要使用的implementation的Java類名。這個類必須執行org.apache.catalina.Server 接口。如果沒有指定類名，將使用標準實現。

TCP/IP端口數目，這個服務器在此等待關閉。這個連接必須從正在運行這個Tomcat實例的相同的服務器計算機上被初始化。

要關閉Tomcat，必須通過TCP/IP連接到指定的端口數目來被接受的命令字符串。

要使用的implementation的Java類名。這個類必須執行org.apache.catalina.Service 接口。如果沒有指定類名，將使用標準實現。

這個Service元素所顯示的名字，如果你使用標準的Catalina組件，它會被包括在log messages里面。每個與某一特殊的Server(服務器)相關聯的Service的名字必須是獨特的。

一個布林值，可以用來啟用或取消TRACE HTTP方法。如果沒有指定，這個屬性被設置為false。

If set to true, all paths for session cookies will be set to /. This can be useful for portlet specification implementations, but will greatly affect performance if many applications are accessed on a given server by the client. If not specified, this attribute is set to false.

如果你想為了返回遠程客戶的實際主機名而調用request.getRemoteHost()方法來執行DNS查詢，就把它設置為true。要跳過DNS查詢并返回String形式的IP地址，就把它設置為false(這樣可以提高性能)。在缺省情況下，DNS查詢是可以啟用的。

The maximum size in bytes of the POST which will be handled by the container FORM URL parameter parsing. The limit can be disabled by setting this attribute to a value less than or equal to 0. If not specified, this attribute is set to 2097152 (2 megabytes).

The maximum size in bytes of the POST which will be saved/buffered by the container during FORM or CLIENT-CERT authentication. For both types of authentication, the POST will be saved/buffered before the user is authenticated. For CLIENT-CERT authentication, the POST is buffered for the duration of the SSL handshake and the buffer emptied when the request is processed. For FORM authentication the POST is saved whilst the user is re-directed to the login form and is retained until the user successfully authenticates or the session associated with the authentication request expires. The limit can be disabled by setting this attribute to -1. Setting the attribute to zero will disable the saving of POST data during authentication . If not specified, this attribute is set to 4096 (4 kilobytes).

This attribute value must be HTTP/1.1 to use the HTTP handler, which is the default.

If this Connector is being used in a proxy configuration, configure this attribute to specify the server name to be returned for calls to request.getServerName(). See Proxy Support for more information.

If this Connector is being used in a proxy configuration, configure this attribute to specify the server port to be returned for calls to request.getServerPort(). See Proxy Support for more information.

If this Connector is supporting non-SSL requests, and a request is received for which a matching <security-constraint> requires SSL transport, Catalina will automatically redirect the request to the port number specified here.

Set this attribute to the name of the protocol you wish to have returned by calls to request.getScheme(). For example, you would set this attribute to "https" for an SSL Connector. The default value is "http". See SSL Support for more information.

Set this attribute to true if you wish to have calls to request.isSecure() to return true for requests received by this Connector (you would want this on an SSL Connector). The default value is false.

This specifies the character encoding used to decode the URI bytes, after %xx decoding the URL. If not specified, ISO-8859-1 will be used.

This specifies if the encoding specified in contentType should be used for URI query parameters, instead of using the URIEncoding. This setting is present for compatibility with Tomcat 4.1.x, where the encoding specified in the contentType, or explicitely set using Request.setCharacterEncoding method was also used for the parameters from the URL. The default value is false.

Set this attribute to true to cause Tomcat to use the IP address that the request was recieved on to determine the Host to send the request to. The default value is false.

Set this attribute to true to cause Tomcat to advertise support for the Servlet specification using the header recommended in the specification. The default value is false.

The maximum queue length for incoming connection requests when all possible request processing threads are in use. Any requests received when the queue is full will be refused. The default value is 10.

對于具有不止一個IP地址的服務器來說,這個屬性指定了哪一個地址將被用來在指定的端口監聽。在缺省情況下，這個端口會被使用在所有與這個服務器相關的IP地址上。

The size (in bytes) of the buffer to be provided for input streams created by this connector. By default, buffers of 2048 bytes will be provided.

The value is a comma separated list of MIME types for which HTTP compression may be used. The default value is text/html,text/xml,text/plain.

The Connector may use HTTP/1.1 GZIP compression in an attempt to save server bandwidth. The acceptable values for the parameter is "off" (disable compression), "on" (allow compression, which causes text data to be compressed), "force" (forces compression in all cases), or a numerical integer value (which is equivalent to "on", but specifies the minimum amount of data before the output is compressed). If the content-length is not known and compression is set to "on" or more aggressive, the output will also be compressed. If not specified, this attribute is set to "off".

The number of milliseconds during which the sockets used by this Connector will linger when they are closed. The default value is -1 (socket linger is disabled).

The number of milliseconds this Connector will wait, after accepting a connection, for the request URI line to be presented. The default value is 60000 (i.e. 60 seconds).

This flag allows the servlet container to use a different, longer connection timeout while a servlet is being executed, which in the end allows either the servlet a longer amount of time to complete its execution, or a longer timeout during data upload. If not specified, this attribute is set to "true".

