Web.xml and security constraints

Similar Messages

• SSL and security-constraints

  I'd like to know if anybody knows a way to abandon an https session.
  I know I can specify a set of protected resources, editing web.xml, in the following way:
  <security-constraint>
       <web-resource-collection>
            <web-resource-name>Protected Context</web-resource-name>
                 <url-pattern>/Login.jsp</url-pattern> 
          </web-resource-collection>
       <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
       </user-data-constraint>
    </security-constraint> I just saw that if I keep surfing my site, after the system redirected me to https (because a protected resource has been requested), all following requests are https, even if the resource is not specified as protected in web.xml, and not simple http!
  How can I specify that a resource must run in http?
  How can I specify that a resource is not protected?
  Hope somebody could help...
  Peppe.

  I'd like to know if anybody knows a way to abandon an https session.
  I know I can specify a set of protected resources, editing web.xml, in the following way:
  <security-constraint>
       <web-resource-collection>
            <web-resource-name>Protected Context</web-resource-name>
                 <url-pattern>/Login.jsp</url-pattern> 
          </web-resource-collection>
       <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
       </user-data-constraint>
    </security-constraint> I just saw that if I keep surfing my site, after the system redirected me to https (because a protected resource has been requested), all following requests are https, even if the resource is not specified as protected in web.xml, and not simple http!
  How can I specify that a resource must run in http?
  How can I specify that a resource is not protected?
  Hope somebody could help...
  Peppe.

• Mime-type tag in web.xml and attachment download

  i have set a mime-type in web.xml as below:
  <mime-mapping>
       <extension>xls</extension>
       <mime-type>application/vnd.ms-excel</mime-type>
  </mime-mapping>
  And i have a simple jsp that only shows a table and i am making this jsp to get downloaded as an excel attachment. To make it possible i have written the following line in the JSP:
  response.setHeader( "content-disposition", "attachment; filename=myexcel.xls" );
  But i am not setting the content type first by writing:
  response.setContentType( "application/vnd.ms-excel" );
  since i have already mentioned the appropriate mime-type for excel files in web.xml.
  I am using both mozilla and IE. Both are showing file download dialog. But IE is able to correctly identify the type of the attachment and opens it up with Microsoft Excel whereas mozilla fails to identify the type, assumes it to be an HTML document and opens it up in a new window of IE.
  mozilla works fine only when i set the content type in the JSP itself. But IE works in all conditions even without having the mime-type tag in web.xml.
  If i have already specified the mime-type for particular type of file in web.xml, is there any requirement to set the content type again in the JSP/servlet?
  Please help. I even changed the mime-type for .xls (excel) files in web.xml and made it text/plain, but still the same thing is happening. IE is always showing the correct file type where as mozilla is taking it as an HTML document.
  i am using weblogic server 8.1.

  the web xml mime type setting are for static files served by the server...
  if you print a file directly to the output of the servlet, you must set the mime type, so DO write :
  response.setContentType( "application/vnd.ms-excel" );
  IE "works fine" because it also uses the file extension to decide the mime type... but in the absolute, it's a wrong behaviour

• Web service proxy and security constraint

  I've placed a security constraint on my web service and set the login-config auth-method as BASIC. When I run the Workshop test and the (Test View) browser begins to appear I am prompted for my username and password since it is protected --- great, it's working.
  Here's my problem, when I create the Java Proxy and try to access the web service using the proxy in another application I am never prompted for my username and password and thus the request fails. Anyway to fix this so I can be promted using the proxy??
  thanks in advance,
  Steve Touw

  Hi Shay Shmeltzer,
  Thanks for the reply.
  I tried in HTTP Analyzer in JDeveloper and there also it is not working. My concern is :-
  There are many other web services deployed on the same SOA server in same partition and they are working fine in HTTP analyzer and I am able to create and use the web service proxy as well. So as per my understanding there is nothing like network issues between SOA server and jDeveloper.
  1 more thing When I am creating the proxy for this web service and requesting from the proxy's main method SOA is getting proper input (which I am providing in the main method) and SOA is returning proper output I have checked the SOA instance in em. So there is no problem in SOA side. The problem is jDeveloper is not able to get back that response which SOA is returning.
  Please Help.
  -- NavinK

