share data between two tomcat contexts?

Discussion in 'Java' started by Laura Schmidt, May 17, 2014.

  1. Hi,

    I want to share some data between two tomcat applications running on the
    same server.

    There are a lot of suggestions proposing to set crossContext="true" in
    the corresponding context elements in the server.xml.

    However, I do not have access to tomcat's server.xml. I only can modify
    the war/WEB-INF/web.xml of my GWT app, which is the <web-app> element.

    Are there any solutions?

    Thank you
    Laura Schmidt, May 17, 2014
    1. Advertisements

  2. Laura Schmidt

    markspace Guest

    I'd have to guess "no." Tomcat (how do you know it's Tomcat and not
    another container?) is designed to prevent this sort of thing, so I
    can't see how they'd leave a hole open for apps to interfere with each

    At this point consider using your own server. Amazon has micro
    instances for cheap, and Tomcat, Apache and OpenJDK are easy downloads.
    It's somewhat more work but worth it imo for the extra control it
    gives you.
    markspace, May 17, 2014
    1. Advertisements

  3. Laura Schmidt

    Arne Vajhøj Guest

    There are several options:
    * store in database.
    * store in file on disk.
    * fetch from one app to another app via web service.

    For the second bullet you can use memory mapped file - it
    should perform very well (or so they say - I have never tried
    it myself).

    Arne Vajhøj, May 17, 2014
  4. Ok, but how would this work over time?

    Assume an app "FirstApp". What would I insert into the server.xml?

    And then, what happens, when I update the app, e. g. undeploy and
    redeploy it? There will be a time span where server.xml references to an
    app that does not exist?

    Thank you
    Laura Schmidt, May 17, 2014
  5. Laura Schmidt

    markspace Guest

    That's a whole different can of worms there. Assume you need to read
    the docs.

    After you have your own server, you can do anything you like. You can
    open up a named pipe and use that, server.xml won't be involved.
    markspace, May 17, 2014
  6. I don't get it:

    First, I said that I heared of a solution where you have to enable
    "crossContext" in the server.xml file, but I don't have access to this file.

    Then, you answered that I should get my own server. I understood that I
    should do this to be able to change my server.xml.

    Are you pointing to another solution, other than enabling cross context
    in server.xml?

    For your convenience, here is a description of the cross context solution:

    However, this article refers to a context element:
    <Context crossContext="true">

    But this statement does not refer to a special web app.
    That's why I asked about server.xml.

    Laura Schmidt, May 17, 2014
  7. Laura Schmidt

    Josip Almasi Guest

    I suppose so.
    Now that I've looked at the article (interesting one, thanks!), caller
    app may fail when context is unavailable during redeployment, in a
    number of ways.
    Also, redeployment of called app might delay, maybe even fail, for
    caller app keeps reference to called classloader.
    So it's up to you to make that time span shorter - don't store
    references to called context and classloader and object and methods
    anywhere, so they become unreachable as soon as possible.
    Reflection calls are never cached, you'll always get references to fresh
    classes, objects and methods.

    Josip Almasi, May 17, 2014
  8. If applications are more tightly bound than that then the natural thing
    would be to merge them into one application. What's best probably
    depends on the nature of applications and the data that needs to be

    Kind regards

    Robert Klemme, May 17, 2014
  9. Well, the first application is an existing legacy application where
    users can login.

    When logged in, they are informed about a relaunch of the application
    and they can follow a link to it.

    Within the new application I would like to know the identity of the user
    who is coming from the legacy application. This is why I would like to
    access the other one's sesson.

    Laura Schmidt, May 17, 2014
  10. Laura Schmidt

    Brixomatic Guest

    Why not have the first application return a customized link that
    contains some individual random token.
    Have it send that token to the second application using a web service or
    by updating some table in a shared database.
    When the second application comes in with that link, like:
    check that token against the recent tokens and log him on without asking
    for credentials, if the token matches a present one.
    Don't forget to expire tokens after a few minutes and after use, to
    avoid attackers using an old or active token and mind that the tokens
    should be big enough and randomly generated, so an attackers cannot just
    try a bunch of random tokens for quite some time, waiting for a real
    user to get a same one by chance.

    Kind regards,
    Brixomatic, May 22, 2014
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.