<orion-web-app ...>
	This file contains the orion-specific configuration for a web-application. The path to the file is located at ORION_HOME/application-deployments/deploymentName/warname(.war)/orion-web.xml or (web-app-root/)WEB-INF/orion-web.xml if no deployment-directory is specified in server.xml. autoreload-jsp-beans - Whether or not to auto-reload jsp's when the code of a used bean is updated. The default is true. autoreload-jsp-pages - Whether or not to auto-reload jsp's when an included page is updated. The default is true. default-buffer-size - Specifies the default size of the output buffer for servlet responses in bytes. The default value is 2048 bytes. default-charset - The charset to use by default. The default value of this setting is iso-8859-1. deployment-version - The version of Orion this web-app was deployed with, if it's not matching the current version then it will be redeployed. (internal server value, do not edit) development - If this is set to true then JSP pages will be compiled to a slower, more readable form and their sources will be saved in the persistence directory for viewing/debugging. directory-browsing - Specifies whether or not to allow directory-browsing. The default is deny. document-root - Defines the relative/absolute directory to use as root for the served pages. file-modification-check-interval - The amount of millis a file-modification check is good for, the default is 1000ms. If set to 0ms or less a check always occur. get-locale-from-user - Whether or not to try to get the logged in user's specific locale before looking at the request headers for the info. The default is false due to the slowdown it causes. jsp-cache-directory - The directory (if any) used for caching compiled JSP binaries across server restarts. jsp-timeout - The timeout after which JSP pages can be unloaded in seconds, zero or negative equals 'never'. The default is 'never'. log-compilation-errors - If this is set to true then JSP page compilation error reports will be logged in the application log (application.log) in addition to being reported to the client. persistence-path - Where to persist http-sessions across server restarts. The sessions need to contain properly serializable values (or EJB references) in order for this to work. servlet-webdir - The web-directory to map to servlet invocations, the default is /servlet/. source-directory - Where to look for sources for classes for auto-compiling if development="true". The default is to use the WEB-INF/src directory if it exists and otherwise use the WEB-INF/classes directory. store-source-by-classname - If this is set to true and development is set to true then JSP page intermediate .java sources are stored by the made-up classname, instead of by .jsp filename. Useful if not looking at the sources directly but rather using IDEs/breakpoints. The default is false. temporary-directory - Absolute/relative path to a temporary directory that can be used by servlets and JSPs for scrap-files. The File object can be retrieved by the following code in a servlet/JSP (per the Servlet 2.2 spec): File file = (File)application.getAttribute("javax.servlet.context.tempdir").
	<classpath path="./path/to/classes/" />
		Specifies a codebase where classes used by this application (servlets/beans, etc) can be found. path - The absolute/relative path/URL.
	<context-param-mapping name="theName">deploymentValue</context-param-mapping>
		Overrides the value of a context-param in the assembly descriptor. It is used to keep the .ear (assembly) clean from deployment-specific values. The body is the value. name - The name of the context-param.
	<mime-mappings path="./mime.types" />
		Defines the relative/absolute path to a file containing mime-mappings to use. path - The absolute/relative path/URL.
	<virtual-directory real-path="/usr/local/realpath" virtual-path="/the/webdir" />
		Adds a virtual directory mapping, used to include files that doesnt physically reside below the document-root among the web-exposed files. real-path - A real path, for instance /usr/local/realpath on *NIX and C:\testdir in Windows. virtual-path - A virtual path.
	<access-mask default="allow/deny">
		Specifies an optional access-mask for this application, hostnames and ip/subnets can be used to filter out allowed clients of this application. default - Whether or not to allow requests from clients not found in the allow/deny table. The default is allow.
		<host-access domain="the.hostordomain.com" mode="allow|deny" />
			Specifies a domain or netmask who is allowed access. domain - The host or domain to allow/deny - the match is *domain. mode - Whether or not to allow this selection.
		<ip-access ip="123.124.125.126" mode="allow|deny" netmask="255.255.255.0" />
			Specifies an ip/netmask who is allowed access. ip - The ip to allow/deny. mode - Whether or not to allow this selection. netmask - The netmask it applies to.
	<cluster-config host="230.0.0.1" id="123" port="9127" />
		Tag that is defined if the application is to be clustered. Clustered applications have their ServletContext and session data shared between the apps in the cluster, the values have to be either Serializable or be remote RMI-objects (implement java.rmi.Remote). host - The multicast host/ip to transmit and receive cluster data on. The default is 230.0.0.1. id - The id (number) of this cluster node to identify itself with in the cluster. The default is based on local machine IP. port - The port to transmit and receive cluster data on. The default is 9127.
	<servlet-chaining mime-type="text/xml" servlet-name="servletName" />
		Specifies a servlet to use as chainer for a specified mime-type. Useful to filter/transform certain kinds of output. mime-type - The mime-type the chaining applies to. servlet-name - The servlet to call.
	<request-tracker servlet-name="servletName" />
		Specifies a servlet to use as request-tracker, request-trackers are invoked for every request and are useful for logging purposes etc. servlet-name - The servlet to call.