• Jazn-data.xml file, authentication in web.xml and embedded oc4j

  I've defined new security-roles, security-constraints and an authentication method in my web.xml file and i've created a new jazn-data.xml file that holds the different users and their groups.
  If I want to link the security-roles of the web.xml file to the roles in the jazn-data.xml file I always need an orion-application.xml file, is this correct?
  If I want to deploy an application as this to the embedded container the security won't work, I'm always getting the '403 forbidden' page.
  Can somebody point me out how I need to define security for an embedded and standalone environment when using authentication and jazn-data.xml file + how do I deploy this to a standalone oc4j and how to get this same application to work in the embedded oc4J.

  hi "romanna"
  Part of the answer to "Can somebody point me out how I need to define security ..." can probably be found in the "Oracle ADF Developer's Guide" that has "18 Adding Security to an Application".
  success
  Jan

• Question on web.xml and login

  Hi all
  I am doing a web-based project, registered user need to log in before they view the member area pages.
  I have created a directory, called "client", in the Tomcat 4.1.24/webapps/ROOT/client I have put a index.html in the client directory. This index.html only can be viewed by the client after log in.
  For the best of my knowledge in Tomcat, in order to do this, I have created a web.xml in Tomcat_home/webaggs/ROOT/WEB-INF/web.xml, in the url-pattern section, I put /client/* to tell the tomcat server that index.html in client directory is the first page after user login.
  The problem is, I couldnt see the member welcome page after I login as a member, the browser gave me the error: HTTP status 400 - Invalid direct reference to form login page. However, if I specified the address http://localhost:8080/client/index.html , it show me the login page and after I input the username and password I can see the member welcome page.
  I dont know whether is something wrong with the web.xml or I should do other thing to let the server know which is the first page after member login.
  Thank you very much
  Kelvin
  =====================================================
  <web-app>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>Security</web-resource-name>
  <url-pattern>/client/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>administrator</role-name>
       <role-name>client</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/login.html</form-login-page>
  <form-error-page>/login_error.html</form-error-page>
  </form-login-config>
  </login-config>
  </web-app>
  =====================================================

  Wow, you really are in the wrong place with this query, its not really even java ;o) This is the new to java forum! Perhaps you would be better off (in fact I know for a FACT that you will be as I have seen answers to identical problems there) in the Tomcat-user list...
  Go HERE:
  http://www.mail-archive.com/[email protected]/
  and search

• Web.xml form security login

  I am using formed based security in a web.xml file. I was wondering if there is
  anyway to limit logins, for example...
  I logon with a uid "peterc" and a password of "car", I don't want anyone else
  to then be able to login using the same uid and password while the session is
  active. We are using a custom built realm the extends the abstractManagableRealm,
  and Netscape Directory server for our LDAP tree, Weblogic Application Server 5.1
  sp8. Is there a tag in the web.xml file we can set, or do we need to add code
  to the realm? Or could there be another simple solution?

  Chris,
  I think you have to do this on your own - I know of no standard or proprietay way of
  limiting how many simultaneous times a user is logged in.
  Chris wrote:
  I am using formed based security in a web.xml file. I was wondering if there is
  anyway to limit logins, for example...
  I logon with a uid "peterc" and a password of "car", I don't want anyone else
  to then be able to login using the same uid and password while the session is
  active. We are using a custom built realm the extends the abstractManagableRealm,
  and Netscape Directory server for our LDAP tree, Weblogic Application Server 5.1
  sp8. Is there a tag in the web.xml file we can set, or do we need to add code
  to the realm? Or could there be another simple solution?--
  Tom Mitchell
  [email protected]
  Very Current Stoneham, MA Weather
  http://www.tom.org

• Other web browsers and security issues?

  Since even an Apple KB article recognizes the need for an additional browser and because of Safari's limitations and problems, I'm going to try switching to another browser (most likely OmniWeb and am looking at Firefox, Shira and Opera also though perhaps not as a primary browser) but I'm wondering about their ability to keep on top of any security issues for Mac? (and how do you keep up with security updates?)
  Though perhaps unfounded, at least with Safari, I feel that Apple has a vested interest in keeping on top of security issues (for Safari and Java) and I can readily find out about security updates via software updater.