The maximum size of the request and response HTTP header, specified in bytes. If not specified, this attribute is set to 4096 (4 KB).

The maximum number of HTTP requests which can be pipelined until the connection is closed by the server. Setting this attribute to 1 will disable HTTP/1.0 keep-alive, as well as HTTP/1.1 keep-alive and pipelining. Setting this to -1 will allow an unlimited amount of pipelined or keep-alive HTTP requests. If not specified, this attribute is set to 100.

The maximum number of unused request processing threads that will be allowed to exist until the thread pool starts stopping the unnecessary threads. The default value is 50.

The maximum number of request processing threads to be created by this Connector, which therefore determines the maximum number of simultaneous requests that can be handled. If not specified, this attribute is set to 200.

The number of request processing threads that will be created when this Connector is first started. The connector will also make sure it has the specified number of idle processing threads available. This attribute should be set to a value smaller than that set for maxThreads. The default value is 4.

The value is a comma separated list of regular expressions matching user-agents of HTTP clients for which compression should not be used, because these clients, although they do advertise support for the feature, have a broken implementation. The default value is an empty String (regexp matching disabled).

The TCP port number on which this Connector will create a server socket and await incoming connections. Your operating system will allow only one server application to listen to a particular port number on a particular IP address.

The value is a comma separated list of regular expressions matching user-agents of HTTP clients for which HTTP/1.1 or HTTP/1.0 keep alive should not be used, even if the clients advertise support for these features. The default value is an empty String (regexp matching disabled).

The Server header for the http response. Unless your paranoid, you won't need this feature.

The size (in bytes) of the buffer to be provided for socket output buffering. -1 can be specified to disable the use of a buffer. By default, a buffers of 9000 bytes will be used.

The thread pooling strategy which will be used. The default strategy does not use a master thread, but a more conventional strategy using a master listener thread can be used by setting "ms" as this attribute's value. The master strategy will work significantly better using the threadPriority attribute, which will apply only to the thread which listens on the server socket. This is set to lf by default.

If set to true, the TCP_NO_DELAY option will be set on the server socket, which improves performance under most circumstances. This is set to true by default.

The priority of the request processing threads within the JVM. The default value is java.lang.Thread#NORM_PRIORITY. See the JavaDoc for the java.lang.Thread class for more details on what this priority means.

The certificate encoding algorithm to be used. If not specified, the default value is SunX509.

Set to true if you want the SSL stack to require a valid certificate chain from the client before accepting a connection. Set to want if you want the SSL stack to request a client Certificate, but not fail if one isn't presented. A false value (which is the default) will not require a certificate chain unless the client requests a resource protected by a security constraint that uses CLIENT-CERT authentication. See the SSL HowTo for an example.

The pathname of the keystore file where you have stored the server certificate to be loaded. By default, the pathname is the file ".keystore" in the operating system home directory of the user that is running Tomcat.

The password used to access the server certificate from the specified keystore file. The default value is "changeit".

The type of keystore file to be used for the server certificate. If not specified, the default value is "JKS".

The version of the SSL protocol to use. If not specified, the default is "TLS".

A comma seperated list of the encryption ciphers that may be used. If not specified, then any available cipher may be used.

一個布林值，可以用來啟用或取消TRACE HTTP方法。如果沒有指定，這個屬性被設置為false。

If set to true, all paths for session cookies will be set to /. This can be useful for portlet specification implementations, but will greatly affect performance if many applications are accessed on a given server by the client. If not specified, this attribute is set to false.

如果你想為了返回遠程客戶的實際主機名而調用request.getRemoteHost()方法來執行DNS查詢，就把它設置為true。要跳過DNS查詢并返回String形式的IP地址，就把它設置為false(這樣可以提高性能)。在缺省情況下，DNS查詢是可以啟用的。

The maximum size in bytes of the POST which will be handled by the container FORM URL parameter parsing. The feature can be disabled by setting this attribute to a value less than or equal to 0. If not specified, this attribute is set to 2097152 (2 megabytes).

The maximum size in bytes of the POST which will be saved/buffered by the container during FORM or CLIENT-CERT authentication. For both types of authentication, the POST will be saved/buffered before the user is authenticated. For CLIENT-CERT authentication, the POST is buffered for the duration of the SSL handshake and the buffer emptied when the request is processed. For FORM authentication the POST is saved whilst the user is re-directed to the login form and is retained until the user successfully authenticates or the session associated with the authentication request expires. The limit can be disabled by setting this attribute to -1. Setting the attribute to zero will disable the saving of POST data during authentication. If not specified, this attribute is set to 4096 (4 kilobytes).

This attribute value must be AJP/1.3 to use the AJP handler.

If this Connector is being used in a proxy configuration, configure this attribute to specify the server name to be returned for calls to request.getServerName(). See Proxy Support for more information.

If this Connector is being used in a proxy configuration, configure this attribute to specify the server port to be returned for calls to request.getServerPort(). See Proxy Support for more information.

If this Connector is supporting non-SSL requests, and a request is received for which a matching <security-constraint> requires SSL transport, Catalina will automatically redirect the request to the port number specified here.

