What is web xml file and what are all things can I do with it

Question

The web xml Deployment Descriptor Elements in Oracle s BEA WebLogic Server 8 1 Documentation pretty much sums up each element in a web xml file  But I am also curious about points below    Is there any configuration parameter which should be avoided like plague  Any parameters related to performance or memory usage  Security related risk due to common mis-configuration    What else should I know about web xml apart from element names and their usage

User · Answer

No  there isn t anything that should be avoided The parameters related to performance are not in web xml they are in the servlet container configuration files  server xml on tomcat  No  But the default servlet  mapped in a web xml at a common location in your servlet container  should preferably disable file listings  so that users don t see the contents of your web folders             listings         true

User · Answer

What all should I know about web xml   apart from element name and their   usage     The SINGLE most important JSP configuration parameter of ALL TIME is in your web xml   Ladies and gentlemen  I give you    the TRIM-DIRECTIVE-WHITESPACES option    lt jsp-config gt       lt jsp-property-group gt           lt url-pattern gt   jsp lt  url-pattern gt           lt trim-directive-whitespaces gt true lt  trim-directive-whitespaces gt       lt  jsp-property-group gt   lt  jsp-config gt    This removes all the hundreds or thousands of lines of white space that you ll get in your generated HTML if you use any tag libraries  loops are particularly ugly  amp  wasteful    The other big one is the default web page  the page you get automatically sent to when you don t enter a web page in the URL     lt welcome-file-list gt       lt welcome-file gt index jsp lt  welcome-file gt   lt  welcome-file-list gt

User · Answer

lt  xml version  1 0  encoding  UTF-8   gt   lt web-app xmlns xsi  http   www w3 org 2001 XMLSchema-instance  xmlns  http   java sun com xml ns javaee  xmlns web  http   java sun com xml ns javaee  xsi schemaLocation  http   java sun com xml ns javaee http   java sun com xml ns javaee web-app 3 0 xsd  version  3 0  gt     lt servlet gt       lt servlet-name gt mvc-dispatcher lt  servlet-name gt       lt servlet-class gt org springframework web servlet DispatcherServlet lt  servlet-class gt       lt load-on-startup gt 1 lt  load-on-startup gt     lt  servlet gt     lt servlet gt       lt description gt  lt  description gt       lt display-name gt pdfServlet lt  display-name gt       lt servlet-name gt pdfServlet lt  servlet-name gt       lt servlet-class gt com sapta smartcam servlet pdfServlet lt  servlet-class gt     lt  servlet gt     lt servlet-mapping gt       lt servlet-name gt mvc-dispatcher lt  servlet-name gt       lt url-pattern gt   lt  url-pattern gt     lt  servlet-mapping gt     lt servlet-mapping gt       lt servlet-name gt pdfServlet lt  servlet-name gt       lt url-pattern gt  pdfServlet lt  url-pattern gt     lt  servlet-mapping gt     lt context-param gt       lt param-name gt contextConfigLocation lt  param-name gt       lt param-value gt  WEB-INF mvc-dispatcher-servlet xml lt  param-value gt     lt  context-param gt     lt listener gt       lt listener-class gt org springframework web context ContextLoaderListener lt  listener-class gt     lt  listener gt     lt welcome-file-list gt       lt welcome-file gt index jsp lt  welcome-file gt     lt  welcome-file-list gt   lt  web-app gt

User · Answer

If using Struts  we disable direct access to the JSP files by using this tag in web xml    lt security-constraint gt   lt web-resource-collection gt     lt web-resource-name gt no access lt  web-resource-name gt     lt url-pattern gt   jsp lt  url-pattern gt   lt  web-resource-collection gt   lt auth-constraint  gt

User · Answer

http   java sun com xml ns javaee web-app 3 0 xsd      version  3 0     lt servlet gt       lt servlet-name gt mvc-dispatcher lt  servlet-name gt       lt servlet-class gt org springframework web servlet DispatcherServlet lt  servlet-class gt       lt load-on-startup gt 1 lt  load-on-startup gt   lt  servlet gt    lt servlet-mapping gt       lt servlet-name gt mvc-dispatcher lt  servlet-name gt       lt url-pattern gt   lt  url-pattern gt   lt  servlet-mapping gt    lt context-param gt       lt param-name gt contextConfigLocation lt  param-name gt       lt param-value gt  WEB-INF mvc-dispatcher-servlet xml lt  param-value gt   lt  context-param gt    lt listener gt       lt listener-class gt org springframework web context ContextLoaderListener lt  listener-class gt   lt  listener gt    lt welcome-file-list gt       lt welcome-file gt index jsp lt  welcome-file gt   lt  welcome-file-list gt

User · Answer

I am trying to figure out exactly how this works too   This site might be helpful to you   It has all of the possible tags for web xml along with examples and descriptions of each tag     http   wiki metawerx net wiki Web xml

User · Answer

What is web xml file and what all things can I do with it     The  WEB-INF web xml file is the Web Application Deployment Descriptor of your application  This file is an XML document that defines everything about your application that a server needs to know  except the context path  which is assigned by the Application Deployer and Administrator when the application is deployed   servlets and other components like filters or listeners  initialization parameters  container-managed security constraints  resources  welcome pages  etc   Note that reference you mentioned is pretty old  Java EE 1 4   there have been few changes in Java EE 5 and even more in Java EE 6  which makes the web xml  optional  and introduces Web Fragments       Is there any configuration parameter which should be avoided like plague    No      Any parameters related to performance or memory usage    No  such things are not configured at the application level but at the container level      Security related risk due to common mis-configuration     Well  if you want to use container-managed security constraints and fail at configuring them properly  resources won t obviously be properly protected  Apart from that  the biggest security risks come from the code you ll deploy IMO

User · Answer

Deployment descriptor file  web xml    Through the proper use of the deployment descriptor file  web xml  you can control many aspects of the Web application behavior  from preloading servlets  to restricting resource access  to controlling session time-outs   web xml   is used to control many facets of a Web application  Using web xml  you can assign custom URLs for invoking servlets  specify initialization parameters for the entire application as well as for specific servlets  control session timeouts  declare filters  declare security roles  restrict access to Web resources based on declared security roles  and so on

[web-applications] What is web.xml file and what are all things can I do with it?

Examples related to web-applications

Examples related to web.xml