alvinalexander.com | career | drupal | java | mac | mysql | perl | scala | uml | unix  

Tomcat example source code file (valve.xml)

This example Tomcat source code file (valve.xml) is included in the DevDaily.com "Java Source Code Warehouse" project. The intent of this project is to help you "Learn Java by Example" TM.

Java - Tomcat tags/keywords

filter, host, if, if, introduction, ip, ip, license, must, must, remote, the, valve, valve

The Tomcat valve.xml source code

<?xml version="1.0"?>
<!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
-->
<!DOCTYPE document [
  <!ENTITY project SYSTEM "project.xml">
]>
<document url="valve.html">

  &project;

  <properties>
    <author email="craigmcc@apache.org">Craig R. McClanahan
    <title>The Valve Component
  </properties>

<body>


<section name="Introduction">

  <p>A Valve element represents a component that will be
  inserted into the request processing pipeline for the associated
  Catalina container (<a href="engine.html">Engine,
  <a href="host.html">Host, or Context).
  Individual Valves have distinct processing capabilities, and are
  described individually below.</p>

    <blockquote>
    <p>The description below uses the variable name $CATALINA_HOME
    to refer to the directory into which you have installed Tomcat 6,
    and is the base directory against which most relative paths are
    resolved.  However, if you have configured Tomcat 6 for multiple
    instances by setting a CATALINA_BASE directory, you should use
    $CATALINA_BASE instead of $CATALINA_HOME for each of these
    references.</p>
    </em>

</section>


<section name="Access Log Valve">

  <subsection name="Introduction">

    <p>The Access Log Valve creates log files in the same
    format as those created by standard web servers.  These logs can later
    be analyzed by standard log analysis tools to track page hit counts,
    user session activity, and so on.  The files produces by this <code>Valve
    are rolled over nightly at midnight.  This <code>Valve
    may be associated with any Catalina container (<code>Context,
    <code>Host, or Engine), and
    will record ALL requests processed by that container.</p>

  </subsection>

  <subsection name="Attributes">

    <p>The Access Log Valve supports the following
    configuration attributes:</p>

    <attributes>

      <attribute name="className" required="true">
        <p>Java class name of the implementation to use.  This MUST be set to
        <strong>org.apache.catalina.valves.AccessLogValve to use the
        default access log valve.</p>
      </attribute>

      <attribute name="directory" required="false">
        <p>Absolute or relative pathname of a directory in which log files
        created by this valve will be placed.  If a relative path is
        specified, it is interpreted as relative to $CATALINA_HOME.  If
        no directory attribute is specified, the default value is "logs"
        (relative to $CATALINA_HOME).</p>
      </attribute>

      <attribute name="pattern" required="false">
        <p>A formatting layout identifying the various information fields
        from the request and response to be logged, or the word
        <code>common or combined to select a
        standard format.  See below for more information on configuring
        this attribute. Note that the optimized access does only support
        <code>common and combined as the value for this
        attribute.</p>
      </attribute>

      <attribute name="prefix" required="false">
        <p>The prefix added to the start of each log file's name.  If not
        specified, the default value is "access_log.".  To specify no prefix,
        use a zero-length string.</p>
      </attribute>

      <attribute name="resolveHosts" required="false">
        <p>Set to true to convert the IP address of the remote
        host into the corresponding host name via a DNS lookup.  Set to
        <code>false to skip this lookup, and report the remote IP
        address instead.</p>
      </attribute>

      <attribute name="suffix" required="false">
        <p>The suffix added to the end of each log file's name.  If not
        specified, the default value is "".  To specify no suffix,
        use a zero-length string.</p>
      </attribute>

      <attribute name="rotatable" required="false">
        <p>Deafult true. Flag to determine if log rotation should occur.
           If set to false, then this file is never rotated and
           <tt>fileDateFormat is ignored. Use with caution!
        </p>
      </attribute>

      <attribute name="condition" required="false">
        <p>Turns on conditional logging. If set, requests will be
           logged only if <tt>ServletRequest.getAttribute() is
           null. For example, if this value is set to
           <tt>junk, then a particular request will only be logged
           if <tt>ServletRequest.getAttribute("junk") == null.
           The use of Filters is an easy way to set/unset the attribute
           in the ServletRequest on many different requests.
        </p>
      </attribute>

