Re: Security Constraints With URL Rewrite filter

2011-12-27 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jerry, On 12/26/11 5:26 PM, Jerry Malcolm wrote: > Half of the site is protected, and the other half is not, and some > pages have moved from unprotected to protected at the whim of the > client. The client has simply stated "clean URLs". I have arg

Re: Security Constraints With URL Rewrite filter

2011-12-27 Thread Pid *
On 26 Dec 2011, at 22:27, Jerry Malcolm <2ndgenfi...@gmail.com> wrote: > Half of the site is protected, and the other half is not, and some pages > have moved from unprotected to protected at the whim of the client. How on earth are you supposed to meet all of these requirements? If you want to

Re: Security Constraints With URL Rewrite filter

2011-12-26 Thread Jerry Malcolm
Half of the site is protected, and the other half is not, and some pages have moved from unprotected to protected at the whim of the client. The client has simply stated "clean URLs". I have argued that point, and lost. So independent of valid substantiation for the requirement, it is what it is

Re: Security Constraints With URL Rewrite filter

2011-12-26 Thread Terence M. Bandoian
On 1:59 PM, Pid * wrote: On 25 Dec 2011, at 22:03, Jerry Malcolm<2ndgenfi...@gmail.com> wrote: Thanks for the input. This has turned into something really ugly. Let me go back and summarize the situation: I have an established large application made up of about 10 separate webapps (context

RE: Security Constraints With URL Rewrite filter

2011-12-26 Thread Caldarale, Charles R
> From: Jerry Malcolm [mailto:2ndgenfi...@gmail.com] > Subject: Re: Security Constraints With URL Rewrite filter > --- I want the user to see the URL: /showPlasmaTVs > -- I want it to map internally to: > /webAppContext1/jsp/user/products.jsp?productSearch=plasma > -- I wo

Re: Security Constraints With URL Rewrite filter

2011-12-26 Thread Pid *
On 25 Dec 2011, at 22:03, Jerry Malcolm <2ndgenfi...@gmail.com> wrote: > Thanks for the input. This has turned into something really ugly. Let me > go back and summarize the situation: > > I have an established large application made up of about 10 separate > webapps (contexts) to keep it modula

Re: Security Constraints With URL Rewrite filter

2011-12-25 Thread Jerry Malcolm
Thanks. That was the way I was doing it in the filter (getting the dispatcher from the various contexts). I changed it. The good news is that the routing now works as expected. The bad news is that it is still bypassing the security stuff. I wasn't logged in, and it went straight to the protec

Re: Security Constraints With URL Rewrite filter

2011-12-25 Thread Konstantin Kolinko
2011/12/26 Jerry Malcolm <2ndgenfi...@gmail.com>: > Konstantin, > > Thanks for the info.  I think I'm getting close.  As a test, I have created > a valve that just forces a redirect.  It compiled fine.  I registered it > under the 'host' tag next to the other valves in server.xml.  When I send a >

Re: Security Constraints With URL Rewrite filter

2011-12-25 Thread Jerry Malcolm
Konstantin, Thanks for the info. I think I'm getting close. As a test, I have created a valve that just forces a redirect. It compiled fine. I registered it under the 'host' tag next to the other valves in server.xml. When I send a request in, my print statements write to System.out just as e

Re: Security Constraints With URL Rewrite filter

2011-12-25 Thread Konstantin Kolinko
2011/12/26 Jerry Malcolm <2ndgenfi...@gmail.com>: > Thanks for the input.  This has turned into something really ugly.  Let me > go back and summarize the situation: > > I have an established large application made up of about 10 separate > webapps (contexts) to keep it modular.  Within each contex

Re: Security Constraints With URL Rewrite filter

2011-12-25 Thread Jerry Malcolm
Thanks for the input. This has turned into something really ugly. Let me go back and summarize the situation: I have an established large application made up of about 10 separate webapps (contexts) to keep it modular. Within each context there are 3-5 user roles with varying authority. I organ

Re: Security Constraints With URL Rewrite filter

2011-12-22 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jerry, On 12/21/11 3:55 PM, Jerry Malcolm wrote: > The rewrite filter is correctly rewriting the URLs and forwarding > the requests. Any option to redirect? That would solve everything. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v

Re: Security Constraints With URL Rewrite filter

2011-12-21 Thread Konstantin Kolinko
2011/12/22 Jerry Malcolm <2ndgenfi...@gmail.com>: > I structure my webapps with different JSP folders for different user role > access, and define the folder patterns in web.xml for each role access. > This has worked for many years in my webapps.  But in the interest of > getting cleaner URLs, I'v

RE: Security Constraints With URL Rewrite filter

2011-12-21 Thread Caldarale, Charles R
> From: Jerry Malcolm [mailto:2ndgenfi...@gmail.com] > Subject: Security Constraints With URL Rewrite filter > I assume that the security constraint now applies to the > pattern that come INTO the filter. Not sure what you mean by "now applies", but it's always that way. > So instead of constr

Re: Security Constraints With URL Rewrite filter

2011-12-21 Thread Chema
Well, I don't know about this , but What is the "URLRewrite" filter ? A Servlet filter ? You can try to write a Valve and test if it works. I think it's processed before calling container code. Maybe ... Or to configure a proxy web to rewrite . I did't make this before, but I know it's possible.