I need to configure my web application. Settings like database connection parameters or log file location. I don't want to include a configuration file inside my WAR file - I want it to be accessible from outside.
I'd second that. Put the system configuration using a .properties file,
you can use ln -s to link your file, and restrict access to the file using simple UNIX permission.
if you want, you can also try something fancy like using a database table to store the configuration (one record per system instance) but I see no reason in NOT using the .properties approach. it's simply effective.