SyntaxFix

[web-applications] What is web.xml file and what are all things can I do with it?

The web.xml Deployment Descriptor Elements in Oracle's BEA WebLogic Server 8.1 Documentation pretty much sums up each element in a web.xml file. But I am also curious about points below:

  1. Is there any configuration parameter which should be avoided like plague?
  2. Any parameters related to performance or memory usage?
  3. Security related risk due to common mis-configuration?

What else should I know about web.xml apart from element names and their usage?

This question is related to web-applications web.xml

The answer is

http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">

<servlet>
    <servlet-name>mvc-dispatcher</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>mvc-dispatcher</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/mvc-dispatcher-servlet.xml</param-value>
</context-param>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
</welcome-file-list>

What all should I know about web.xml apart from element name and their usage ?

The SINGLE most important JSP configuration parameter of ALL TIME is in your web.xml. Ladies and gentlemen, I give you... the TRIM-DIRECTIVE-WHITESPACES option!

<jsp-config>
    <jsp-property-group>
        <url-pattern>*.jsp</url-pattern>
        <trim-directive-whitespaces>true</trim-directive-whitespaces>
    </jsp-property-group>
</jsp-config>

This removes all the hundreds or thousands of lines of white space that you'll get in your generated HTML if you use any tag libraries (loops are particularly ugly & wasteful).

The other big one is the default web page (the page you get automatically sent to when you don't enter a web page in the URL):

<welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
</welcome-file-list>    

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">
  <servlet>
    <servlet-name>mvc-dispatcher</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet>
    <description></description>
    <display-name>pdfServlet</display-name>
    <servlet-name>pdfServlet</servlet-name>
    <servlet-class>com.sapta.smartcam.servlet.pdfServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>mvc-dispatcher</servlet-name>
    <url-pattern>/</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>pdfServlet</servlet-name>
    <url-pattern>/pdfServlet</url-pattern>
  </servlet-mapping>
  <context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/mvc-dispatcher-servlet.xml</param-value>
  </context-param>
  <listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
  </listener>
  <welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
  </welcome-file-list>
</web-app>
  1. No, there isn't anything that should be avoided
  2. The parameters related to performance are not in web.xml they are in the servlet container configuration files (server.xml on tomcat)

  3. No. But the default servlet (mapped in a web.xml at a common location in your servlet container) should preferably disable file listings (so that users don't see the contents of your web folders):

    listings true

I am trying to figure out exactly how this works too. This site might be helpful to you. It has all of the possible tags for web.xml along with examples and descriptions of each tag.

http://wiki.metawerx.net/wiki/Web.xml

If using Struts, we disable direct access to the JSP files by using this tag in web.xml

 <security-constraint>
<web-resource-collection>
  <web-resource-name>no_access</web-resource-name>
  <url-pattern>*.jsp</url-pattern>
</web-resource-collection>
<auth-constraint/>

Deployment descriptor file "web.xml" : Through the proper use of the deployment descriptor file, web.xml, you can control many aspects of the Web application behavior, from preloading servlets, to restricting resource access, to controlling session time-outs.

web.xml : is used to control many facets of a Web application. Using web.xml, you can assign custom URLs for invoking servlets, specify initialization parameters for the entire application as well as for specific servlets, control session timeouts, declare filters, declare security roles, restrict access to Web resources based on declared security roles, and so on.

Source: Stackoverflow.com

Examples related to web-applications

Spring - No EntityManager with actual transaction available for current thread - cannot reliably process 'persist' call How do I choose the URL for my Spring Boot webapp? Difference between MEAN.js and MEAN.io External VS2013 build error "error MSB4019: The imported project <path> was not found" How to unpackage and repackage a WAR file IntelliJ, can't start simple web application: Unable to ping server at localhost:1099 Using form input to access camera and immediately upload photos using web app Pass user defined environment variable to tomcat ASP.NET: HTTP Error 500.19 – Internal Server Error 0x8007000d Best practices when running Node.js with port 80 (Ubuntu / Linode)

Examples related to web.xml

SEVERE: ContainerBase.addChild: start:org.apache.catalina.LifecycleException: Failed to start error Session TimeOut in web.xml How to configure welcome file list in web.xml What is the significance of url-pattern in web.xml and how to configure servlet? No WebApplicationContext found: no ContextLoaderListener registered? How to specify the default error page in web.xml? How to define servlet filter order of execution using annotations in WAR Loading context in Spring using web.xml Could not open ServletContext resource Why do we use web.xml?

Tags

Django-forms Wpftoolkit Webpart-connection Mud Seam-carving Webos Nsfilehandle Beyondcompare3 Pixel-manipulation Multipoint Plupload Scsi Meta-attribute Wss Grouplayout Clouddb Convenience-methods Truststore Epad Defaultifempty Case-class Kbhit Verilog Glow Jquery-templates Gnu-screen Transport-stream Svn-copy Machg Asp.net Tail-recursion Winelib Paintevent Register-allocation Population Scrape Google-translate Squirrel Http-status-code-302 Convex-hull Rate Watch-window Filemtime Client-library Point Indexhibit Remote-desktop Worldwind Itemscontrol Recycle-bin Wii-balanceboard Multiple-login Nt4 Automerge Profile Plasticscm Dotnetnuke-5 Params-keyword Spring-transactions Number-formatting Async-ctp Page-load-time Flicker Wx.textctrl Mootools1.2 Google-index Monad-transformers Moviecliploader Javascript-objects Stencils Contracts End-user Libevent Graphics32 Iisvdir Er-diagrams Styles Qfile Lapply Xmla Reddot Audio-player Predefined-variables Scala-java-interop Documentpaginator 1wire Coronasdk Sysinfo Desktop-integration Field-description Mysql2 Servicecontract Rfc2445 Data-tier-applications Pyquery Systemtime Vbc Teaser Each Oncheckedchanged