This attribute controls request registration for JMX monitoring of the Connector. It is enabled by default, but may be turned it off to save a bit of memory.

Set this attribute to the name of the protocol you wish to have returned by calls to request.getScheme(). For example, you would set this attribute to "https" for an SSL Connector. The default value is "http". See SSL Support for more information.

Set this attribute to true if you wish to have calls to request.isSecure() to return true for requests received by this Connector (you would want this on an SSL Connector). The default value is false.

This specifies the character encoding used to decode the URI bytes, after %xx decoding the URL. If not specified, ISO-8859-1 will be used.

This specifies if the encoding specified in contentType should be used for URI query parameters, instead of using the URIEncoding. This setting is present for compatibility with Tomcat 4.1.x, where the encoding specified in the contentType, or explicitely set using Request.setCharacterEncoding method was also used for the parameters from the URL. The default value is false.

Set this attribute to true to cause Tomcat to use the ServerName passed by the native web server to determine the Host to send the request to. The default value is false.

Set this attribute to true to cause Tomcat to advertise support for the Srevlet specification using the header recommended in the specification. The default value is false.

For servers with more than one IP address, this attribute specifies which address will be used for listening on the specified port. By default, this port will be used on all IP addresses associated with the server. A value of 127.0.0.1 indicates that the Connector will only listen on the loopback interface.

The maximum queue length for incoming connection requests when all possible request processing threads are in use. Any requests received when the queue is full will be refused. The default value is 10.

The size of the output buffer to use. If less than or equal to zero, then output buffering is disabled. The default value is -1 (i.e. buffering disabled)

The number of milliseconds this Connector will wait, after accepting a connection, for the request URI line to be presented. The default value is infinite (i.e. no timeout).

The minimum number of processors to start at initialization time. If not specified, this atttribute is set to 5.

The maximum number of processors allowed. This should be set to a value that is greater than or equal to the maximum number of concurrent connections the remote web server can open to Tomcat simultaneously. For example, if the web server is Apache 1.x or 2.x Tomcat's maxProcessors should be set to the value of Apache's maxClients directive.

A maxProcessors value of zero (0) signifies that the number of processors is unlimited. If not specified, this atttribute defaults to 20.

The maximum number of unused request processing threads that will be allowed to exist until the thread pool starts stopping the unnecessary threads. The default value is 50.

The maximum number of request processing threads to be created by this Connector, which therefore determines the maximum number of simultaneous requests that can be handled. If not specified, this attribute is set to 200.

The number of request processing threads that will be created when this Connector is first started. The connector will also make sure it has the specified number of idle processing threads available. This attribute should be set to a value smaller than that set for maxThreads. The default value is 4.

The TCP port number on which this Connector will create a server socket and await incoming connections. Your operating system will allow only one server application to listen to a particular port number on a particular IP address.

If set to true, the TCP_NO_DELAY option will be set on the server socket, which improves performance under most circumstances. This is set to true by default.

If set to true, the authetication will be done in Tomcat. Otherwise, the authenticated principal will be propagated from the native webaserver and used for authorization in Tomcat. The default value is true.

This value represents the delay in seconds between the invocation of the backgroundProcess method on this context and its child containers, including all wrappers. Child containers will not be invoked if their delay value is not negative (which would mean they are using their own processing thread). Setting this to a positive value will cause a thread to be spawn. After waiting the specified amount of time, the thread will invoke the backgroundProcess method on this host and all its child containers. A context will use background processing to perform session expiration and class monitoring for reloading. If not specified, the default value for this attribute is -1, which means the context will rely on the background processing thread of its parent host.

Java class name of the implementation to use. This class must implement the org.apache.catalina.Context interface. If not specified, the standard value (defined below) will be used.

Set to true if you want cookies to be used for session identifier communication if supported by the client (this is the default). Set to false if you want to disable the use of cookies for session identifier communication, and rely only on URL rewriting by the application.

Set to true if you want calls within this application to ServletContext.getContext() to successfully return a request dispatcher for other web applications running on this virtual host. Set to false (the default) in security conscious environments, to make getContext() always return null.

The Document Base (also known as the Context Root) directory for this web application, or the pathname to the web application archive file (if this web application is being executed directly from the WAR file). You may specify an absolute pathname for this directory or WAR file, or a pathname that is relative to the appBase directory of the owning Host.

Set to true to have explicit settings in this Context element override any corresponding settings in the default settings associated with the owning Host. The default is false.

Set to true to allow this context to use container servlets, like the manager servlet.

The context path of this web application, which is matched against the beginning of each request URI to select the appropriate web application for processing. All of the context paths within a particular Host must be unique. If you specify a context path of an empty string (""), you are defining the default web application for this Host, which will process all requests not assigned to other Contexts. The value of this field must not be set except when statically defining a Context in server.xml, as it will be infered from the filenames used for either the .xml context file or the docBase.

Set to true if you want Catalina to monitor classes in /WEB-INF/classes/ and /WEB-INF/lib for changes, and automatically reload the web application if a change is detected. This feature is very useful during application development, but it requires significant runtime overhead and is not recommended for use on deployed production applications. That's why the default setting for this attribute is false. You can use the Manager web application, however, to trigger reloads of deployed applications on demand.