  Most of the other Mac browsers have their adherents. They are all good browsers (I have 7 browsers installed to test various web sites and for change-of-pace usage). They all have their strengths and they all have their weaknesses. Only iCab and OmniWeb are still shareware, the rest are now or always have been free (Opera just recently stopped charging for its browser).
  I have settled on Firefox as my alternate browser and I use it maybe just a tad more than Safari, but I do switch back and forth between them. The Mozilla foundation is good at getting security updates out when needed. Firefox has a button on the toolbar to check for updates. One nice thing about Firefox is that you can install free extensions which enhance the features available. I have one to supplement tab features, one to control iTunes from Firefox's status bar, one to help me format messages in discussion forums, and one to block ads.
  I prefer OmniWeb for doing intensive research because of the way it handles tabs in its sidebar, showing me which ones I've looked at and which ones I haven't, and giving me great flexibility in rearranging tabs, which are viewable as thumbnails or text names (I have had up to a hundred or so tabs open in OmniWeb.
  Shiira is good and its fast. I have not checked for updates for a while, but the last time I updated there was still a problem with Shiira kicking you out of logged-in sites when you moved from page to page with in web site. This may have been fixed by now - they were aware of the problem back then.
  Camino is a native OS X cousin of Firefox and is also fast, but is not updated as often.
  I would stay away from Mozilla or Netscape unless you need all the additional modules they have and which take up hard disk space. Firefox and Camino represent the browser module of Mozilla/Netscape. Mozilla and Netscape have modules for email, irc chat, newsgroups, and for creating and editing web pages. Netscape is a branded and slightly customized version of Mozilla and is not updated as often.
  Opera is a nice browser and some use it as their main browser, but I have not seen anything that really stands out for me, but that does not mean it is not worth a look.
  I would stay away from abandonware Internet Explorer.
  As for checking for updates, several of them, as with many Mac programs, now have a menu item that allows you to check for updates. Most of them also announce their updates on both VersionTracker and MacUpdate.
  Happy Exploring.

• Getting Email Value from web.xml and displaying in JSF

  HI,
  I have a web.xml with the entry:
  <env-entry>
          <description>The email address for the Support Team.</description>
          <env-entry-name>support</env-entry-name>
          <env-entry-type>java.lang.String</env-entry-type>
          <env-entry-value>[email protected]</env-entry-value>
  </env-entry>I want to display on the JSF the value *"[email protected]"*. I dont want to Hard Code the Email Id on the JSF hence I am looking for this solution.
  One way would be to get the value of the email in a backing bean and then setting a managedBeanValue which will be accessed in the JSF Display page.
  My question is how do I get the email value in my backing bean ?
  Thanks in advance !!!

  I tried using this code:
      FacesContext context = FacesContext.getCurrentInstance();
      ServletContext servletContext = (ServletContext)context.getExternalContext().getContext();
      String value = (String)(servletContext.getAttribute("support");But when I do a System Out on value I get null
  Please Help.
  Thanks in advance

• Problems with error-page in web.xml and page caching

  Having a few problems with error pages and web.xml with browsers caching the error pages and strange errors coming out of weblogic.servlet.intenal.WebAppServletContext
  I'm trying to set a web app up so that all http errors and all exceptions are routed thruogh predefined resources. For now, I'm simply send 400 errors to 400.html and the ServletException, IOException and RuntimeException to respective html pages.
  What I'm finding is that the error codes work fine but the exceptions are only be routed to the correct error page for the first call to the servlet after server restart.
  So for example, I have my servlet throwing a ServletException as a test case. The weblogic server log shows that ServletException is thrown, and the correct error page for ServletExceptions is shown.
  If I change the Servlet code to throw IOException in place of SevletException, the weblogic.log shows that IOExceptyion is being thrown (so the servlet has deployed successfully), however the Servletxception error page is shown on the browser.
  I'm using IE6 and I've changed the setting such that a new page is requested every time using the tools-internet options-temp internet files-settings option to "check for new versions of stored pages: Every visit to the page".
  Despite this, the servlet exception error page still appears.
  If you clear the cache from the temp intenet files->delete files IE option, the correct errror page will be shown so it appears that the browser cache is being used after all.
  everytime I delete the temp intenet files I get the correct error page on the first request after but then not after that.
  I have implemented the service method for this test to throw the exceptions - does this make a differecne?
  As a test, I have moved the imlpementation to the doGet method instead bu I now get a strange eror from weblogic comlpaining about an arrayOutOfBoundsException because eror codes in the web.xml are not supported! - see error above.
  Any help is appreciated

