Mark, On 10/3/14 7:50 AM, ma...@apache.org wrote: > Author: markt > Date: Fri Oct 3 11:50:14 2014 > New Revision: 1629185 > > URL: http://svn.apache.org/r1629185 > Log: > Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=43548 > Add an XML schema for the tomcat-users.xml file. > > Added: > tomcat/trunk/conf/tomcat-users.xsd (with props) > Modified: > tomcat/trunk/conf/tomcat-users.xml > tomcat/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java > tomcat/trunk/res/confinstall/tomcat-users_1.xml > tomcat/trunk/webapps/docs/changelog.xml > > Modified: tomcat/trunk/conf/tomcat-users.xml > URL: > http://svn.apache.org/viewvc/tomcat/trunk/conf/tomcat-users.xml?rev=1629185&r1=1629184&r2=1629185&view=diff > ============================================================================== > --- tomcat/trunk/conf/tomcat-users.xml (original) > +++ tomcat/trunk/conf/tomcat-users.xml Fri Oct 3 11:50:14 2014 > @@ -15,7 +15,10 @@ > See the License for the specific language governing permissions and > limitations under the License. > --> > -<tomcat-users> > +<tomcat-users xmlns="http://tomcat.apache.org/xml"; > + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > + xsi:schemaLocation="http://tomcat.apache.org tomcat-users.xsd" > + version="1.0"> > <!-- > NOTE: By default, no user is included in the "manager-gui" role required > to operate the "/manager/html" web application. If you wish to use this > app, > @@ -33,4 +36,5 @@ > <user username="both" password="tomcat" roles="tomcat,role1"/> > <user username="role1" password="tomcat" roles="role1"/> > --> > + > </tomcat-users> > > Added: tomcat/trunk/conf/tomcat-users.xsd > URL: > http://svn.apache.org/viewvc/tomcat/trunk/conf/tomcat-users.xsd?rev=1629185&view=auto > ============================================================================== > --- tomcat/trunk/conf/tomcat-users.xsd (added) > +++ tomcat/trunk/conf/tomcat-users.xsd Fri Oct 3 11:50:14 2014 > @@ -0,0 +1,43 @@ > +<?xml version="1.0" encoding="UTF-8" ?> > +<xs:schema xmlns="http://www.w3.org/2001/XMLSchema"; > + targetNamespace="http://tomcat.apache.org"; > + xmlns:users="http://tomcat.apache.org"; > + xmlns:xs="http://www.w3.org/2001/XMLSchema"; > + elementFormDefault="qualified" > + attributeFormDefault="unqualified" > + version="1.0"> > + <xs:element name="tomcat-users"> > + <xs:complexType> > + <xs:sequence> > + <xs:element name="role" minOccurs="0" maxOccurs="unbounded"> > + <xs:complexType> > + <xs:attribute name="rolename" use="required" > type="users:entityname" /> > + <xs:attribute name="description" type="xs:string" /> > + </xs:complexType> > + </xs:element> > + <xs:element name="group" minOccurs="0" maxOccurs="unbounded"> > + <xs:complexType> > + <xs:attribute name="groupname" use="required" > type="users:entityname" /> > + <xs:attribute name="description" type="xs:string" /> > + <xs:attribute name="roles" type="xs:string" /> > + </xs:complexType> > + </xs:element> > + <xs:element name="user" minOccurs="0" maxOccurs="unbounded"> > + <xs:complexType> > + <xs:attribute name="username" use="required" > type="users:entityname" /> > + <xs:attribute name="fullname" type="xs:string" /> > + <xs:attribute name="password" type="xs:string" /> > + <xs:attribute name="roles" type="xs:string" /> > + <xs:attribute name="groups" type="xs:string" /> > + </xs:complexType> > + </xs:element> > + </xs:sequence> > + <xs:attribute name="version" type="xs:string" /> > + </xs:complexType> > + </xs:element> > + <xs:simpleType name="entityname"> > + <xs:restriction base="xs:string"> > + <xs:minLength value="1"/> > + </xs:restriction> > + </xs:simpleType> > +</xs:schema> > \ No newline at end of file > > Propchange: tomcat/trunk/conf/tomcat-users.xsd > ------------------------------------------------------------------------------ > svn:eol-style = native > > Modified: tomcat/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java > URL: > http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java?rev=1629185&r1=1629184&r2=1629185&view=diff > ============================================================================== > --- tomcat/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java > (original) > +++ tomcat/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java Fri > Oct 3 11:50:14 2014 > @@ -544,7 +544,10 @@ public class MemoryUserDatabase implemen > > // Print the file prolog > writer.println("<?xml version='1.0' encoding='utf-8'?>"); > - writer.println("<tomcat-users>"); > + writer.println("<tomcat-users > xmlns=\"http://tomcat.apache.org/xml\"";); > + writer.println(" > xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"";); > + writer.println(" > xsi:schemaLocation=\"http://tomcat.apache.org tomcat-users.xsd\""); > + writer.println(" version=\"1.0\">"); > > // Print entries for each defined role, group, and user > Iterator<?> values = null; > > Modified: tomcat/trunk/res/confinstall/tomcat-users_1.xml > URL: > http://svn.apache.org/viewvc/tomcat/trunk/res/confinstall/tomcat-users_1.xml?rev=1629185&r1=1629184&r2=1629185&view=diff > ============================================================================== > --- tomcat/trunk/res/confinstall/tomcat-users_1.xml (original) > +++ tomcat/trunk/res/confinstall/tomcat-users_1.xml Fri Oct 3 11:50:14 2014 > @@ -14,4 +14,7 @@ > See the License for the specific language governing permissions and > limitations under the License. > --> > -<tomcat-users> > +<tomcat-users xmlns="http://tomcat.apache.org/xml"; > + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > + xsi:schemaLocation="http://tomcat.apache.org tomcat-users.xsd" > + version="1.0"> > > Modified: tomcat/trunk/webapps/docs/changelog.xml > URL: > http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1629185&r1=1629184&r2=1629185&view=diff > ============================================================================== > --- tomcat/trunk/webapps/docs/changelog.xml (original) > +++ tomcat/trunk/webapps/docs/changelog.xml Fri Oct 3 11:50:14 2014 > @@ -47,6 +47,10 @@ > <section name="Tomcat 8.0.15 (markt)"> > <subsection name="Catalina"> > <changelog> > + <add> > + <bug>43548</bug>: Add an XML schema for the tomcat-users.xml file. > + (markt) > + </add> > <fix> > <bug>55984</bug>: Using the allow separators in version 0 cookies > option > with the legacy cookie processor should only apply to version 0 > cookies. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org >
Does Tomcat actively use this schema for semantic validation of tomcat-users.xml files? If so, should this be added to an XML Schema catalog to avoid network accesses when validating such files? -chris
signature.asc
Description: OpenPGP digital signature