	<servlet-filter servlet-name="servletName" url-pattern="/the/*.pattern" />
		Specifies a servlet to use as filter, filters are invoked for every request, and has the option of handling the request or simply ignore it in which case it is passed on to "normal" processing. There is an optional url-pattern attribute can be used to filter out the requests passed thru the filter. servlet-name - The servlet to call. url-pattern - The URL-pattern qualifier (optional).
	<session-tracking autoencode-absolute-urls="true/false" autoencode-urls="true/false" autojoin-session="true|false" cookie-domain=".mydomain.com" cookie-max-age="123" cookies="enabled/disabled">
		Session-tracking settings for this application. autoencode-absolute-urls - Whether or not to autoencode absolute URLs in JSP pages, true/false value, the default is false. Absolute URLs are URLs starting with a procotol definition, ie for instance http://the.site.com/text.txt. With autoencoding enabled sessions will be tracked automatically for clients without cookie capabilities. autoencode-urls - Whether or not to autoencode URLs in JSP pages, true/false value, the default is true. With autoencoding enabled sessions will be tracked automatically throughout the site for clients without cookie capabilities. autojoin-session - Whether or not users should be assigned a session as soon as they log onto the app, the default is false. cookie-domain - The domain the cookies are relevant for. useful for sharing session state between nodes of a web-app running on different hosts. cookie-max-age - If specified a max-age attribute is sent with the session cookies, making the browsers save them for the specified interval (in seconds). By default the cookies are kept in memory during a browser session and discarded afterwards. cookies - Whether or not to send session cookies. Enabled by default.
		<session-tracker servlet-name="servletName" />
			Specifies a servlet to use as session-tracker, session-trackers are invoked as soon as a session is created and are useful for logging purposes etc. servlet-name - The servlet to call.
	<resource-ref-mapping location="jdbc/TheDS" name="jdbc/TheDSVar">
		The resource-ref element is used for the declaration of a reference to an external resource such as a datasource, JMS queue, mail session or similar. The resource-ref-mapping ties this to a JNDI-location when deploying. location - The JNDI location to look up the resource home from. name - The resource-ref's name. Matches the name of an resource-ref in web.xml.
		<lookup-context location="foreign/resource/location">
			The specification of an optional javax.naming.Context implementation used for retrieving the resource. This is useful when hooking up with 3rd party modules, such as a 3rd party JMS server for instance. Either use the context implementation supplied by the resource vendor or if none exists write an implementation which in turn negotiates with the vendor software. location - The name looked for in the foreign context when retrieving the resource.
			<context-attribute name="name" value="value" />
				An attribute sent to the context. The only mandatory attribute in JNDI is the 'java.naming.factory.initial' which is the classname of the context factory implementation. name - The name of the attribute. value - The value of the attribute.
	<env-entry-mapping name="theName">deploymentValue</env-entry-mapping>
		Overrides the value of an env-entry in the assembly descriptor. It is used to keep the .ear (assembly) clean from deployment-specific values. The body is the value. name - The name of the context-param.
	<context-param-mapping name="theName">deploymentValue</context-param-mapping>
		Overrides the value of a context-param in the assembly descriptor. It is used to keep the .ear (assembly) clean from deployment-specific values. The body is the value. name - The name of the context-param.
	<security-role-mapping impliesAll="true|false" name="theRole">
		The runtime mapping (to groups and users) of a role. Maps to a security-role of the same name in the assembly descriptor. impliesAll - Whether or not this mapping implies all users. The default is false. name - The name of the role
		<group name="theGroup" />
			A group that this security-role-mapping implies. Ie all the members of the specified group are included in this role. name - The name of the group.
		<user name="theUser" />
			A user that this security-role-mapping implies. name - The name of the user.
	<env-entry-mapping name="theName">deploymentValue</env-entry-mapping>
		Overrides the value of an env-entry in the assembly descriptor. It is used to keep the .ear (assembly) clean from deployment-specific values. The body is the value. name - The name of the context-param.
	<ejb-ref-mapping location="ejb/Payroll" name="ejb/Payroll" />
		The ejb-ref element is used for the declaration of a reference to another enterprise bean's home. The ejb-ref-mapping ties this to a JNDI-location when deploying. location - The JNDI location to look up the EJB home from. name - The ejb-ref's name. Matches the name of an ejb-ref in web.xml.
	<mime-mapping-deployment extension="txt" request-handler="myServlet" />
		A deployment of a mime-mapping. Adds additional properties such as request handler to be invoked etc. extension - The extension of the mapping this applies to. request-handler - Specifies the servlet (if any) by it's symbolical name that is to be invoked if this filetype is not to be treated as a regular file.
	<expiration-setting expires="never|time" url-pattern="*.gif" />
		Specifies the Expires setting for a given set of resources, useful for caching policies (for instance for browsers not to reload images as frequently as documents etc). expires - The length in seconds before expiry, or 'never' to signal that it should never expire. url-pattern - The pattern that the rule applies to.
	<web-app>...</web-app>
		A Web XML-file used to augment the normal config settings in web.xml.