Hi Chris, On Mon, Jun 17, 2019 at 2:11 PM Christopher Schultz < ch...@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Tommy, > > Tommy, > > > > On 6/15/19 21:51, Tommy Pham wrote: > >>>> Hi Mark, > >>>> > >>>> After some research and thought about internal application > >>>> flow, I think the 'cleanest' is have TC's default servlet > >>>> handle the *.html requests and use the assigned filter to > >>>> restrict the access as desired. Is there a better approach? > >>>> On that plan, I have this mapping for TC's default servlet > >>>> and init: > >>>> > >>>> Filter AppFilterAccessLog's servlet mapping: Servlet name: > >>>> default , registered class: > >>>> org.apache.catalina.servlets.DefaultServlet. Servlet > >>>> default's mapping: /img/* /css/* /WEB-INF/* > > > > Uh... you sure you want that? What is stopping a client from > > requesting /WEB-INF/web.xml? > > > >>>> /js/* Servlet default's init parameters: listings: false > >>>> debug: 0 > >>>> > >>>> If I use *.html instead of /WEB-INF/*, it goes into infinite > >>>> loop redirecting / forwarding until exception is thrown (I > >>>> think that root cause is servlets' startup ordering). Below > >>>> are what my access log filter see for HttpServletRequest: > >>>> > >>>> Attributes: > >>>> javax.servlet.forward.request_uri=/erm-0.0.1-SNAPSHOT/ > >>>> javax.servlet.forward.context_path=/erm-0.0.1-SNAPSHOT > >>>> javax.servlet.forward.servlet_path= > >>>> javax.servlet.forward.path_info=/ > >>>> > >>>> javax.servlet.forward.mapping=org.apache.catalina.core.ApplicationM > app > > > >>>> > ing$MappingImpl@7fc1f887 > >>>> > >>>> > > org.apache.logging.log4j.web.Log4jServletFilter.FILTERED=true > >>>> Class: org.apache.catalina.core.ApplicationHttpRequest > >>>> DispatcherType: FORWARD [javax.servlet.DispatcherType] > >>>> HttpServletMapping: Class: > >>>> org.apache.catalina.core.ApplicationMapping$MappingImpl > >>>> MappingMatch: PATH MatchValue: setup/step_0.html Pattern: > >>>> /WEB-INF/* ServletName: default > >>>> > >>>> Below is from the actual filter assigned to TC's default > >>>> servlet intended to restrict access: > >>>> > >>>> ContextPath: /erm-0.0.1-SNAPSHOT DispatcherType: FORWARD > >>>> PathInfo: /setup/step_0.html PathTranslated: > >>>> D:\apache-tomcat-9.0.21\webapps\erm-0.0.1-SNAPSHOT\setup\step_0.htm > l > >>>> > >>>> > > > >>>> > Method: GET > >>>> RequestURI: /erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html > >>>> RequestURL: > >>>> http://localhost:8080/erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html > >>>> > >>>> > ServletPath: /WEB-INF ServletContext.ServletContextName: erm > >>>> response: org.apache.catalina.connector.ResponseFacade > >>>> > >>>> I think everything seems correct except the PathTranslated. > >>>> It should be: > >>>> > >>>> D:\apache-tomcat-9.0.21\webapps\erm-0.0.1-SNAPSHOT\WEB-INF\setup\st > ep_ > > > >>>> > 0.html > >>>> > >>>> where the file is. I'm unable to find out why it's wrong > >>>> after a couple hours of searching since the the browser shows > >>>> an empty page... The string "/WEB-INF/setup/step_0.html" was > >>>> passed to request.getRequestDispatcher(). According to the > >>>> doc [1], " If the path begins with a "/" it is interpreted as > >>>> relative to the current context root." everything is as it > >>>> should be right, other than PathTranslated? Or did I > >>>> misunderstood the usage of getRequestDispatcher().forward()? > >>>> Currently, I have 4 filters in place and all are in passive > >>>> monitoring mode. None of them have the code logic to perform > >>>> their intended functions. 3 filters mapped to URL /* and one > >>>> assigned to TC's default servlet. I'll work out their > >>>> filtering order before the intended functions are > >>>> implemented. > > > > Filters are applied in a predictable order. I highly recommend > > reading the servlet specification to see how these things are > > defined to work. It's quite readable. > > > > Why not allow Tomcat to serve everything in the web application > > (other than /WEB-INF/* and /META-INF/*) as usual? What is it that > > you need to put into there that you can't hide in some other way? > > > > It sounds like you are unnecessarily complicating your life. > > > > -chris > > > > > >> I was using "/WEB-INF/*" as a test of the scaffolding for my > >> application since previously "*.html" ended up infinite loop > >> which, eventually, it threw an exception. Now that I've got > >> "*.html" working, I'm still getting a blank page. The HTML files > >> are only served as UI for the initial setup of the