Environment-specific web.xml

Hi Michael,

Not an unreasonable request and one that I share a need for as I've got an SSO mechanism that comes into play in my Integration, UAT and Prod environments but I want Dev to be security free. Did you have any luck?

Chris

Michael Berg-6 wrote:

Hi all,
 
After doing an install-templates, is it possible to make certain parts
of web.xml sensitive to the current environment?
 
For example, in production mode I have some resources that are
protected. However, in development mode it is rather annoying to have to
log on all the time, so if it was possible somehow to "comment out" the
<security-contraint> part of my web.xml in development mode, it would be
a time saver for me.
 
Is this possible?
 
/Mike
 

Hi Michael,

Not an unreasonable request, and one I share a need for. I've got a security free Dev environment but once I migrate beyond it, every other environment has a certificate-based SSO security strategy that requires web.xml changes.

Did you have any luck?

Chris

Michael Berg-6 wrote:

Hi all,
 
After doing an install-templates, is it possible to make certain parts
of web.xml sensitive to the current environment?
 
For example, in production mode I have some resources that are
protected. However, in development mode it is rather annoying to have to
log on all the time, so if it was possible somehow to "comment out" the
<security-contraint> part of my web.xml in development mode, it would be
a time saver for me.
 
Is this possible?
 
/Mike
 

Hi Michael,

Not an unreasonable request, and one I share a need for. I've got a security free Dev environment but once I migrate beyond it, every other environment has a certificate-based SSO security strategy that requires web.xml changes.

Did you have any luck?

Chris

Michael Berg-6 wrote:

Hi all,
 
After doing an install-templates, is it possible to make certain parts
of web.xml sensitive to the current environment?
 
For example, in production mode I have some resources that are
protected. However, in development mode it is rather annoying to have to
log on all the time, so if it was possible somehow to "comment out" the
<security-contraint> part of my web.xml in development mode, it would be
a time saver for me.
 
Is this possible?
 
/Mike
 

chris_porter100@...

chrisporter wrote:
Plugins get a chance to edit the web.xml, so you could create a plugin
that just checks the environment and deletes the security-constraint bit
if it's not production (or vice-versa - have it create the constraint in
prod mode).  But that might be a bit of a sledgehammer to crack a nut.

Otherwise, you can specify an alternative location for the basic web.xml
in BuildConfig.groovy, so if there's some way in there to condition
based on the current environment you could have different prod-web.xml
and dev-web.xml files:

// BuildConfig.groovy
if(Environment.current == Environment.PRODUCTION) {
  grails.config.base.webXml = 'prod-web.xml'
}
else {
  grails.config.base.webXml = 'dev-web.xml'
}

Except I'm not sure whether you can query the environment at the point
where BuildConfig.groovy is parsed, you'll have to try it and see.

Ian

--
Ian Roberts               | Department of Computer Science
i.roberts@...  | University of Sheffield, UK

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email