  After further investigation: -
  There are no problems with error pages based on error codes, only error exceptions.
  As a test case, I have a service method in a servlet throwing either one of the three exception types that servlets can throw (Runtime, Servlet & IO) the following rules apply. The exception to be thrown is hardcoded and is changed and the web app rebuilt each time. The correct web.xml has been deployed to the app server (checked through console). the webapp is being redeployed correctly - this can be seen in the weblogic log, where the correct exception is reported.
  I am using WLS 8.1, Servlet 2.3, JDK 1.4.1_02
  In all cases, the weblogic log reports that the servlet is throwing the exception as expected.
  Despite having set error-page for exception javax.servlet.ServletException, the exceptions are diverted to the error page that has been set up for http error code 500
  The error page for ServletException is therefore never reached.
  I have the browser set to request pages every time it is asked.
  Once the servlet has thrown an IOException, the only way to get the browser to report an IO or Runtime exception error-page is to clear the browser cache. Restarting the server has no effect.
  Once the servlet has responded with ANY exception, it is not possible to get it to report a ServletException (which is incorrectly reported as a 500 anyway) unless the cache is cleared. Restarting the server has no effect.
  In the case where the servlet throws ServletException, it has no root exception. The servlet 2.3 spec states that if ServletException is thrown but cannot be found in the error pages, the root excpetion will be extracted and the error page list traversed again. Knowing that the RuntimeException error page is correct shown when RuntimeException is throwm, I have nested this inside the ServletException, however error page for http error 500 is still shown.
  I don't believe this is a WLS 8.1 problem, as the console shows that the correct exception is thrown each time. this is backed up by the fact that the correct exception page is thrown when the cache is cleared regardless of what exception was previousdly thrown by the servlet. This excludes ServletException which is always incorrectly thrown as a 500.

• What is web.xml and why it is used?

  hi,
  am new to servlet technology, i tried to find a topic like this in this fourm also in google but didn't get a exact one. can anybody explain me or suggest me some resource about this.
  thanx in advance.
  Max

  hi stevejluke,
  thanx for the correct link.
  nx for the correct link. but what i in doubt with is
  why we should use web.xml? may be my question is very
  silly, may be too basic, forgive me for that...
  Thanx & Regards,
  SaikatAt the most basic level:
  There are several versions of the Servlet specification, You need the web.xml to tell the server which version of the spec your application conforms to so the server knows how to deal with different things.
  If you have a servlet, you also need the web.xml to define what URL signals a request that should be handled by your servlet.
  At this point, you need to sit down and read a book. Do what it says, blindly at first. Just do what it says (but do try to understand the 'what' of it, just don't question the 'why'). After you have a few applications running, go back and ask yourself this question again and try to see what you are using the web.xml for in those applications you have.

• Env-entry in web.xml and 6.0 sp4

  Does anyone know if iws 6.0 sp4 supports env-entry elements in web.xml???
  According to servlet specs 2.2 it should support it since it has JSP support.
  From 2.3 specs:
  "The following addtional elements exist in the web application deployment
  descriptor to meet the requirements of web containers that are JSP enabled or part
  of a J2EE application server. They are not required to be supported by containers
  wishing to support only the servlet specification.:
  � taglib
  � syntax for looking up JNDI objects (env-entry, ejb-ref, ejb-local-ref, resourceref,
  resource-env-ref)
  See the DTD comments for further description of these elements."

  Additional info...actually the code throws a NamingException.

