| Author |
Message |
|
|
Post subject: Security Risk MyEclipse Maven Tomcat 7.0.23 Exploded Deploy
 Posted: Mar 05, 2012 - 05:55 PM
|
|
Registered Member
Joined: Mar 10, 2005
Posts: 249
|
|
I can finally report that I have traced ONE instance (repeatable) that causes extraneous files to be dumped into the webapps area of Tomcat 7.
This is probably a security risk too as one of the files is persistance.xml with passwords!
With a Maven project that has been exploded deployed simply start MyEclipse from scratch (possibly with -clean) and force a save of the pom.xml and the pom.xml file will be put into base webapps directory.
I check the webapps folder a lot now to see if MyEclipse has bunged files in there...
Sometime it can be a LOT of config files and this gives some very strange errors.
I hope you manage to repeat at your end as it may show up why all the others end up in there too!
:)
UPDATE: Also does it for:
import.sql
messages.properties
orchestration.xml
...
UPDATE:
They also get bunged in the base area of the project too it seems. |
|
|
| |
|
|
|
 |
|
|
|
Post subject:
Posted: Mar 05, 2012 - 06:02 PM
|
|
Registered Member
Joined: Mar 10, 2005
Posts: 249
|
|
In fact.. when you first start up it seems all the files get dumped in there... |
|
|
| |
|
|
|
|
|
|
|
Post subject:
Posted: Mar 05, 2012 - 06:03 PM
|
|
Registered Member
Joined: Mar 10, 2005
Posts: 249
|
|
This should be in Bugs I guess (Sorry). |
|
|
| |
|
|
|
|
|
|
|
Post subject:
Posted: Mar 16, 2012 - 02:16 AM
|
|
Registered Member
Joined: Mar 10, 2005
Posts: 249
|
|
|
|
|
|
|
|
|
Post subject:
Posted: Mar 18, 2012 - 09:49 PM
|
|
Moderator
Joined: Aug 21, 2004
Posts: 2508
|
|
Tony,
Sorry, didn't notice this post earlier. Can you give me a few additional details on the structure of the application you are deploying? Are you deploying a single Maven web project or is this an EAR with a web module? Does the web project have any dependent Java projects?
The extra files that are being copied into the deploy root, which project and location are they originally from? You mentioned they get bunged int eh base area of the project - so I assume they were not in the root of the project to start with.
Do you have Deployment Assembly enabled for your web project? Got to project properties > MyEclipse > Deployment Assembly - is it enabled? If so, can you enumerate the mappings that are listed there? |
_________________
Brian
MyEclipse Support
|
| |
|
|
|
|
|
|
|
Post subject:
Posted: Mar 18, 2012 - 10:10 PM
|
|
Registered Member
Joined: Mar 10, 2005
Posts: 249
|
|
| Quote: | Are you deploying a single Maven web project or is this an EAR with a web module? Does the web project have any dependent Java projects?
|
Single war project; no dependent projects
| Quote: | | The extra files that are being copied into the deploy root, which project and location are they originally from |
Same project
| Quote: | | You mentioned they get bunged int eh base area of the project - so I assume they were not in the root of the project to start with. |
They are just boilerplate code from the various areas that need to be setup in a JSF/Maven project (e.g. src/main/resource)
| Quote: | | Do you have Deployment Assembly enabled for your web project? Got to project properties > MyEclipse > Deployment Assembly - is it enabled? If so, can you enumerate the mappings that are listed there? |
|
|
|
| |
|
|
|
|
|
|
Member Login
Search
Register
Log in to check your private messages
