Oracle iPlanet Web Server 7.0.9 Developer's Guide to Java Web Applications

Subelements

The following table describes subelements for the sun-web-app element.

Table A–3 sun-web-app Subelements

Element 

Required 

Description 

context-root Element

zero or more 

Contains the web context roots for the web application 

servlet Element

zero or more 

Specifies a principal name for a servlet, which is used for the run-as role defined in web.xml

session-config Element

zero or one 

Specifies the session manager, session cookie, and other session-related information 

resource-env-ref Element

zero or more 

Maps the absolute JNDI name to the resource-env-ref in the corresponding Java EE XML file

resource-ref Element

zero or more 

Maps the absolute JNDI name to the resource-ref in the corresponding Java EE XML file

service-ref Element

zero or more 

Specifies runtime settings for a web service reference 

cache Element

zero or one 

Configures caching for web application components 

class-loader Element

zero or one 

Specifies classloader configuration information 

jsp-config Element

zero or one 

Specifies JSP configuration information 

locale-charset-info Element

zero or one 

Specifies internationalization settings 

property Element

zero or more 

Specifies a property, which has a name and a value 

message-destination-name Element

zero or more 

Specifies a logical message destination 

webservice-description Element

zero or more 

Specifies a web service description 

Attributes

none

Properties

The following table describes the properties for the sun-web-app element.

Table A–4 sun-web-app Properties

Property Name 

Default Value 

Description 

crossContextAllowed

true

If true, allows this web application to access the contexts of other web applications using the ServletContext.getContext() method.

encodeCookies

true

If true, Web Server URL encodes cookies before sending them to the client. If you don’t want cookies to be encoded, add the following setting to sun-web.xmldirectly under the <sun-web-app> tag:

<property name="encodeCookies" value="false"/>

Do not embed this setting in any other tag. 

tempdir

instance-dir/generated/

Specifies a temporary directory for use by this web application. This value is used to construct the value of the javax.servlet.context.tempdir context attribute. Compiled JSPs are also placed in this directory.

singleThreadedServletPoolSize

5

Specifies the maximum number of servlet instances allocated for each SingleThreadModel servlet in the web application.

reuseSessionID

false

If true, this property causes the web application to reuse the JSESSIONID value (if present) in the request header as the session ID when creating sessions. The default behavior of web applications is not to reuse session IDs. Instead, applications generate cryptographically random session IDs for new sessions.

changeSessionIdOnAuthentication

false

If true, allows the web application to change the session ID after authentication in order to protect against session fixation attacks as described in http://www.owasp.org/index.php/Session_Fixation.

relativeRedirectAllowed

false

If true, allows the web application to send a relative URL to the client using the HttpResponse.sendRedirect() API (that is, it suppresses the container from translating a relative URL to a fully qualified URL).