• Help with web.xml and deploying a servlet

  Hello,
  I've been tearing me hair out for the last few hours trying to get this to work... I've got a servlet org.fatbaob.servtest.Servtest that I want to deploy with Tomcat 4.0.4. It doesn't seem to mater what I put in the web.xml file I'm always getting 404 errors.
  The servlet is contained in a file c:\development\projects\servtest\WEB_INF\classes\org\fatboab\servtest\Servtest
  which mapped with a <context> tag in the Tomcat conf\server.xml file:
  <!-- Servtest context -->
       <Context path="/servtest" docBase="C:\development\projects\servtest" debug="0" privileged="true" reloadable="true">
       <Logger className="org.apache.catalina.logger.FileLogger" prefix="localhost_servtest_log." suffix=".txt" timestamp="true"/>
  </Context>
  My web.xml file contains:
  <?xml version="1.0" encoding="ISO-8859-1"?>
  <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
  <web-app>
  <servlet>
  <servlet-name>ServTest</servlet-name>
  <servlet-class>org.fatboab.servtest.Servtest</servlet-class>
  </servlet>
  </web-app>
  Although I have tried putting in <servlet-mapping> tags, but they didn't seem to work either.
  My html file contains:
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
  <head>
  <title>Servlet Test</title>
  </head>
  <body>
  <h1>Servlet Test</h1>
  <form action="/servtest/servlet/org.fatboab.servtest.Servtest" method="post">
  <table>
  <tbody>
  <tr>
  <td>Name:</td>
  <td><input type="text" size="77" name="name" /></td>
  </tr>
  <tr>
  <td>Email:</td>
  <td><input type="text" size="77" name="email" /></td>
  </tr>
  <tr>
  <td colspan="2"><input type="submit" value="Submit" /></td>
  </tr>
  </tbody>
  </table>
  </form>
  </body>
  </html>
  The 404 error I get is:
  description The requested resource (/servtest/servlet/org.fatboab.servtest.Servtest) is not available.
  Help!
  Cheers,
  Bob.

  Hello,
  I've been tearing me hair out for the last few hours
  trying to get this to work... I've got a servlet
  org.fatbaob.servtest.Servtest that I want to deploy
  with Tomcat 4.0.4. It doesn't seem to mater what I put
  in the web.xml file I'm always getting 404 errors.
  The servlet is contained in a file
  c:\development\projects\servtest\WEB_INF\classes\org\fa
  boab\servtest\Servtest
  which mapped with a <context> tag in the Tomcat
  conf\server.xml file:
  <!-- Servtest context -->
  <Context path="/servtest"
  docBase="C:\development\projects\servtest" debug="0"
  privileged="true" reloadable="true">
  <Logger
  er className="org.apache.catalina.logger.FileLogger"
  prefix="localhost_servtest_log." suffix=".txt"
  timestamp="true"/>
  </Context>
  My web.xml file contains:
  <?xml version="1.0" encoding="ISO-8859-1"?>
  <!DOCTYPE web-app PUBLIC "-//Sun Microsystems,
  Inc.//DTD Web Application 2.3//EN"
  "http://java.sun.com/dtd/web-app_2_3.dtd">
  <web-app>
  <servlet>
  <servlet-name>ServTest</servlet-name>
  <servlet-class>org.fatboab.servtest.Servtest</servlet-
  lass>
  </servlet>
  </web-app>
  Although I have tried putting in <servlet-mapping>
  tags, but they didn't seem to work either.
  My html file contains:
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
  "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml"
  xml:lang="en">
  <head>
  <title>Servlet Test</title>
  </head>
  <body>
  <h1>Servlet Test</h1>
  <form
  action="/servtest/servlet/org.fatboab.servtest.Servtest
  method="post">
  <table>
  <tbody>
  <tr>
  <td>Name:</td>
  <td><input type="text" size="77" name="name"
  ="name" /></td>
  </tr>
  <tr>
  <td>Email:</td>
  <td><input type="text" size="77" name="email"
  "email" /></td>
  </tr>
  <tr>
  <td colspan="2"><input type="submit"
  submit" value="Submit" /></td>
  </tr>
  </tbody>
  </table>
  </form>
  </body>
  </html>
  The 404 error I get is:
  description The requested resource
  (/servtest/servlet/org.fatboab.servtest.Servtest) is
  not available.
  Help!
  Cheers,
  Bob.Bob,
  Here an servlet definition I have defined in my web.xml...just plug in your values.
  <servlet>
  <servlet-name>AutoUpload</servlet-name>
  <servlet-class>com.lendleaserei.webservices.AutoUpload</servlet-class>
  <display-name></display-name>
  <description></description>
  </servlet>
  <servlet-mapping>
  <url-pattern>/webs</url-pattern>
  <servlet-name>com.lendleaserei.webservices.AutoUpload</servlet-name>
  </servlet-mapping>
  Hope this helps,
  Marco

• Web.xml and web service

  In a web.xml file there is a section:
  *<service-ref>*
  <service-ref-name>xxxx</service-ref-name>
  <service-interface>x</service-interface>
  <wsdl-file>WEB-INF/x.wsdl</wsdl-file>
  <jaxrpc-mapping-file>WEB-INF/x.xml</jaxrpc-mapping-file>
  <port-component-ref>
  <service-endpoint-interface>xxxxxxxx</service-endpoint-interface>
  </port-component-ref>
  *</service-ref>*
  I have two questions:
  1)To use web service, is this section mandatory or optional?
  2)If optional, what is this section used for?
  Thanks
  Scott

  With JAX-WS this is not required.

