2015-12-18 2:33 GMT+03:00 Konstantin Kolinko <knst.koli...@gmail.com>: > 2015-12-17 23:23 GMT+03:00 Anthony Biacco <abia...@handll.com>: > >> mod_proxy_balancer/ajp. For asthetics, i rewrite / for my URL (e.g. >> https://dashboard.domain.com) to the tomcat context uri /db, and then >> ProxyPass/ProxyPassReverse /db to tomcat (so esentially >> https://dashboard.domain.com/db/). No problem. >> The app, upon this request, will redirect the user with a 301 redirect to >> the main page. If there's no session, the app then redirects the user with >> a 302 to the sign in page. >> >> Problem: >> Upon updating to tomcat 8.0.30, instead of receiving a 301 response back, >> tomcat returns a 500 error. >> I've included the error w/stack trace, along with my app's context.xml and >> web.xml below. >> I assume this has to do with >> https://bz.apache.org/bugzilla/show_bug.cgi?id=56917 that was introduced in >> 8.0.30. >> >> I have added the parameters mapperContextRootRedirectEnabled="true" >> and mapperDirectoryRedirectEnabled="true" >> that were mentioned in the "CSRF errors after upgrade of tomcat 8 >> <https://mail-archives.apache.org/mod_mbox/tomcat-users/201512.mbox/ajax/%3C5671270D.2050705%40apache.org%3E> >> " mailing list thread to my server context.xml file (they didn't have any >> effect in the app's context.xml) and this has resolved my problem. >> It's interesting that now, instead of the 301 (on /), then the 302 (on main >> page), now I get a 302 (on /), then the 301 (on /db/), and then the 302 (on >> main page). Curl output is below for 8.0.29, 8.0.30 without changes and >> 8.0.30 with changes. >> >> My questions are: >> 1. Should the problem be occuring without the parameters added? > > Usually such configurations do not use mod_rewrite, but use only > mod_proxy ProxyPass/ProxyPassReverse to add/remove application name to > request. > > It is known that ProxyPassReverse cannot process Location header in > 30n responses if its value is not a complete URL. So if you use > ProxyPassReverse directive, you need those parameters.
Correction: My response above and below is about "useRelativeRedirects" setting on Context. It is that setting that can affect ProxyPassReverse. A new feature in 8.0.30. You have to pay attention to it and may try setting it to false. You were asking about mapperContextRootRedirectEnabled, mapperDirectoryRedirectEnabled parameters. They are a different feature. If changing those parameters changes the behaviour in your web application, it is likely your web application's fault. It is hard to say what happens here without knowing your application / debugging it to see how those redirects are generated. https://wiki.apache.org/tomcat/FAQ/Troubleshooting_and_Diagnostics#Common_Troubleshooting_Scenario > In your configuration you are exposing the application both as "/*" > and as "/db/*". As such, you have no need to process Location headers > in responses. Thus you do not need the ProxyPassReverse directive. > (And thus you should have no need for those parameters). > >> 2. Is there a way to configure apache/tomcat so i don't need the added >> parameters, and don't incur the extra request? I realize that may be >> outside the scope of the list, if apache. > > If you just want to expose the app as "/", rename it db -> ROOT. > https://wiki.apache.org/tomcat/HowTo#How_do_I_make_my_web_application_be_the_Tomcat_default_application.3F > >> Error >> ------- >> Dec 16, 2015 1:13:06 PM org.apache.catalina.core.StandardWrapperValve invoke >> SEVERE: Servlet.service() for servlet [default] in context with path [/db] >> threw exception >> java.lang.IllegalArgumentException: The resource path [index.html] is not >> valid >> at >> org.apache.catalina.webresources.StandardRoot.validate(StandardRoot.java:250) > > Configure an AccessLogValve at Tomcat side and show what is logged there. > > https://wiki.apache.org/tomcat/FAQ/Troubleshooting_and_Diagnostics#Common_Troubleshooting_Scenario > > The examples webapp has index.html, and it works successfully. So > something goes wrong elsewhere. > > Note: you can also configure the log pattern in AccessLogValve at > Tomcat side to log the value of Location header that is sent in > responses and compare it with the one shown by curl. > > >> apache >> ---------- >> # Rewrite / to /db so the proxypass works >> RewriteRule ^/$ /db [NC,PT,L] > > I think the above shall be > RewriteRule ^/$ /db/ [NC,PT,L] > > If original URL ends with '/', the resulting URL shall end with '/' as well. > >> # Check if a non-/db request doesn't exist as an apache asset, if so >> rewrite to /db and pass through >> RewriteCond %{REQUEST_URI} !^(/db$|/db/) > > !^/db($|/) > >> RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f >> RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-d >> RewriteRule ^/(.*)$ /db/$1 [NC,PT,QSA,L] >> # Proxy to tomcat >> ProxyPass /db balancer://loadbalancer/db >> ProxyPassReverse /db balancer://loadbalancer/db > > I think the above shall be > ProxyPass /db/ balancer://loadbalancer/db/ > > and ProxyPassReverse is not needed at all. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