Java class name of the org.apache.catalina.Wrapper implementation class that will be used for servlets managed by this Context. If not specified, a standard default value will be used.

If the value of this flag is true, symlinks will be allowed inside the web application, pointing to resources outside the web application base path. If not specified, the default value of the flag is false.

NOTE: This flag MUST NOT be set to true on the Windows platform (or any other OS which does not have a case sensitive filesystem), as it will disable case sensitivity checks, allowing JSP source code disclosure, among other security problems.

If true, the Tomcat classloader will take extra measures to avoid JAR file locking when resources are accessed inside JARs through URLs. This will impact startup time of applications, but could prove to be useful on platforms or configurations where file locking can occur. If not specified, the default value is false.

If true, Tomcat will prevent any file locking. This will significantly impact startup time of applications, but allows full webapp hot deploy and undeploy on platforms or configurations where file locking can occur. If not specified, the default value is false.

Please note that setting this to true has some side effects, including the disabling of JSP reloading in a running server: see Bugzilla 37668.

Maximum size of the static resource cache in kilobytes. If not specified, the default value is 10240 (10 megabytes).

Amount of time in milliseconds between cache entries revalidation. If not specified, the default value is 5000 (5 seconds).

If the value of this flag is true, the cache for static resources will be used. If not specified, the default value of the flag is true.

If the value of this flag is true, all case sensitivity checks will be disabled. If not specified, the default value of the flag is true.

NOTE: This flag MUST NOT be set to false on the Windows platform (or any other OS which does not have a case sensitive filesystem), as it will disable case sensitivity checks, allowing JSP source code disclosure, among other security problems.

Whether the context should process TLDs on startup. The default is true. The false setting is intended for special cases that know in advance TLDs are not part of the webapp.

If the value of this flag is true, the bytes output to System.out and System.err by the web application will be redirected to the web application logger. If not specified, the default value of the flag is false.

If the value of this flag is true, the TLD files XML validation will be namespace-aware. If you turn this flag on, you should probably also turn tldValidation on. The default value for this flag is false, and setting it to true will incur a performance penalty.

If the value of this flag is true, the TLD files will be XML validated on context startup. The default value for this flag is false, and setting it to true will incur a performance penalty.

Amount of ms that the container will wait for servlets to unload. If not specified, the default value of the flag is 2000 ms.

If true, Tomcat will unpack all compressed web applications before running them. If not specified, the default value is true.

Set to true (the default) to have Catalina enable a JNDI InitialContext for this web application that is compatible with Java2 Enterprise Edition (J2EE) platform conventions.

Pathname to a scratch directory to be provided by this Context for temporary read-write use by servlets within the associated web application. This directory will be made visible to servlets in the web application by a servlet context attribute (of type java.io.File) named javax.servlet.context.tempdir as described in the Servlet Specification. If not specified, a suitable directory underneath $CATALINA_HOME/work will be provided.

Optional, human-readable description of this context initialization parameter.

The name of the context initialization parameter to be created.

Set this to false if you do not want a <context-param> for the same parameter name, found in the web application deployment descriptor, to override the value specified here. By default, overrides are allowed.

The parameter value that will be presented to the application when requested by calling ServletContext.getInitParameter().

Optional, human-readable description of this environment entry.

The name of the environment entry to be created, relative to the java:comp/env context.

Set this to false if you do not want an <env-entry> for the same environment entry name, found in the web application deployment descriptor, to override the value specified here. By default, overrides are allowed.

The fully qualified Java class name expected by the web application for this environment entry. Must be one of the legal values for <env-entry-type> in the web application deployment descriptor: java.lang.Boolean, java.lang.Byte, java.lang.Character, java.lang.Double, java.lang.Float, java.lang.Integer, java.lang.Long, java.lang.Short, or java.lang.String.

The parameter value that will be presented to the application when requested from the JNDI context. This value must be convertable to the Java type defined by the type attribute.

Specify whether the web Application code signs on to the corresponding resource manager programatically, or whether the Container will sign on to the resource manager on behalf of the application. The value of this attribute must be Application or Container. This attribute is required if the web application will use a <resource-ref> element in the web application deployment descriptor, but is optional if the application uses a <resource-env-ref> instead.

Optional, human-readable description of this resource.

The name of the resource to be created, relative to the java:comp/env context.

Specify whether connections obtained through this resource manager can be shared. The value of this attribute must be Shareable or Unshareable. By default, connections are assumed to be shareable.

The fully qualified Java class name expected by the web application when it performs a lookup for this resource.

The name of the linked global resource in the global JNDI context.

The name of the resource link to be created, relative to the java:comp/env context.

The fully qualified Java class name expected by the web application when it performs a lookup for this resource link.

The class name for the JNDI object factory.

This value represents the delay in seconds between the invocation of the backgroundProcess method on this engine and its child containers, including all hosts and contexts. Child containers will not be invoked if their delay value is not negative (which would mean they are using their own processing thread). Setting this to a positive value will cause a thread to be spawn. After waiting the specified amount of time, the thread will invoke the backgroundProcess method on this engine and all its child containers. If not specified, the default value for this attribute is 10, which represent a 10 seconds delay.