• Orion-web.xml and resource-env-ref-mapping correct usage

  What happened to resource-env-ref-mapping element in orion-web.xml? I have a 9.0.4.1 server running several .EAR files containing web applications using this attribute to configure JMS related items. But when deploying the .EAR to newer versions (9.0.5.2) of the server this attribute doesn't appear to be valid any longer?
  Here it is in the 9.0.4 documentation:
  http://strogoff.unex.es/oradoc/form_y_report_10g/web.904/b10322/apdx_a.htm
  Any help would be appreciated?

  I should have been more clear about the issue. The error only occurs when running inside the embedded OC4J container of JDeveloper 10.1.2 build 1913. The error does NOT occur in JDeveloper 9.0.3. The application also runs fine when deployed to a 10.1.2 Enterprise application server. The error only occurs in JDeveloper.
  The following error occurs when validating my orion-web.xml file. The entry is:
  orion-web.xml:
  <orion-web-app>
  <resource-ref-mapping name="jms/mQueueConnectionFactory" location="jms/matchingQueueConnectionFactory"/>
  <resource-env-ref-mapping name="jms/mQueue" location="jms/matchingQueue"/>
  </orion-web-app>
  web.xml
  <resource-env-ref>
  <resource-env-ref-name>jms/mQueue</resource-env-ref-name>
  <resource-env-ref-type>javax.jms.Queue</resource-env-ref-type>
  </resource-env-ref>
  java.lang.IllegalArgumentException: Unrecognized parent-elem combination: interface oracle.jdeveloper.xml.oc4j.war.OrionWebApp - resource-env-ref-mapping
       at oracle.javatools.xml.bind.XMLBinding.throwUnrecognizedElem(XMLBinding.java:127)
       at oracle.jdeveloper.xml.j2ee.war.WebAppBinding.elem2intImpl(WebAppBinding.java:637)
       at oracle.javatools.xml.bind.XMLBinding.elem2int(XMLBinding.java:104)
       at oracle.javatools.xml.bind.XMLBinding.insertBetween(XMLBinding.java:88)
       at oracle.javatools.xml.bind.BindingContext.insertNewElement(BindingContext.java:121)
       at oracle.javatools.xml.bind.BindingContext.insertElem(BindingContext.java:95)
       at oracle.javatools.xml.bind.BindingContext.setElement(BindingContext.java:71)
       at oracle.javatools.xml.bind.SetImpl.callSetterForUniqueElem(SetImpl.java:66)
       at oracle.javatools.xml.bind.SetImpl.callSetter(SetImpl.java:57)
       at oracle.javatools.xml.bind.SetImpl.invoke(SetImpl.java:26)
       at oracle.javatools.xml.bind.ElementProxy.invoke(ElementProxy.java:35)
       at $Proxy10.setWebApp(Unknown Source)
       at oracle.jdevimpl.runner.oc4j.Oc4jWorkspaceConfig.ensureLocalPageReposRootIsSet(Oc4jWorkspaceConfig.java:633)
       at oracle.jdevimpl.runner.oc4j.Oc4jWorkspaceConfig.transmogrifyConfigFiles(Oc4jWorkspaceConfig.java:269)
       at oracle.jdevimpl.runner.oc4j.Oc4jWorkspaceConfig.configureAll(Oc4jWorkspaceConfig.java:114)
       at oracle.jdevimpl.runner.oc4j.Oc4jStarter.preStart(Oc4jStarter.java:618)
       at oracle.jdevimpl.runner.oc4j.Oc4jStarter.start(Oc4jStarter.java:268)
       at oracle.ide.runner.RunProcess.startTarget(RunProcess.java:756)
       at oracle.jdeveloper.runner.JRunProcess.startTarget(JRunProcess.java:461)
       at oracle.ide.runner.RunProcess$2.run(RunProcess.java:699)
       at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:178)
       at java.awt.EventQueue.dispatchEvent(EventQueue.java:454)
       at java.awt.EventDispatchThread.pumpOneEventForHierarchy(EventDispatchThread.java:201)
       at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:151)
       at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:145)
       at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:137)
       at java.awt.EventDispatchThread.run(EventDispatchThread.java:100)