-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Tommy, > Tommy, > > On 6/15/19 21:51, Tommy Pham wrote: >>>> Hi Mark, >>>> >>>> After some research and thought about internal application >>>> flow, I think the 'cleanest' is have TC's default servlet >>>> handle the *.html requests and use the assigned filter to >>>> restrict the access as desired. Is there a better approach? >>>> On that plan, I have this mapping for TC's default servlet >>>> and init: >>>> >>>> Filter AppFilterAccessLog's servlet mapping: Servlet name: >>>> default , registered class: >>>> org.apache.catalina.servlets.DefaultServlet. Servlet >>>> default's mapping: /img/* /css/* /WEB-INF/* > > Uh... you sure you want that? What is stopping a client from > requesting /WEB-INF/web.xml? > >>>> /js/* Servlet default's init parameters: listings: false >>>> debug: 0 >>>> >>>> If I use *.html instead of /WEB-INF/*, it goes into infinite >>>> loop redirecting / forwarding until exception is thrown (I >>>> think that root cause is servlets' startup ordering). Below >>>> are what my access log filter see for HttpServletRequest: >>>> >>>> Attributes: >>>> javax.servlet.forward.request_uri=/erm-0.0.1-SNAPSHOT/ >>>> javax.servlet.forward.context_path=/erm-0.0.1-SNAPSHOT >>>> javax.servlet.forward.servlet_path= >>>> javax.servlet.forward.path_info=/ >>>> >>>> javax.servlet.forward.mapping=org.apache.catalina.core.ApplicationM app > >>>> ing$MappingImpl@7fc1f887 >>>> >>>> > org.apache.logging.log4j.web.Log4jServletFilter.FILTERED=true >>>> Class: org.apache.catalina.core.ApplicationHttpRequest >>>> DispatcherType: FORWARD [javax.servlet.DispatcherType] >>>> HttpServletMapping: Class: >>>> org.apache.catalina.core.ApplicationMapping$MappingImpl >>>> MappingMatch: PATH MatchValue: setup/step_0.html Pattern: >>>> /WEB-INF/* ServletName: default >>>> >>>> Below is from the actual filter assigned to TC's default >>>> servlet intended to restrict access: >>>> >>>> ContextPath: /erm-0.0.1-SNAPSHOT DispatcherType: FORWARD >>>> PathInfo: /setup/step_0.html PathTranslated: >>>> D:\apache-tomcat-9.0.21\webapps\erm-0.0.1-SNAPSHOT\setup\step_0.htm l >>>> >>>> > >>>> Method: GET >>>> RequestURI: /erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html >>>> RequestURL: >>>> http://localhost:8080/erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html >>>> >>>> ServletPath: /WEB-INF ServletContext.ServletContextName: erm >>>> response: org.apache.catalina.connector.ResponseFacade >>>> >>>> I think everything seems correct except the PathTranslated. >>>> It should be: >>>> >>>> D:\apache-tomcat-9.0.21\webapps\erm-0.0.1-SNAPSHOT\WEB-INF\setup\st ep_ > >>>> 0.html >>>> >>>> where the file is. I'm unable to find out why it's wrong >>>> after a couple hours of searching since the the browser shows >>>> an empty page... The string "/WEB-INF/setup/step_0.html" was >>>> passed to request.getRequestDispatcher(). According to the >>>> doc [1], " If the path begins with a "/" it is interpreted as >>>> relative to the current context root." everything is as it >>>> should be right, other than PathTranslated? Or did I >>>> misunderstood the usage of getRequestDispatcher().forward()? >>>> Currently, I have 4 filters in place and all are in passive >>>> monitoring mode. None of them have the code logic to perform >>>> their intended functions. 3 filters mapped to URL /* and one >>>> assigned to TC's default servlet. I'll work out their >>>> filtering order before the intended functions are >>>> implemented. > > Filters are applied in a predictable order. I highly recommend > reading the servlet specification to see how these things are > defined to work. It's quite readable. > > Why not allow Tomcat to serve everything in the web application > (other than /WEB-INF/* and /META-INF/*) as usual? What is it that > you need to put into there that you can't hide in some other way? > > It sounds like you are unnecessarily complicating your life. > > -chris > > >> I was using "/WEB-INF/*" as a test of the scaffolding for my >> application since previously "*.html" ended up infinite loop >> which, eventually, it threw an exception. Now that I've got >> "*.html" working, I'm still getting a blank page. The HTML files >> are only served as UI for the initial setup of the application. >> There won't be any static files other than JS, CSS, and images >> when the application is fully configured