basics of deployment descriptors. The third installment discusses using environment variables and creating web.xml files, and shows complete examples of web.xml files. The following sections describe the contents of the servlet element: General servlet elements<icon>? <large-icon>file path</large-icon>? <small-icon>file path</small-icon>? </icon> <servlet-name>name</servlet-name> <display-name>name</display-name>? <description>description</description>? <servlet-class>fully qualified class name</servlet-class> <jsp-file>file name</JSP-file> <icon>?For more information on the <Servlet-name>Specifies the registered name of the servlet. Other servlets and JSP pages reference the servlet using either this name or its class name. Define this element in the <Display-name>?Provides a short servlet name. Intended for use in graphical programming tools. Define this element in the <Description>?Provides a description of the servlet. You define this element in the <servlet-class>Specifies the fully qualified class name for the servlet. A <JSP-file>Specifies the full path to a JSP file within the web application. A Init-param*The <init-param>* <param-name>name</param-name> <param-value>value</param-value> <description>description</description>? </init-param> <init-param>*Contains elements that define a servlet-level initialization parameter. <param-name>Specifies the parameter name. Define this element in the <param-value>Specifies the parameter value. Define this element in the <Description>?Specifies a description for the initialization parameter. You cannot define this element through the JMC. You specify it by editing the web.xml file using a text editor or an XML editor. For more information on the variables available to the components in a servlet container environment, refer to "Environment Variables". Load-on-startup?The presence of this element indicates that JRun loads the servlet at startup. Define this element using the Servlet Preload Order dialog box from the Servlet Definitions panel in the JMC. For more information, refer to the JRun Setup Guide. <load-on-startup>optional sequence</load-on-startup>? <load-on-startup>?Specifies that JRun loads the servlet at startup time. You can optionally enclose a positive integer to indicate a relative loading sequence. JRun loads lower integers before higher integers. For example, the following code indicates that FredServlet gets loaded first, followed by TomServlet. <servlet> <servlet-name>FredServlet</servlet-name> ... <load-on-startup>1</load-on-startup> ... </servlet> <servlet> <servlet-name>TomServlet</servlet-name> ... <load-on-startup>2</load-on-startup> ... </servlet> Security-role-ref*The <security-role-ref>* <description>description</description>? <role-name>name</role-name> <role-link>role from security-role</role-link> </security-role-ref> <security-role-ref>*Contains a security role reference. <Description>?Specifies a brief description. <role-name>Specifies the security role reference used within the servlet's code. <role-link>Specifies the related role name, as defined in the user data store. Security elementsWeb.xml security elements specify the resources to be secured and the roles authorized to access secure resources. You cannot define these elements through the JMC. You specify them by editing the web.xml file using a text editor or an XML editor. For more information on the security elements in the web.xml file, refer to Developing Applications with JRun. Security-constraint*The <security-constraint>* sub-elements </security-constraint> The following discussions describe the contents of the web-resource-collection+The <web-resource-collection>+ <web-resource-name>name</web-resource-name> <description>description</description>? <URL-pattern>pattern</URL-pattern>* <http-method>method</HTTP-method>* </web-resource-collection> <web-resource-collection>+Contains elements that identify the resources and HTTP methods to which a security constraint applies. <web-resource-name>Specifies the name of the web resource collection. <Description>?Specifies a description for the web resource collection. <URL-pattern>*Identifies the resources to be secured (for example, <HTTP-method>*Specifies the HTTP method for which the security constraint applies. If you do not specify this element, JRun applies the security constraint to all methods. Auth-constraint?The <auth-constraint>? <description>description</description>? <role-name>name</role-name>* </auth-constraint> <auth-constraint>?Contains elements that specify the roles that can access the collection. <Description>?Specifies a description for the constraint. <Role-name>*Specifies the roles that can access the resources affected by Login-config?The <login-config>? <auth-method>BASIC or FORM</auth-method>? <realm-name>name</realm-name>? <form-login-config>sub-elements</form-login-config>? </login-config> <login-config>?Contains elements that specify authentication instructions. <auth-method>?Specifies the user validation method. This can be either HTTP challenge/response ( <realm-name>?Specifies the realm name to use in HTTP <form-login-config>?Specifies a login page and an error page through the following sub-elements:
Environment entriesThe <env-entry>* <description>description</description>? <env-entry-name>name</env-entry-name> <env-entry-value>value</env-entry-value>? <env-entry-type>type</env-entry-type> </env-entry> <env-entry>*Contains elements that define the application's environment entry. <Description>?Specifies a description for the environment entry. <env-entry-name>Specifies the name of the environment entry. <env-entry-value>?Specifies the value of the environment entry. <env-entry-type>Specifies the fully-qualified Java type of For more information on the variables available to the components in a servlet container environment, refer to "Environment Variables". EJB referencesThe <EJB-ref>* <description>description</description>? <ejb-ref-name>name</EJB-ref-name> <ejb-ref-type>type</EJB-ref-type> <home>home interface</home> <remote>remote interface</remote> <ejb-link>ejb name</ejb-link>? </ejb-ref> <ejb-ref>*Contains elements that declare an EJB. <Description>?Specifies a description for the EJB. <ejb-ref-name>Specifies the JNDI name that servlets use to get a reference to the EJB. <ejb-ref-type>Specifies the Java class type of the referenced EJB. <home>Specifies the fully qualified name of the EJB's home interface. <remote>Specifies the fully qualified