Java class name of the implementation to use. This class must implement the org.apache.catalina.Engine interface. If not specified, the standard value (defined below) will be used.

The default host name, which identifies the Host that will process requests directed to host names on this server, but which are not configured in this configuration file. This name MUST match the name attributes of one of the Host elements nested immediately inside.

Identifier which must be used in load balancing scenarios to enable session affinity. The identifier, which must be unique across all Tomcat 5 servers which participate in the cluster, will be appended to the generated session identifier, therefore allowing the front end proxy to always forward a particular session to the same Tomcat 5 instance.

Logical name of this Engine, used in log and error messages. When using muliple Service elements in the same Server, each Engine MUST be assigned a unique name.

The Application Base directory for this virtual host. This is the pathname of a directory that may contain web applications to be deployed on this virtual host. You may specify an absolute pathname for this directory, or a pathname that is relative to the $CATALINA_BASE directory. See Automatic Application Deployment for more information on automatic recognition and deployment of web applications to be deployed automatically.

This flag value indicates if new web applications, dropped in to the appBase directory while Tomcat is running, should be automatically deployed. The flag's value defaults to true. See Automatic Application Deployment for more information.

This value represents the delay in seconds between the invocation of the backgroundProcess method on this host and its child containers, including all contexts. Child containers will not be invoked if their delay value is not negative (which would mean they are using their own processing thread). Setting this to a positive value will cause a thread to be spawn. After waiting the specified amount of time, the thread will invoke the backgroundProcess method on this host and all its child containers. A host will use background processing to perform live web application deployment related tasks. If not specified, the default value for this attribute is -1, which means the host will rely on the background processing thread of its parent engine.

Java class name of the implementation to use. This class must implement the org.apache.catalina.Host interface. If not specified, the standard value (defined below) will be used.

This flag value indicates if web applications from this host should be automatically deployed by the host configurator. The flag's value defaults to true. See Automatic Application Deployment for more information.

Network name of this virtual host, as registered in your Domain Name Service server. One of the Hosts nested within an Engine MUST have a name that matches the defaultHost setting for that Engine. See Host Name Aliases for information on how to assign more than one network name to the same virtual host.

Set to false if you want to disable parsing the context.xml file embedded inside the application (located at /META-INF/context.xml). Security consious environments should set this to false to prevent applications from interacting with the container's configuration. The administrator will then be responsible for providing an external context configuration file, and put it in $CATALINA_HOME/conf/[enginename]/[hostname]/. The flag's value defaults to true.

Java class name of the error reporting valve which will be used by this Host. The responsability of this valve is to output error reports. Setting this property allows to customize the look of the error pages which will be generated by Tomcat. This class must implement the org.apache.catalina.Valve interface. If none is specified, the value org.apache.catalina.valves.ErrorReportValve will be used by default.

Set to true if you want web applications that are placed in the appBase directory as web application archive (WAR) files to be unpacked into a corresponding disk directory structure, false to run such web applications directly from a WAR file. See Automatic Application Deployment for more information.

Pathname to a scratch directory to be used by applications for this Host. Each application will have its own sub directory with temporary read-write use. Configuring a Context workDir will override use of the Host workDir configuration. This directory will be made visible to servlets in the web application by a servlet context attribute (of type java.io.File) named javax.servlet.context.tempdir as described in the Servlet Specification. If not specified, a suitable directory underneath $CATALINA_HOME/work will be provided.

Optional, human-readable description of this environment entry.

The name of the environment entry to be created, relative to the java:comp/env context.

Set this to false if you do not want an <env-entry> for the same environment entry name, found in the web application deployment descriptor, to override the value specified here. By default, overrides are allowed.

The fully qualified Java class name expected by the web application for this environment entry. Must be one of the legal values for <env-entry-type> in the web application deployment descriptor: java.lang.Boolean, java.lang.Byte, java.lang.Character, java.lang.Double, java.lang.Float, java.lang.Integer, java.lang.Long, java.lang.Short, or java.lang.String.

The parameter value that will be presented to the application when requested from the JNDI context. This value must be convertable to the Java type defined by the type attribute.

Specify whether the web Application code signs on to the corresponding resource manager programatically, or whether the Container will sign on to the resource manager on behalf of the application. The value of this attribute must be Application or Container. This attribute is required if the web application will use a <resource-ref> element in the web application deployment descriptor, but is optional if the application uses a <resource-env-ref> instead.

Optional, human-readable description of this resource.

The name of the resource to be created, relative to the java:comp/env context.

Specify whether connections obtained through this resource manager can be shared. The value of this attribute must be Shareable or Unshareable. By default, connections are assumed to be shareable.

The fully qualified Java class name expected by the web application when it performs a lookup for this resource.

The class name for the JNDI object factory.

Java class name of the implementation to use. This class must implement the org.apache.catalina.Loader interface. If not specified, the standard value (defined below) will be used.

Set to true if you want the class loader to follow the standard Java2 delegation model, and attempt to load classes from parent class loaders before looking inside the web application. Set to false (the default) to have the class loader look inside the web application first, before asking parent class loaders to find requested classes or resources.

