MaVRoSCy
MaVRoSCy

Reputation: 17849

Migration from Weblogic to Apache Tomcat

I am migrating my project(uses servlets / jsp / jdbc / jndi) build on Weblogic 10c to an Apache Tomcat 7.0.22. I have managed to configure the ldap authentication server and also to replace the xxx-jdbc.xml used by weblogic. Now my problem is that i am trying to migrate the weblogic.xml file found in web Content/WEB-INF directory. The contents of the xml file are the following:

<?xml version = '1.0' encoding = 'UTF-8'?>
<weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-web-app http://www.bea.com/ns/weblogic/weblogic-web-app/1.0/weblogic-web-app.xsd"
              xmlns="http://www.bea.com/ns/weblogic/weblogic-web-app">
  <security-role-assignment>
    <role-name>REGISTERED_USER</role-name>
    <principal-name>GROUP_NAME_FROM_LDAP</principal-name>
  </security-role-assignment>
  <session-descriptor>
    <debug-enabled>false</debug-enabled>
    <tracking-enabled>true</tracking-enabled>
    <cookie-name>nameOfCookie</cookie-name>
    <cookie-max-age-secs>-1</cookie-max-age-secs>
    <url-rewriting-enabled>false</url-rewriting-enabled>
    <encode-session-id-in-query-params>false</encode-session-id-in-query-params>
    <sharing-enabled>false</sharing-enabled>
  </session-descriptor>
  <context-root>my_app_context_root</context-root>
  <servlet-descriptor>
    <servlet-name>FileDownload</servlet-name>
  </servlet-descriptor>
</weblogic-web-app>

From top to bottom i have the security-role-assignment which maps users from an ldap group to have the REGISTERED_USER. The tag session-descriptor i think is self explained. Then there is my apps context root context-root. And then some servlet definition that is used to register the servlet to Weblogic (this is also defined in web.xml and i think this will not need any more handling).

So what is the best way to migrate this weblogic.xml file in my application?

Upvotes: 3

Views: 11077

Answers (1)

Christopher Schultz
Christopher Schultz

Reputation: 20882

In Tomcat, these things can be defined in a couple of different places.

For the security-role re-mapping, use the standard <security-role-ref> in web.xml to re-map role names.

If you are using a servlet-3.0-spec webapp, then many of your session- and cookie-related items are available via web.xml:

<session-config>
  <cookie-config>
    <name>nameOfCookie</name>
    <max-age>-1</max-age>
  </cookie-config>
  <!-- just don't use "URL" to disable rewriting -->
  <tracking-mode>COOKIE</tracking-mode>
</session-config>

Otherwise, you'll have to resort to some acrobatics. First, I'll assume that you are using a META-INF/context.xml file within your webapp for deployment to Tomcat.

  1. Session cookie name

    <Context sessionCookieName="nameOfCookie" />
    
  2. Cookie max-age
    Use the standard <session-config><session-timeout /> in web.xml. (Technically, this configures the max-age of the session, but the effect is the same: the cookie will essentially become invalid after the session expires. If you really need cookie max-age, read this thread: http://markmail.org/thread/u2ysiz3uxays2w4i)

  3. Cookie debug/tracking are not supported by configuration. You will have to write your own Filter(s) to duplicate these features.

  4. Disabling URL rewriting will require that you write a Filter that overrides HttpServletResponse.encodeURL and HttpServletResponse.encodeRedirectURL to be no-ops on their String arguments.

Upvotes: 5

Related Questions