https://bz.apache.org/bugzilla/show_bug.cgi?id=64089
Bug ID: 64089
Summary: Resource paths resolve symlinks
Product: Tomcat 8
Version: 8.5.50
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: m.froehl...@infolog.de
Target Milestone: ----
Tomcat 8.5.35 introduced a behavior, which is a bug for us. Still consists in
8.5.50.
In our development environments we use symlinks for all of our webapp folders.
So under tomcat (resp. catalina base) there is the webapps folder, that
contains only symlinks, which point to the actual webapps (not wars).
The applications' web.xml files use XML imports like this:
######################
<!DOCTYPE web-xml [
<!ENTITY myentity SYSTEM "../../../foo/bar/myentity.xml">
]>
######################
This relative import worked just fine in 8.5.34 and prior, but will fail in
8.5.35+. The error message in the log unfortunately does not tell you more than
"file not found", but does not say, where it was looking for it.
The class org.apache.catalina.startup.ContextConfig, method fixDocBase()
introduced a change in 8.5.35 (line 655 in 8.5.50's source), that uses
getCanonicalPath() to resolve the absolute path for a resource (in this case
web.xml). This path is used as base (systemId) for the WebXmlParser. Since the
path has resolved symlinks, but the relative import assumes to originate from a
standard catalina_base structure, it won't find the imported file.
Instead of getCanonicalPath() you could use something like
toPath().toAbsolutePath().normalize(), which does NOT follow symlinks.
The behavior differs on Windows, where symlinks (Junktions) are not followed.
This bug is critical for us. And there's no way to work around it.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
