On 03/10/2014 15:22, Christopher Schultz wrote: > Mark, > > On 10/3/14 7:50 AM, ma...@apache.org wrote: >> Author: markt >> Date: Fri Oct 3 11:50:14 2014 >> New Revision: 1629185 >> >> URL: http://svn.apache.org/r1629185 >> Log: >> Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=43548 >> Add an XML schema for the tomcat-users.xml file. >> >> Added: >> tomcat/trunk/conf/tomcat-users.xsd (with props) >> Modified: >> tomcat/trunk/conf/tomcat-users.xml >> tomcat/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java >> tomcat/trunk/res/confinstall/tomcat-users_1.xml >> tomcat/trunk/webapps/docs/changelog.xml >> >> Modified: tomcat/trunk/conf/tomcat-users.xml >> URL: >> http://svn.apache.org/viewvc/tomcat/trunk/conf/tomcat-users.xml?rev=1629185&r1=1629184&r2=1629185&view=diff >> ============================================================================== >> --- tomcat/trunk/conf/tomcat-users.xml (original) >> +++ tomcat/trunk/conf/tomcat-users.xml Fri Oct 3 11:50:14 2014 >> @@ -15,7 +15,10 @@ >> See the License for the specific language governing permissions and >> limitations under the License. >> --> >> -<tomcat-users> >> +<tomcat-users xmlns="http://tomcat.apache.org/xml"; >> + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> + xsi:schemaLocation="http://tomcat.apache.org tomcat-users.xsd" >> + version="1.0"> >> <!-- >> NOTE: By default, no user is included in the "manager-gui" role required >> to operate the "/manager/html" web application. If you wish to use this >> app, >> @@ -33,4 +36,5 @@ >> <user username="both" password="tomcat" roles="tomcat,role1"/> >> <user username="role1" password="tomcat" roles="role1"/> >> --> >> + >> </tomcat-users> >> >> Added: tomcat/trunk/conf/tomcat-users.xsd >> URL: >> http://svn.apache.org/viewvc/tomcat/trunk/conf/tomcat-users.xsd?rev=1629185&view=auto >> ============================================================================== >> --- tomcat/trunk/conf/tomcat-users.xsd (added) >> +++ tomcat/trunk/conf/tomcat-users.xsd Fri Oct 3 11:50:14 2014 >> @@ -0,0 +1,43 @@ >> +<?xml version="1.0" encoding="UTF-8" ?> >> +<xs:schema xmlns="http://www.w3.org/2001/XMLSchema"; >> + targetNamespace="http://tomcat.apache.org"; >> + xmlns:users="http://tomcat.apache.org"; >> + xmlns:xs="http://www.w3.org/2001/XMLSchema"; >> + elementFormDefault="qualified" >> + attributeFormDefault="unqualified" >> + version="1.0"> >> + <xs:element name="tomcat-users"> >> + <xs:complexType> >> + <xs:sequence> >> + <xs:element name="role" minOccurs="0" maxOccurs="unbounded"> >> + <xs:complexType> >> + <xs:attribute name="rolename" use="required" >> type="users:entityname" /> >> + <xs:attribute name="description" type="xs:string" /> >> + </xs:complexType> >> + </xs:element> >> + <xs:element name="group" minOccurs="0" maxOccurs="unbounded"> >> + <xs:complexType> >> + <xs:attribute name="groupname" use="required" >> type="users:entityname" /> >> + <xs:attribute name="description" type="xs:string" /> >> + <xs:attribute name="roles" type="xs:string" /> >> + </xs:complexType> >> + </xs:element> >> + <xs:element name="user" minOccurs="0" maxOccurs="unbounded"> >> + <xs:complexType> >> + <xs:attribute name="username" use="required" >> type="users:entityname" /> >> + <xs:attribute name="fullname" type="xs:string" /> >> + <xs:attribute name="password" type="xs:string" /> >> + <xs:attribute name="roles" type="xs:string" /> >> + <xs:attribute name="groups" type="xs:string" /> >> + </xs:complexType> >> + </xs:element> >> + </xs:sequence> >> + <xs:attribute name="version" type="xs:string" /> >> + </xs:complexType> >> + </xs:element> >> + <xs:simpleType name="entityname"> >> + <xs:restriction base="xs:string"> >> + <xs:minLength value="1"/> >> + </xs:restriction> >> + </xs:simpleType> >> +</xs:schema> >> \ No newline at end of file >> >> Propchange: tomcat/trunk/conf/tomcat-users.xsd >> ------------------------------------------------------------------------------ >> svn:eol-style = native >> >> Modified: tomcat/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java >> URL: >> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java?rev=1629185&r1=1629184&r2=1629185&view=diff >> ============================================================================== >> --- tomcat/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java >> (original) >> +++ tomcat/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java Fri >> Oct 3 11:50:14 2014 >> @@ -544,7 +544,10 @@ public class MemoryUserDatabase implemen >> >> // Print the file prolog >> writer.println("<?xml version='1.0' encoding='utf-8'?>"); >> - writer.println("<tomcat-users>"); >> + writer.println("<tomcat-users >> xmlns=\"http://tomcat.apache.org/xml\"";); >> + writer.println(" >> xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"";); >> + writer.println(" >> xsi:schemaLocation=\"http://tomcat.apache.org tomcat-users.xsd\""); >> + writer.println(" version=\"1.0\">"); >> >> // Print entries for each defined role, group, and user >> Iterator<?> values = null; >> >> Modified: tomcat/trunk/res/confinstall/tomcat-users_1.xml >> URL: >> http://svn.apache.org/viewvc/tomcat/trunk/res/confinstall/tomcat-users_1.xml?rev=1629185&r1=1629184&r2=1629185&view=diff >> ============================================================================== >> --- tomcat/trunk/res/confinstall/tomcat-users_1.xml (original) >> +++ tomcat/trunk/res/confinstall/tomcat-users_1.xml Fri Oct 3 11:50:14 2014 >> @@ -14,4 +14,7 @@ >> See the License for the specific language governing permissions and >> limitations under the License. >> --> >> -<tomcat-users> >> +<tomcat-users xmlns="http://tomcat.apache.org/xml"; >> + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> + xsi:schemaLocation="http://tomcat.apache.org tomcat-users.xsd" >> + version="1.0"> >> >> Modified: tomcat/trunk/webapps/docs/changelog.xml >> URL: >> http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1629185&r1=1629184&r2=1629185&view=diff >> ============================================================================== >> --- tomcat/trunk/webapps/docs/changelog.xml (original) >> +++ tomcat/trunk/webapps/docs/changelog.xml Fri Oct 3 11:50:14 2014 >> @@ -47,6 +47,10 @@ >> <section name="Tomcat 8.0.15 (markt)"> >> <subsection name="Catalina"> >> <changelog> >> + <add> >> + <bug>43548</bug>: Add an XML schema for the tomcat-users.xml file. >> + (markt) >> + </add> >> <fix> >> <bug>55984</bug>: Using the allow separators in version 0 cookies >> option >> with the legacy cookie processor should only apply to version 0 >> cookies. >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: dev-h...@tomcat.apache.org >> > > Does Tomcat actively use this schema for semantic validation of > tomcat-users.xml files? If so, should this be added to an XML Schema > catalog to avoid network accesses when validating such files?
It doesn't and I wasn't planning on changing that at this time. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