Set to true if you want Catalina to monitor classes in /WEB-INF/classes/ and /WEB-INF/lib for changes, and automatically reload the web application if a change is detected. This feature is very useful during application development, but it requires significant runtime overhead and is not recommended for use on deployed production applications. You can use the Manager web application, however, to trigger reloads of deployed applications on demand.

NOTE - The value for this property will be inherited from the reloadable attribute you set on the surrounding Context component, and any value you explicitly set here will be replaced.

The number of seconds between checks for modified classes and resources, if reloadable has been set to true.

See the general documentation for this parameter at Host Container.

Java class name of the java.lang.ClassLoader implementation class to use. If not specified, the default value is org.apache.catalina.loader.WebappClassLoader.

If no parent classloader is specified, should the system classloader be used? The default of true mantains backwards compatibility with previous releases however most users will want to set this to false to obtain the parent classloader from the associated container.

This attribute will not be present in Tomcat 6 where the Loader API has changed and the parent class loader is always obtained from the associated container.

Java class name of the implementation to use. This class must implement the org.apache.catalina.Manager interface. If not specified, the standard value (defined below) will be used.

Set to true to ask the session manager to enforce the restrictions described in the Servlet Specification on distributable applications (primarily, this would mean that all session attributes must implement java.io.Serializable). Set to false (the default) to not enforce these restrictions.

NOTE - The value for this property is inherited automatically based on the presence or absence of the <distributable> element in the web application deployment descriptor (/WEB-INF/web.xml).

Name of the Message Digest algorithm used to calculate session identifiers produced by this Manager. This value must be supported by the java.security.MessageDigest class. If not specified, the default value is "MD5".

A String value that is utilized when seeding the random number generator used to create session identifiers for this Manager. If not specified, a semi-useful value is calculated, but a long String value should be specified in security-conscious environments.

The maximum number of active sessions that will be created by this Manager, or -1 (the default) for no limit.

The initial maximum time interval, in seconds, between client requests before a session is invalidated. A negative value will result in sessions never timing out. If the attribute is not provided, a default of 60 seconds is used.

This attribute provides the initial value whenever a new session is created, but the interval may be dynamically varied by a servlet via the setMaxInactiveInterval method of the HttpSession object.

Absolute or relative (to the work directory for this Context) pathname of the file in which session state will be preserved across application restarts, if possible. The default is "SESSIONS.ser". See Restart Persistence for more information. Restart persistence may be disabled by setting this attribute to an empty string.

Frequency of the session expiration, and related manager operations. Manager operations will be done once for the specified amount of backgrondProcess calls (ie, the lower the amount, the more often the checks will occur). The minimum value is 1, and the default value is 6.

Java class name of the java.util.Random implementation class to use. If not specified, the default value is java.security.SecureRandom.

The length of session ids created by this Manager, excluding any JVM route information used for load balancing. The default is 16.

Name of the Message Digest algorithm used to calculate session identifiers produced by this Manager. This value must be supported by the java.security.MessageDigest class. If not specified, the default value is "MD5".

Java class name of the implementation to use. This class must implement the org.apache.catalina.Manager interface. You must specify org.apache.catalina.session.PersistentManager to use this manager implementation.

A String value that is utilized when seeding the random number generator used to create session identifiers for this Manager. If not specified, a semi-useful value is calculated, but a long String value should be specified in security-conscious environments.

The maximum number of active sessions that will be created by this Manager, or -1 (the default) for no limit.

The time interval (in seconds) since the last access to a session before it is eligible for being persisted to the session store, or -1 to disable this feature. By default, this feature is disabled.

The time interval (in seconds) since the last access to a session before it should be persisted to the session store, and passivated out of the server's memory, or -1 to disable this feature. If this feature is enabled, the time interval specified here should be equal to or longer than the value specified for maxIdleBackup. By default, this feature is disabled.

The time interval (in seconds) since the last access to a session before it will be eligible to be persisted to the session store, and passivated out of the server's memory, or -1 for this swapping to be available at any time. If specified, this value should be less than that specified by maxIdleSwap. By default, this value is set to -1.

The initial maximum time interval, in seconds, between client requests before a session is invalidated. A negative value will result in sessions never timing out. If the attribute is not provided, a default of 60 seconds is used.

This attribute provides the initial value whenever a new session is created, but the interval may be dynamically varied by a servlet via the setMaxInactiveIntervalmethod of the HttpSession object.

Java class name of the java.util.Random implementation class to use. If not specified, the default value is java.security.SecureRandom.

Should all sessions be persisted and reloaded when Tomcat is shut down and restarted (or when this application is reloaded)? By default, this attribute is set to true.

The length of session ids created by this Manager, excluding any JVM route information used for load balancing. The default is 16.

Java class name of the implementation to use. This class must implement the org.apache.catalina.Realm interface.

用來以非明文形式貯存密碼的“文摘”算法，那些被java.security.MessageDigest類里所接受的算法名稱的值才是有效的值。更多信息請參見Digested 密碼。如果沒指定，密碼以明文形式貯存。

The charset for encoding digests. If not specified, the platform default will be used.

The database username to use when establishing the JDBC connection.