name of the EJB's remote interface. <ejb-link>?Specifies that the reference is linked to an EJB in an encompassing J2EE application package. The value of this element must be the Unsupported elementsThe following list outlines web.xml elements that are named in the Java Servlet Specification, version 2.2 but are not supported by JRun: This is the continuation of the second installment of a three part series, and describes the syntax of web.xml files. The first part of the second installment can be found here. The first installment introduced the basics of deployment descriptors. The third installment discusses using environment variables and creating web.xml files, and shows complete examples of web.xml files. Understanding the web.xml Deployment Descriptor, Part 3 This is the third part of a three-part series. This installment discusses using environment variables, creating web.xml files, and shows complete examples of web.xml files. The first installment introduced the basics of deployment descriptors. The second installment covered the syntax of web.xml files. Environment VariablesThere are two kinds of environment variables available to components within web modules that you can set in the web.xml deployment descriptor. These are:
These environment variables are explained in the sections that follow. Component-specific parametersComponent-specific parameters are set in the For example, you could define a component-specific parameter in a deployment descriptor as follows: <servlet> <init-param> <param-name>EmailAddress</param-name> <param-value>sales@Macromedia.com</param-value> </init-param> </servlet> Component-specific parameters are accessible through the String addy = this.getInitParameter("EmailAddress"); Container-specific environment variablesContainer-specific environment variables can be used to provide configuration information to all web components (such as servlets and JSPs) within a web application or servlet container environment. There are two available container-specific environment variables: Both types of variables can be accessed from any web component in the servlet container environment, however, they are accessed in different ways, described in the sections that follow. Container parametersContainer parameters are set in the For example, you could define a container parameter in a deployment descriptor as follows: <context-param> <param-name>footerPage</param-name> <param-value>/data/foot11-00.html</param-value> </context-param> Container parameters are accessible through the ServletContext context = this.getServletContext(); String footer = context.getInitParameter("footerPage"); While this appears very similar to the component-specific parameters, remember that these parameters can be accessed from any web component within the servlet container environment. Application environment variablesApplication environment variables are set in the The <env-entry> <env-entry-name>headerPage</env-entry-name> <env-entry-value>/data/head11-00.html</env-entry-value> <env-entry-type>java.lang.String</env-entry-type> </env-entry> Application environment variables are accessed in the java:comp/env context through a JNDI lookup rather than from a InitialContext context = new InitialContext(); String header = (String) context.lookup("java:comp/env/headerPage"); The JNDI Creating a web.xml FileThe web.xml file is created both by the JMC and the programmer since the JMC does not have panels that can make all the changes. The easiest way to create a web.xml file is to let JRun do most of the work. The general process of creating a web.xml file follows. Examples of web.xml FilesThis section provides a basic example of a web.xml file and a security example. For more web.xml file examples, refer to the Java Servlet Specification, version 2.2. Basic exampleThe following example web.xml file contains basic information. <web-app> <display-name>JRun Demo</display-name> <description>JRun Demo</description> <session-config> <session-timeout>30</session-timeout> </session-config> <mime-mapping> <extension> txt </extension> <mime-type> text/plain </mime-type> </mime-mapping> <mime-mapping> <extension> html </extension> <mime-type> text/html </mime-type> </mime-mapping> <welcome-file-list> <welcome-file> index.html </welcome-file> </welcome-file-list> </web-app> Security exampleThe following web.xml file contains entries that enable authentication. <web-app> <display-name>Security Default</display-name> <description>Default application for testing security</description> <session-config> <session-timeout>30</session-timeout> </session-config> <mime-mapping> <extension> txt </extension> <mime-type> text/plain </mime-type> </mime-mapping> <mime-mapping> <extension> html </extension> <mime-type> text/html </mime-type> </mime-mapping> <error-page> <error-code>401</error-code> <location>/Unauthorized.html</location> </error-page> <error-page> <error-code>403</error-code> <location>/Forbidden.html</location> </error-page> <login-config> <auth-method> FORM </auth-method> <realm-name> Sales </realm-name> <form-login-config> <form-login-page> /login.html </form-login-page> <form-error-page> /loginerror.html </form-error-page> </form-login-config> </login-config> <security-constraint> <web-resource-collection> <web-resource-name>SalesInfo</web-resource-name> <url-pattern>/servlet/Sn*</URL-pattern> <http-method>GET</HTTP-method> <HTTP-method>POST</HTTP-method> <description>Sales Info Resource</description> <auth-constraint> <role-name>manager</role-name> <description>Managers only</description> </auth-constraint> </web-resource-collection> </security-constraint> <welcome-file-list> <welcome-file> index.jsp </welcome-file> <welcome-file> index.html </welcome-file> </welcome-file-list> <servlet> <servlet-name> SecureSnoop </servlet-name> <servlet-class> SecureSnoop </servlet-class> <security-role-ref> <role-name> MGR </role-name> <role-link> manager </role-link> </security-role-ref> </servlet> </web-app> This installment discussed using environment variables, creating web.xml files, and showed complete examples of web.xml files. The first installment introduced the basics of deployment descriptors. The second installment covered the syntax of web.xml files. |
'web' 카테고리의 다른 글
FTP의 passive, active mode 설명 (0) | 2006.02.20 |
---|---|
[펌] Axis Webservice 설치및 테스트 (0) | 2005.09.03 |
Tomcat 4.1.12 버전에서 서블릿 접근 (0) | 2005.02.08 |
web.xml 설명. (0) | 2005.02.04 |
server.xml (0) | 2005.02.04 |