On 17/12/2015 20:23, Anthony Biacco wrote:
> Background:
> I run a jruby app under tomcat 8.0.29 in a context, namely /db.
> I run Apache 2.4.17 in front of it, proxying my url to tomcat using
> mod_proxy_balancer/ajp. For asthetics, i rewrite / for my URL (e.g.
> https://dashboard.domain.com) to the tomcat context uri /db, and then
> ProxyPass/ProxyPassReverse /db to tomcat (so esentially
> https://dashboard.domain.com/db/). No problem.
> The app, upon this request, will redirect the user with a 301 redirect to
> the main page. If there's no session, the app then redirects the user with
> a 302 to the sign in page.
>
> Problem:
> Upon updating to tomcat 8.0.30, instead of receiving a 301 response back,
> tomcat returns a 500 error.
> I've included the error w/stack trace, along with my app's context.xml and
> web.xml below.
> I assume this has to do with
> https://bz.apache.org/bugzilla/show_bug.cgi?id=56917 that was introduced in
> 8.0.30.
>
> I have added the parameters mapperContextRootRedirectEnabled="true"
> and mapperDirectoryRedirectEnabled="true"
> that were mentioned in the "CSRF errors after upgrade of tomcat 8
> <https://mail-archives.apache.org/mod_mbox/tomcat-users/201512.mbox/ajax/%3C5671270D.2050705%40apache.org%3E>
> " mailing list thread to my server context.xml file (they didn't have any
> effect in the app's context.xml) and this has resolved my problem.
It looks like something isn't quite right in the AJP processing path. It
appears to be expecting a '/' to be inserted somewhere. That looks like
a bug.
Not sure why things didn't work when you set them at the app level. They
should have done.
Generally, changing the context path between httpd and Tomcat opens up a
world of opportunity for things to go wrong. It is neraly always better
to keep the context path the same.
Mark
> It's interesting that now, instead of the 301 (on /), then the 302 (on main
> page), now I get a 302 (on /), then the 301 (on /db/), and then the 302 (on
> main page). Curl output is below for 8.0.29, 8.0.30 without changes and
> 8.0.30 with changes.
>
> My questions are:
> 1. Should the problem be occuring without the parameters added?
> 2. Is there a way to configure apache/tomcat so i don't need the added
> parameters, and don't incur the extra request? I realize that may be
> outside the scope of the list, if apache.
>
> Thanks,
>
> -Tony
>
>
> Error
> -------
> Dec 16, 2015 1:13:06 PM org.apache.catalina.core.StandardWrapperValve invoke
> SEVERE: Servlet.service() for servlet [default] in context with path [/db]
> threw exception
> java.lang.IllegalArgumentException: The resource path [index.html] is not
> valid
> at
> org.apache.catalina.webresources.StandardRoot.validate(StandardRoot.java:250)
> at
> org.apache.catalina.webresources.StandardRoot.getResource(StandardRoot.java:212)
> at
> org.apache.catalina.webresources.StandardRoot.getResource(StandardRoot.java:206)
> at
> org.apache.catalina.servlets.DefaultServlet.serveResource(DefaultServlet.java:710)
> at
> org.apache.catalina.servlets.DefaultServlet.doGet(DefaultServlet.java:398)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at org.jruby.rack.RackFilter.doFilterInternal(RackFilter.java:78)
> at
> org.jruby.rack.UnmappedRackFilter.isDoDispatch(UnmappedRackFilter.java:111)
> at org.jruby.rack.AbstractFilter.isDoDispatch(AbstractFilter.java:107)
> at org.jruby.rack.AbstractFilter.doFilter(AbstractFilter.java:65)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
> at
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
> at
> org.apache.catalina.valves.StuckThreadDetectionValve.invoke(StuckThreadDetectionValve.java:208)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:521)
> at
> org.apache.coyote.ajp.AbstractAjpProcessor.process(AbstractAjpProcessor.java:850)
> at
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:674)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> at java.lang.Thread.run(Thread.java:745)
>
> context.xml
> -----------------
> <Context antiResourceLocking="true">
>
> <!-- Default set of monitored resources. If one of these changes, the
> -->
> <!-- web application will be reloaded.
> -->
> <WatchedResource>WEB-INF/web.xml</WatchedResource>
> <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
>
> </Context>
>
> web.xml
> ------------
> <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
> http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd";
> id="db"
> metadata-complete="true"
> version="3.1">
> <absolute-ordering />
> </web-app>
>
> apache
> ----------
> # Rewrite / to /db so the proxypass works
> RewriteRule ^/$ /db [NC,PT,L]
> # Check if a non-/db request doesn't exist as an apache asset, if so
> rewrite to /db and pass through
> RewriteCond %{REQUEST_URI} !^(/db$|/db/)
> RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f
> RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-d
> RewriteRule ^/(.*)$ /db/$1 [NC,PT,QSA,L]
> # Proxy to tomcat
> ProxyPass /db balancer://loadbalancer/db
> ProxyPassReverse /db balancer://loadbalancer/db
>
> curl request to / in 8.0.29
> ------------------------------------
>> GET / HTTP/1.1
>> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7
> NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
>> Host: dashboard.domain.com
>> Accept: */*
>>
> < HTTP/1.1 301 Moved Permanently
> < Date: Thu, 17 Dec 2015 04:07:16 GMT
> < Server: None
> < Strict-Transport-Security: max-age=15768000
> < Location: https://dashboard.domain.com/streams
>
> curl request to / in 8.0.30 (no changes)
> --------------------------------------------------------
>> GET / HTTP/1.1
>> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7
> NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
>> Host: dashboard.domain.com
>> Accept: */*
>>
> < HTTP/1.1 500 Internal Server Error
>
> curl request to / in 8.0.30 (parameter changes)
> -------------------------------------------------------------------
>> GET / HTTP/1.1
>> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7
> NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
>> Host: dashboard.domain.com
>> Accept: */*
>>
> < HTTP/1.1 302 Found
> < Date: Thu, 17 Dec 2015 19:42:53 GMT
> < Server: None
> < Strict-Transport-Security: max-age=15768000
> < Location: /db/
>
>> GET /db/ HTTP/1.1
>> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7
> NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
>> Host: dashboard.domain.com
>> Accept: */*
>>
> < HTTP/1.1 301 Moved Permanently
> < Date: Thu, 17 Dec 2015 19:43:47 GMT
> < Server: None
> < Strict-Transport-Security: max-age=15768000
> < Location: https://dashboard.domain.com/streams
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
