Ignore:
Timestamp:
2019-09-11T19:45:51+12:00 (5 years ago)
Author:
ak19
Message:

Implementing Diego Spano's suggested changes for tomcat's allowLinking configuration settings used to support symlinking from the web to folders outside the web app base folder. This confug setting needs to be set differently for tomcat 8. Its value used to be fixed to false in the past, so false becomes the new default. A new user configurable property is introduced in build.xml, tomcat.user.allowLinking. However, since apache's tomcat documentation says that the value should never be set to true for Windows or any OS where the filesystem is case insensitive, as this can affect security, build.xml internally uses a different new property called tomcat.allowLinking which works out the final value. For windows, this will always be false and a warning is printed when the user configurable property got overridden to false on Windows. When the user configurable property was set to true in any other case, a warning is printed on non-Windows OS about how the user should set the value to false if their OS has a case onsensitive file system. Finally, the calculated/sanitised value stored in tomcat.allowLinking propagates to greenstone.xml in place of the placeholders in the greenstone.xml.in and ultimately greenstone.xml.svn files

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/trunk/greenstone3/build.properties.svn

    r32762 r33461  
    88# but not remotely
    99tomcat.server=localhost
     10
     11# Allow/disallow symlinks inside the web application
     12# Note however, that a value of true for this property will nevertheless be disregarded on Windows,
     13# because it has a case insensitive filesystem where a true setting would have had security
     14# implications otherwise.
     15# Beware that if you are working on any other operating system with a case insensitive filesystem,
     16# you should ensure this value remains set to false for security reasons.
     17tomcat.user.allowLinking=false
    1018
    1119# server.protocols must contain 'http' or 'https' or both (in order of preference) separated by commas
Note: See TracChangeset for help on using the changeset viewer.