The database password to use when establishing the JDBC connection.

The connection URL to be passed to the JDBC driver when establishing a database connection.

Fully qualified Java class name of the JDBC driver to be used to connect to the authentication database. Consult the documentation for your JDBC driver for the appropriate value.

Name of the column, in the "user roles" table, which contains a role name assigned to the corresponding user.

Name of the column, in the "users" table, which contains the user's credentials (i.e. password). If a value for the digest attribute is specified, this component will assume that the passwords have been encoded with the specified algorithm. Otherwise, they will be assumed to be in clear text.

Name of the column, in the "users" and "user roles" table, that contains the user's username.

表名，它的每一行包含指派給某一特定用戶名稱的一個角色。這個表格必須至少包括那些由userNameCol和roleNameCol屬性定名的列。

表名，它的每一行包含一個可被Tomcat識別的用戶名稱。這個表格必須至少包括那些由userNameCol 和 userCredCol 屬性定名的列。

你的數據庫需要的一個叫做JDBC DataSource的JNDI。如果這個DataSource對于上下文來說是局部的話，這個名字與java:/comp/env相關，否則這個名字應該和定義全球性DataSource的名字相映射。

當這個realm被套嵌在一個Context元素里邊，就允許這個realm使用為這個Context定義的DataSource，而不是全球性DataSource 。如果沒有指定，默認值是false：使用全球性DataSource 。

Name of the column, in the "user roles" table, which contains a role name assigned to the corresponding user.

Name of the column, in the "users" table, which contains the user's credentials (i.e. password). If a value for the digest attribute is specified, this component will assume that the passwords have been encoded with the specified algorithm. Otherwise, they will be assumed to be in clear text.

Name of the column, in the "users" and "user roles" table, that contains the user's username.

表名，它的每一行包含指派給某一特定用戶名稱的一個角色。這個表格必須至少包括那些由userNameCol和roleNameCol屬性定名的列。

表名，它的每一行包含一個可被Tomcat識別的用戶名稱。這個表格必須至少包括那些由userNameCol 和 userCredCol 屬性定名的列。

If a socket connection can not be made to the provider at the connectionURL an attempt will be made to use the alternateURL.

A string specifying the type of authentication to use. "none", "simple", "strong" or a provider specific definition can be used. If no value is given the providers default is used.

建立與LDAP search操作目錄的連接時使用的目錄用戶名。如果沒有指定，就使用無名的連接，除非你指定了userPassword屬性，通常這就足夠了。

建立與LDAP search操作目錄的連接時使用的目錄密碼。如果沒有指定，就使用無名的連接，除非你指定了userPassword屬性，通常這就足夠了。

在建立與目錄的連接時傳遞給JNDI驅動的連接URL。

Fully qualified Java class name of the factory class used to acquire our JNDI InitialContext. By default, assumes that the standard JNDI LDAP provider will be utilized (com.sun.jndi.ldap.LdapCtxFactory).

A string specifying how aliases are to be dereferenced during search operations. The allowed values are "always", "never", "finding" and "searching". If not specified, "always" is used.

A string specifying the security protocol to use. If not given the providers default is used.

The base directory entry for performing role searches. If not specified the top-level element in the directory context will be used.

屬性的名字,它包含被角色搜尋查找到的目錄輸入里的角色名字。另外，你可以在包含有額外的角色名字的用戶輸入里使用userRoleName property來指定一個attribute的名字。如果roleName沒有被指定，角色搜尋就不會發生，只能從用戶的輸入里得到角色。

用來執行角色搜尋的LDAP過濾器表達式，后面緊跟著由java.text.MessageFormat類支持的語法。使用{0}來代替用戶的獨特名字(distinguished name (DN))，并且/或者用{1}來代替用戶名(username)。如果沒有被指定，角色搜尋就不發生，角色就由userRoleName property指定的用戶輸入里的屬性來決定。

在查找與用戶相關的角色輸入時，如果你想搜尋roleBase property指定的元素的整個subtree，設值為true。默認值為false，它僅僅使得頂層元素被搜尋。

通過使用userSearch表達式來執行的用戶搜尋基本元素。如果沒有指定，目錄context里的頂層元素將被使用。如果你在使用userPattern表達式，就不用使用它。

Name of the attribute in the user's entry containing the user's password. If you specify this value, JNDIRealm will bind to the directory using the values specified by connectionName and connectionPassword properties, and retrieve the corresponding attribute for comparison to the value specified by the user being authenticated. If the digest attribute is set, the specified digest algorithm is applied to the password offered by the user before comparing it with the value retrieved from the directory. If you do not specify this value, JNDIRealm will attempt a simple bind to the directory using the DN of the user's entry and the password presented by the user, with a successful bind being interpreted as an authenticated user.

Pattern for the distinguished name (DN) of the user's directory entry, following the syntax supported by the java.text.MessageFormat class. with {0} marking where the actual username should be inserted. You can use this property instead of userSearch, userSubtree and userBase when the distinguished name contains the username and is otherwise the same for all users.

