什么是 web.xml 文件,我可以用它做什么? [英] What is web.xml file and what are all things can I do with it?
问题描述
web.xml 部署描述符元素Oracle 的 BEA WebLogic Server 8.1 文档几乎总结了 web.xml 文件中的每个元素.但我也很好奇以下几点:
The web.xml Deployment Descriptor Elements in Oracle's BEA WebLogic Server 8.1 Documentation pretty much sums up each element in a web.xml file. But I am also curious about points below:
- 有没有像瘟疫一样应该避免的配置参数?
- 是否有任何与性能或内存使用相关的参数?
- 常见的错误配置导致的安全相关风险?
除了元素名称及其用法之外,我还应该了解 web.xml 什么?
What else should I know about web.xml apart from element names and their usage?
推荐答案
什么是 web.xml 文件,我可以用它做什么?
What is web.xml file and what all things can I do with it ?
/WEB-INF/web.xml 文件是应用程序的 Web 应用程序部署描述符.此文件是一个 XML 文档,它定义了服务器需要知道的有关您的应用程序的所有内容(上下文路径除外,该路径由应用程序部署者和管理员在部署应用程序时分配):servlet 和其他过滤器或侦听器、初始化参数、容器管理的安全约束、资源、欢迎页面等组件.
The /WEB-INF/web.xml file is the Web Application Deployment Descriptor of your application. This file is an XML document that defines everything about your application that a server needs to know (except the context path, which is assigned by the Application Deployer and Administrator when the application is deployed): servlets and other components like filters or listeners, initialization parameters, container-managed security constraints, resources, welcome pages, etc.
请注意,您提到的参考文献很旧(Java EE 1.4),已经有 Java EE 5 中的一些更改,Java EE 6 中的更改甚至更多(这使得 web.xml 可选"并引入了 Web 片段).
Note that reference you mentioned is pretty old (Java EE 1.4), there have been few changes in Java EE 5 and even more in Java EE 6 (which makes the web.xml "optional" and introduces Web Fragments).
有没有像瘟疫一样应该避免的配置参数?
Is there any configuration parameter which should be avoided like plague?
没有
任何与性能或内存使用相关的参数?
Any parameters related to performance or memory usage?
不,这些东西不是在应用程序级别配置的,而是在容器级别配置的.
No, such things are not configured at the application level but at the container level.
常见的错误配置导致的安全相关风险?
Security related risk due to common mis-configuration ?
好吧,如果您想使用容器管理的安全约束并且未能正确配置它们,那么资源显然不会得到适当的保护.除此之外,最大的安全风险来自您将部署 IMO 的代码.
Well, if you want to use container-managed security constraints and fail at configuring them properly, resources won't obviously be properly protected. Apart from that, the biggest security risks come from the code you'll deploy IMO.
这篇关于什么是 web.xml 文件,我可以用它做什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