by administrator. Here >> are the servlets configuration: > >> Servlet name: default , registered class: >> org.apache.catalina.servlets.DefaultServlet. Servlet default's >> mapping: /img/* /css/* /js/* *.html Servlet default's init >> parameters: listings: false debug: 0 Servlet name: AppServlet , >> registered class: com.sointe.web.AppServlet. Servlet AppServlet's >> mapping: / Servlet AppServlet's init parameters: Servlet name: >> jsp , registered class: org.apache.jasper.servlet.JspServlet. >> Servlet jsp's mapping: *.jspx *.jsp Servlet jsp's init >> parameters: fork: false xpoweredBy: false > >> And HttpServletRequest's info: > >> Attributes: >> javax.servlet.forward.request_uri=/erm-0.0.1-SNAPSHOT/ >> javax.servlet.forward.context_path=/erm-0.0.1-SNAPSHOT >> javax.servlet.forward.servlet_path=/ > >> javax.servlet.forward.mapping=org.apache.catalina.core.ApplicationMap ping$MappingImpl@5e9215c0 >> >> org.apache.logging.log4j.web.Log4jServletFilter.FILTERED=true >> DispatcherType: FORWARD [javax.servlet.DispatcherType] >> HttpServletMapping: Class: >> org.apache.catalina.core.ApplicationMapping$MappingImpl >> MappingMatch: EXTENSION MatchValue: WEB-INF/setup/step_0 Pattern: >> *.html ServletName: default > >> and the actual filter assigned to TC's default servlet to >> restrict access: > >> AppFilterStaticFiles.doFilter:52 - Class: >> org.apache.catalina.core.ApplicationHttpRequest >> AppFilterStaticFiles.doFilter:53 - ServletContext Class: >> org.apache.catalina.core.ApplicationContextFacade >> AppFilterStaticFiles.doFilter:54 - ContextPath: >> /erm-0.0.1-SNAPSHOT AppFilterStaticFiles.doFilter:55 - >> DispatcherType: FORWARD AppFilterStaticFiles.doFilter:56 - >> Method: GET AppFilterStaticFiles.doFilter:57 - PathInfo: null >> AppFilterStaticFiles.doFilter:58 - PathTranslated: null > >> AppFilterStaticFiles.doFilter:59 - >> getServletContext().getRealPath() of ServletPath: >> D:\apache-tomcat-9.0.21\webapps\erm-0.0.1-SNAPSHOT\WEB-INF\setup\step _0.html > >> AppFilterStaticFiles.doFilter:60 - RequestURI: >> /erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html >> AppFilterStaticFiles.doFilter:61 - RequestURL: >> http://localhost:8080/erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html >> >> AppFilterStaticFiles.doFilter:62 - ServletPath: /WEB-INF/setup/step_0.ht ml >> AppFilterStaticFiles.doFilter:63 - >> ServletContext.ServletContextName: erm >> AppFilterStaticFiles.doFilter:67 - response: >> org.apache.catalina.connector.ResponseFacade > >> In looking at the code for ApplicationHttpRequest [1] for the >> getPathTranlated() > >> @Override public String getPathTranslated() { if (getPathInfo() >> == null || getServletContext() == null) { return null; } return >> getServletContext().getRealPath(getPathInfo()); } > >> and for the getRequestDispatcher() > >> if (pathInfo == null) { requestPath = servletPath; } else { >> requestPath = servletPath + pathInfo; } > >> Perhaps the getPathTranslated() could be ? > >> if ( getServletContext() != null) { if (getServletPath() != null) >> { if (getPathInfo() != null) { > >> return getServletContext().getRealPath(getServletPath() + >> getPathInfo()); } return >> getServletContext().getRealPath(getServletPath()); } } return >> null; > >> I think that would also fix the translated path I saw earlier >> which resulted in a blank page for the browser.
I really don't understand why you need anything other than the plain, vanilla, default configuration, here. If you can explain that, it will go a long way towards anyone being able to help you. - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl0IAgQACgkQHPApP6U8 pFgdShAAiKarcsflVVFk15fxDIJveFclsnxhtLBJ5TJcbRkBwMCtPUgfTheOSTON MEu9LN6F0/gXJWrXozPjUgn7g09LqCmMz9IbF6TQLBhP0zEO+oQl7mSOglGu+ePo 7uKfsp6zJFLQfrMo6E+bifCqqJiuV4OOtmdUnpAXM6LXcs7pB2Ge9kqObzuIY2Kv J9Pkgiln0ikPIQb2zEl3kDrPTHCaE8qB3C8wiLVoGadsQKDcSQYDrl78SDV2vWzX XLbDbxqgB/zbKRaLBKoSxE3VbiMuvmmAwPumbAD/bonqAki1xWTfcSXz8V7PySPl RbqGFkzyw9J4M+DNdoanzNRUoxsSeeaLNOC/c6wI21+Nb6g2NCdzMZH8t2GLSYSI EyoA9/7xsP2U4kXWd/UDJMfi+NNAMyn1o/wd3GCliwgRYU98cmApkGSqdcFonbwc dIx8HUYrOSUZOYf+hA3+jEznYcflUlMX92bXkMwxEFh6RGQq70z9WT93zqG/r06x MnhQ9/qvngFErknLSLqi/iP5uXG+KVynzThZT1NmE6PWQJNHqxWi0l8VFdK8bUdt vZUd8OHN5eWDSeoySuDzPTcalLmZoK3HvC1DNqUse+L8YSKROy6r0zkyMbMwf2w6 vasQT+wQKUBkD9KnnL2cPumj7be16pygT/S5XWs6EY0N0qNJ1dI= =HSjP -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
