Google Git
Sign in
apache / cayenne-website / 0af753b3ec346c0432aa26fe6065228badfd46ed / . / docs / 3.1 / cayenne-guide / rop-deployment.html
blob: b1ba63f0886f5061e644cbd94884d6fe75ae8c7b [file] [log] [blame]
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title xmlns:d="http://docbook.org/ns/docbook">Chapter&nbsp;17.&nbsp;ROP Deployment</title><link rel="stylesheet" type="text/css" href="css/cayenne-doc.css"><meta xmlns:d="http://docbook.org/ns/docbook" name="keywords" content="Cayenne 3.1 documentation"><meta xmlns:d="http://docbook.org/ns/docbook" name="description" content="User documentation for Apache Cayenne version 3.1"><link rel="home" href="index.html" title="Cayenne Guide"><link rel="up" href="cayenne-guide-part3.html" title="Part&nbsp;III.&nbsp;Cayenne Framework - Remote Object Persistence"><link rel="prev" href="implementing-rop-client.html" title="Chapter&nbsp;16.&nbsp;Implementing ROP Client"><link rel="next" href="current-limitations.html" title="Chapter&nbsp;18.&nbsp;Current Limitations"><script xmlns:d="http://docbook.org/ns/docbook" type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-7036673-1']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div xmlns:d="http://docbook.org/ns/docbook" class="navheader"><table width="100%" summary="Navigation header"><tr><th class="versioninfo">v.3.1 (3.1)</th><th align="center">Chapter&nbsp;17.&nbsp;ROP Deployment</th><th></th></tr><tr><td width="20%" align="left"><a accesskey="p" href="implementing-rop-client.html">Prev</a>&nbsp;</td><th width="60%" align="center"><a accesskey="u" href="cayenne-guide-part3.html">Part&nbsp;III.&nbsp;Cayenne Framework - Remote Object Persistence </a></th><td width="20%" align="right">&nbsp;<a accesskey="n" href="current-limitations.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter&nbsp;17.&nbsp;ROP Deployment"><div class="titlepage"><div><div><h2 class="title"><a name="rop-deployment"></a>Chapter&nbsp;17.&nbsp;ROP Deployment</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="rop-deployment.html#deploying-rop-server">Deploying ROP Server</a></span></dt><dt><span class="section"><a href="rop-deployment.html#deploying-rop-client">Deploying ROP Client</a></span></dt><dt><span class="section"><a href="rop-deployment.html#rop-security">Security</a></span></dt></dl></div><div class="section" title="Deploying ROP Server"><div class="titlepage"><div><div><h2 class="title"><a name="deploying-rop-server"></a>Deploying ROP Server</h2></div></div></div><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Recent versions of Tomcat and Jetty containers (e.g. Tomcat 6 and 7, Jetty 8) contain code
addressing a security concern related to "session fixation problem" by resetting the
existing session ID of any request that requires BASIC authentcaition. If ROP
service is protected with declarative security (see the the ROP tutorial and the
following chapters on security), this feature prevents the ROP client from attaching
to its session, resulting in MissingSessionExceptions. To solve that you will need
to either switch to an alternative security mechanism, or disable "session fixation
problem" protections of the container. E.g. the later can be achieved in Tomcat 7 by
adding the following <span class="emphasis"><em>context.xml</em></span> file to the webapp's META-INF/
directory:
</p><pre class="programlisting">&lt;Context&gt;
&lt;Valve className="org.apache.catalina.authenticator.BasicAuthenticator"
changeSessionIdOnAuthentication="false" /&gt;
&lt;/Context&gt;</pre><p>(The
&lt;Valve&gt; tag can also be placed within the &lt;Context&gt; in any other locations
used by Tomcat to load context configurations)</p></div></div><div class="section" title="Deploying ROP Client"><div class="titlepage"><div><div><h2 class="title"><a name="deploying-rop-client"></a>Deploying ROP Client</h2></div></div></div></div><div class="section" title="Security"><div class="titlepage"><div><div><h2 class="title"><a name="rop-security"></a>Security</h2></div></div></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="implementing-rop-client.html">Prev</a>&nbsp;</td><td width="20%" align="center"><a accesskey="u" href="cayenne-guide-part3.html">Up</a></td><td width="40%" align="right">&nbsp;<a accesskey="n" href="current-limitations.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter&nbsp;16.&nbsp;Implementing ROP Client&nbsp;</td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top">&nbsp;Chapter&nbsp;18.&nbsp;Current Limitations</td></tr></table></div></body></html>