      <attribute name="fileDateFormat" required="false">
        <p>Allows a customized date format in the access log file name.
           The date format also decides how often the file is rotated.
           If you wish to rotate every hour, then set this value
           to: <tt>yyyy-MM-dd.HH
        </p>
      </attribute>

      <attribute name="buffered" required="false">
        <p>Deafult true. Flag to determine if logging will be buffered.
           If set to false, then access logging will be written after each 
           request.
        </p>
      </attribute>

    </attributes>

    <p>Values for the pattern attribute are made up of literal
    text strings, combined with pattern identifiers prefixed by the "%"
    character to cause replacement by the corresponding variable value from
    the current request and response.  The following pattern codes are
    supported:</p>
    <ul>
    <li>%a - Remote IP address
    <li>%A - Local IP address
    <li>%b - Bytes sent, excluding HTTP headers, or '-' if zero
    <li>%B - Bytes sent, excluding HTTP headers
    <li>%h - Remote host name (or IP address if
        <code>resolveHosts is false)
    <li>%H - Request protocol
    <li>%l - Remote logical username from identd (always returns
        '-')</li>
    <li>%m - Request method (GET, POST, etc.)
    <li>%p - Local port on which this request was received
    <li>%q - Query string (prepended with a '?' if it exists)
    <li>%r - First line of the request (method and request URI)
    <li>%s - HTTP status code of the response
    <li>%S - User session ID
    <li>%t - Date and time, in Common Log Format
    <li>%u - Remote user that was authenticated (if any), else '-'
    <li>%U - Requested URL path
    <li>%v - Local server name
    <li>%D - Time taken to process the request, in millis
    <li>%T - Time taken to process the request, in seconds
    <li>%I - current request thread name (can compare later with stacktraces)
    </ul>

    <p>
    There is also support to write information from the cookie, incoming
    header, the Session or something else in the ServletRequest.
    It is modeled after the apache syntax:
    <ul>
    <li>%{xxx}i for incoming headers
    <li>%{xxx}o for outgoing response headers
    <li>%{xxx}c for a specific cookie
    <li>%{xxx}r xxx is an attribute in the ServletRequest
    <li>%{xxx}s xxx is an attribute in the HttpSession
    </ul>
    </p>


    <p>The shorthand pattern name common (which is also the
    default) corresponds to <strong>'%h %l %u %t "%r" %s %b'.

<p>The shorthand pattern name combined appends the values of the <code>Referer and User-Agent headers, each in double quotes, to the <code>common pattern described in the previous paragraph.</p> </subsection> </section> <section name="Remote Address Filter"> <subsection name="Introduction"> <p>The Remote Address Filter allows you to compare the IP address of the client that submitted this request against one or more <em>regular expressions
, and either allow the request to continue or refuse to process the request from this client. A Remote Address Filter can be associated with any Catalina container (<a href="engine.html">Engine, Host, or <a href="context.html">Context), and must accept any request presented to this container for processing before it will be passed on.</p> <p>The syntax for regular expressions is different than that for 'standard' wildcard matching. Tomcat uses the <code>java.util.regex package. Please consult the Java documentation for details of the expressions supported.</p> </subsection> <subsection name="Attributes"> <p>The Remote Address Filter supports the following configuration attributes:</p> <attributes> <attribute name="className" required="true"> <p>Java class name of the implementation to use. This MUST be set to <strong>org.apache.catalina.valves.RemoteAddrValve.

</attribute> <attribute name="allow" required="false"> <p>A comma-separated list of regular expression patterns that the remote client's IP address is compared to. If this attribute is specified, the remote address MUST match for this request to be accepted. If this attribute is not specified, all requests will be accepted UNLESS the remote address matches a <code>deny pattern.</p> </attribute> <attribute name="deny" required="false"> <p>A comma-separated list of regular expression patterns that the remote client's IP address is compared to. If this attribute is specified, the remote address MUST NOT match for this request to be accepted. If this attribute is not specified, request acceptance is governed solely by the <code>accept attribute.

