The CGI (Common Gateway Interface) defines a way for a web server to interact with external content-generating programs, which are often referred to as CGI programs or CGI scripts.
Within Tomcat, CGI support can be added when you are using Tomcat as your HTTP server and require CGI support. Typically this is done during development when you don't want to run a web server like Apache httpd. Tomcat's CGI support is largely compatible with Apache httpd's, but there are some limitations (e.g., only one cgi-bin directory).
CGI support is implemented using the servlet class
this servlet is mapped to the URL pattern "/cgi-bin/*".
By default CGI support is disabled in Tomcat.
CAUTION - CGI scripts are used to execute programs
external to the Tomcat JVM. If you are using the Java SecurityManager this
will bypass your security policy configuration in
To enable CGI support:
There are commented-out sample servlet and servlet-mapping elements for
CGI servlet in the default
To enable CGI support in your web application, copy that servlet and
servlet-mapping declarations into
WEB-INF/web.xml file of your
Uncommenting the servlet and servlet-mapping in
$CATALINA_BASE/conf/web.xml file enables CGI for all installed
web applications at once.
privileged="true" on the Context element for your
Only Contexts which are marked as privileged are allowed to use the
CGI servlet. Note that modifying the global
file affects all web applications. See
Context documentation for details.
There are several servlet init parameters which can be used to configure the behaviour of the CGI servlet.
System.getProperty("file.encoding","UTF-8"). That is the system default encoding, or UTF-8 if that system property is not available.
The CGI script executed depends on the configuration of the CGI Servlet and
how the request is mapped to the CGI Servlet. The CGI search path starts at the
web application root directory + File.separator + cgiPathPrefix. The
pathInfo is then searched unless it is
null - in
which case the servletPath is searched.
The search starts with the first path segment and expands one path segment at a time until no path segments are left (resulting in a 404) or a script is found. Any remaining path segments are passed to the script in the PATH_INFO environment variable.