用戶目錄輸入中的一個屬性名，該屬性包含了零個或多個指定給用戶的角色名稱的值。另外，可以使用roleName屬性來指定屬性名，這個屬性可以通過搜索目錄在單獨的角色輸入里得到。如果不指定userRoleName，用戶的所有角色通過角色搜索得到。

搜索用戶目錄輸入時，使用的LDAP過濾器表達式，{0}代表實際用戶名應該在什么地方被插入。使用這個userSearch屬性(和userBase以及userSubtree屬性一起)，而不是userPattern，來搜索目錄尋找用戶的輸入。

如果想要搜索由userBase屬性指定的元素的整個subtree，設為true，缺省值為false，即僅僅是頂級元素被搜索。如果使用userPattern表達式，則不使用這個屬性。

Absolute or relative (to $CATALINA_HOME) pathname to the XML file containing our user information. See below for details on the XML element format required. If no pathname is specified, the default value is conf/tomcat-users.xml.

The global JNDI name of the UserDatabase resource used by this Realm.

你在login配置文件中( JAAS LoginConfig)配置的應用程序名。

由逗號分隔開的，你為你的用戶Principals制作的類名列單。

由逗號分隔開的，你為你的角色Principals制作的類名列單。

Instructs JAASRealm to use the context class loader for loading the user-specified LoginModule class and associated Principal classes. The default value is true, which is backwards-compatible with the way Tomcat 4 works. To load classes using the container's classloader, specify false.

Java class name of the implementation to use. This class must implement the javax.naming.directory.DirContext interface. It is recommended for optimal functionality and performance, but not mandatory, that the class extend org.apache.naming.resources.BaseDirContext, as well as use the special object types provided in the org.apache.naming.resources for returned objects. If not specified, the standard value (defined below) will be used.

Java class name of the implementation to use. This MUST be set to org.apache.catalina.valves.AccessLogValve to use the default access log valve. To use a more optimized access log valve designed for production use, you MUST set this attribute to org.apache.catalina.valves.FastCommonAccessLogValve. In this case, only the common and combined patterns are supported.

Absolute or relative pathname of a directory in which log files created by this valve will be placed. If a relative path is specified, it is interpreted as relative to $CATALINA_HOME. If no directory attribute is specified, the default value is "logs" (relative to $CATALINA_HOME).

A formatting layout identifying the various information fields from the request and response to be logged, or the word common or combined to select a standard format. See below for more information on configuring this attribute. Note that the optimized access does only support common and combined as the value for this attribute.

The prefix added to the start of each log file's name. If not specified, the default value is "access_log.". To specify no prefix, use a zero-length string.

Set to true to convert the IP address of the remote host into the corresponding host name via a DNS lookup. Set to false to skip this lookup, and report the remote IP address instead.

The suffix added to the end of each log file's name. If not specified, the default value is "". To specify no suffix, use a zero-length string.

Deafult true. Flag to determine if log rotation should occur. If set to false, then this file is never rotated and fileDateFormat is ignored. Use with caution!

Turns on conditional logging. If set, requests will be logged only if ServletRequest.getAttribute() is null. For example, if this value is set to junk, then a particular request will only be logged if ServletRequest.getAttribute("junk") == null. The use of Filters is an easy way to set/unset the attribute in the ServletRequest on many different requests.

Allows a customized date format in the access log file name. The date format also decides how often the file is rotated. If you wish to rotate every hour, then set this value to: yyyy-MM-dd.HH

Java class name of the implementation to use. This MUST be set to org.apache.catalina.valves.RemoteAddrValve.

A comma-separated list of regular expression patterns that the remote client's IP address is compared to. If this attribute is specified, the remote address MUST match for this request to be accepted. If this attribute is not specified, all requests will be accepted UNLESS the remote address matches a deny pattern.

A comma-separated list of regular expression patterns that the remote client's IP address is compared to. If this attribute is specified, the remote address MUST NOT match for this request to be accepted. If this attribute is not specified, request acceptance is governed solely by the accept attribute.

Java class name of the implementation to use. This MUST be set to org.apache.catalina.valves.RemoteHostValve.

A comma-separated list of regular expression patterns that the remote client's hostname is compared to. If this attribute is specified, the remote hostname MUST match for this request to be accepted. If this attribute is not specified, all requests will be accepted UNLESS the remote hostname matches a deny pattern.

A comma-separated list of regular expression patterns that the remote client's hostname is compared to. If this attribute is specified, the remote hostname MUST NOT match for this request to be accepted. If this attribute is not specified, request acceptance is governed solely by the accept attribute.

Java class name of the implementation to use. This MUST be set to org.apache.catalina.valves.RequestDumperValve.

Java class name of the implementation to use. This MUST be set to org.apache.catalina.authenticator.SingleSignOn.

Default false. Flag to determine whether each request needs to be reauthenticated to the security Realm. If "true", this Valve uses cached security credentials (username and password) to reauthenticate to the Realm each request associated with an SSO session. If "false", the Valve can itself authenticate requests based on the presence of a valid SSO cookie, without rechecking with the Realm.

Java class name of the implementation to use. This MUST be set to org.apache.catalina.authenticator.FormAuthenticator.

Character encoding to use to read the username and password parameters from the request. If not set, the encoding of the request body will be used.