</attribute> </attributes> </subsection> </section> <section name="Remote Host Filter"> <subsection name="Introduction"> <p>The Remote Host Filter allows you to compare the hostname of the client that submitted this request against one or more <em>regular expressions, and either allow the request to continue or refuse to process the request from this client. A Remote Host Filter can be associated with any Catalina container (<a href="engine.html">Engine, Host, or <a href="context.html">Context), and must accept any request presented to this container for processing before it will be passed on.</p> <p>The syntax for regular expressions is different than that for 'standard' wildcard matching. Tomcat uses the <code>java.util.regex package. Please consult the Java documentation for details of the expressions supported.</p> </subsection> <subsection name="Attributes"> <p>The Remote Host Filter supports the following configuration attributes:</p> <attributes> <attribute name="className" required="true"> <p>Java class name of the implementation to use. This MUST be set to <strong>org.apache.catalina.valves.RemoteHostValve.

</attribute> <attribute name="allow" required="false"> <p>A comma-separated list of regular expression patterns that the remote client's hostname is compared to. If this attribute is specified, the remote hostname MUST match for this request to be accepted. If this attribute is not specified, all requests will be accepted UNLESS the remote hostname matches a <code>deny pattern.</p> </attribute> <attribute name="deny" required="false"> <p>A comma-separated list of regular expression patterns that the remote client's hostname is compared to. If this attribute is specified, the remote hostname MUST NOT match for this request to be accepted. If this attribute is not specified, request acceptance is governed solely by the <code>accept attribute.

</attribute> </attributes> </subsection> </section> <section name="Request Dumper Valve"> <subsection name="Introduction"> <p>The Request Dumper Valve is a useful tool in debugging interactions with a client application (or browser) that is sending HTTP requests to your Tomcat-based server. When configured, it causes details about each request processed by its associated <code>Engine, <code>Host, or Context to be logged according to the logging configuration for that container.</p> <p>WARNING: Using this valve has side-effects. The output from this valve includes any parameters included with the request. The parameters will be decoded using the default platform encoding. Any subsequent calls to <code>request.setCharacterEncoding() within the web application will have no effect.</p> </subsection> <subsection name="Attributes"> <p>The Request Dumper Valve supports the following configuration attributes:</p> <attributes> <attribute name="className" required="true"> <p>Java class name of the implementation to use. This MUST be set to <strong>org.apache.catalina.valves.RequestDumperValve.

</attribute> </attributes> </subsection> </section> <section name="Single Sign On Valve"> <subsection name="Introduction"> <p>The Single Sign On Vale is utilized when you wish to give users the ability to sign on to any one of the web applications associated with your virtual host, and then have their identity recognized by all other web applications on the same virtual host.</p> <p>See the Single Sign On special feature on the <strong>Host element for more information.

</subsection> <subsection name="Attributes"> <p>The Single Sign On Valve supports the following configuration attributes:</p> <attributes> <attribute name="className" required="true"> <p>Java class name of the implementation to use. This MUST be set to <strong>org.apache.catalina.authenticator.SingleSignOn.

</attribute> <attribute name="requireReauthentication" required="false"> <p>Default false. Flag to determine whether each request needs to be reauthenticated to the security <strong>Realm. If "true", this Valve uses cached security credentials (username and password) to reauthenticate to the <strong>Realm each request associated with an SSO session. If "false", the Valve can itself authenticate requests based on the presence of a valid SSO cookie, without rechecking with the <strong>Realm.

</attribute> <attribute name="cookieDomain" required="false"> <p>Sets the host domain to be used for sso cookies.

</attribute> </attributes> </subsection> </section> <section name="Form Authenticator Valve"> <subsection name="Introduction"> <p>The Form Authenticator Valve is automatically added to any <a href="context.html">Context that is configured to use FORM authentication.</p> <p>If any non-default settings are required, the valve may be configured within <a href="context.html">Context element with the required values.</p> </subsection> <subsection name="Attributes"> <p>The Form Authenticator Valve supports the following configuration attributes:</p> <attributes> <attribute name="className" required="true"> <p>Java class name of the implementation to use. This MUST be set to <strong>org.apache.catalina.authenticator.FormAuthenticator.

</attribute> <attribute name="characterEncoding" required="false"> <p>Character encoding to use to read the username and password parameters from the request. If not set, the encoding of the request body will be used.</p> </attribute> </attributes> </subsection> </section> </body> </document>

Other Tomcat examples (source code examples)

Here is a short list of links related to this Tomcat valve.xml source code file:

... this post is sponsored by my books ...

#1 New Release!

FP Best Seller

 

new blog posts

 

Copyright 1998-2024 Alvin Alexander, alvinalexander.com
All Rights Reserved.

A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.