application. > >> There won't be any static files other than JS, CSS, and images > >> when the application is fully configured by administrator. Here > >> are the servlets configuration: > > > >> Servlet name: default , registered class: > >> org.apache.catalina.servlets.DefaultServlet. Servlet default's > >> mapping: /img/* /css/* /js/* *.html Servlet default's init > >> parameters: listings: false debug: 0 Servlet name: AppServlet , > >> registered class: com.sointe.web.AppServlet. Servlet AppServlet's > >> mapping: / Servlet AppServlet's init parameters: Servlet name: > >> jsp , registered class: org.apache.jasper.servlet.JspServlet. > >> Servlet jsp's mapping: *.jspx *.jsp Servlet jsp's init > >> parameters: fork: false xpoweredBy: false > > > >> And HttpServletRequest's info: > > > >> Attributes: > >> javax.servlet.forward.request_uri=/erm-0.0.1-SNAPSHOT/ > >> javax.servlet.forward.context_path=/erm-0.0.1-SNAPSHOT > >> javax.servlet.forward.servlet_path=/ > > > >> javax.servlet.forward.mapping=org.apache.catalina.core.ApplicationMap > ping$MappingImpl@5e9215c0 > >> > >> > org.apache.logging.log4j.web.Log4jServletFilter.FILTERED=true > >> DispatcherType: FORWARD [javax.servlet.DispatcherType] > >> HttpServletMapping: Class: > >> org.apache.catalina.core.ApplicationMapping$MappingImpl > >> MappingMatch: EXTENSION MatchValue: WEB-INF/setup/step_0 Pattern: > >> *.html ServletName: default > > > >> and the actual filter assigned to TC's default servlet to > >> restrict access: > > > >> AppFilterStaticFiles.doFilter:52 - Class: > >> org.apache.catalina.core.ApplicationHttpRequest > >> AppFilterStaticFiles.doFilter:53 - ServletContext Class: > >> org.apache.catalina.core.ApplicationContextFacade > >> AppFilterStaticFiles.doFilter:54 - ContextPath: > >> /erm-0.0.1-SNAPSHOT AppFilterStaticFiles.doFilter:55 - > >> DispatcherType: FORWARD AppFilterStaticFiles.doFilter:56 - > >> Method: GET AppFilterStaticFiles.doFilter:57 - PathInfo: null > >> AppFilterStaticFiles.doFilter:58 - PathTranslated: null > > > >> AppFilterStaticFiles.doFilter:59 - > >> getServletContext().getRealPath() of ServletPath: > >> D:\apache-tomcat-9.0.21\webapps\erm-0.0.1-SNAPSHOT\WEB-INF\setup\step > _0.html > > > >> AppFilterStaticFiles.doFilter:60 - RequestURI: > >> /erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html > >> AppFilterStaticFiles.doFilter:61 - RequestURL: > >> http://localhost:8080/erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html > >> > >> > AppFilterStaticFiles.doFilter:62 - ServletPath: /WEB-INF/setup/step_0.ht > ml > >> AppFilterStaticFiles.doFilter:63 - > >> ServletContext.ServletContextName: erm > >> AppFilterStaticFiles.doFilter:67 - response: > >> org.apache.catalina.connector.ResponseFacade > > > >> In looking at the code for ApplicationHttpRequest [1] for the > >> getPathTranlated() > > > >> @Override public String getPathTranslated() { if (getPathInfo() > >> == null || getServletContext() == null) { return null; } return > >> getServletContext().getRealPath(getPathInfo()); } > > > >> and for the getRequestDispatcher() > > > >> if (pathInfo == null) { requestPath = servletPath; } else { > >> requestPath = servletPath + pathInfo; } > > > >> Perhaps the getPathTranslated() could be ? > > > >> if ( getServletContext() != null) { if (getServletPath() != null) > >> { if (getPathInfo() != null) { > > > >> return getServletContext().getRealPath(getServletPath() + > >> getPathInfo()); } return > >> getServletContext().getRealPath(getServletPath()); } } return > >> null; > > > >> I think that would also fix the translated path I saw earlier > >> which resulted in a blank page for the browser. > > I really don't understand why you need anything other than the plain, > vanilla, default configuration, here. If you can explain that, it will > go a long way towards anyone being able to help you. > > - -chris > I have some theories that I'm trying to do a PoC for. I was debating between have a class to generate the HTML content for setup but it would make the page design more complicated and additional development time for something that's mostly like used once. That's why I settled on static. As for default configuration, I plan on having only one listener and one servlet for all requests of dynamic content and delegate accordingly as per my theories. Hence, I needed to change slightly in configuration. Thanks, Tommy > -----BEGIN PGP SIGNATURE----- > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl0IAgQACgkQHPApP6U8 > pFgdShAAiKarcsflVVFk15fxDIJveFclsnxhtLBJ5TJcbRkBwMCtPUgfTheOSTON > MEu9LN6F0/gXJWrXozPjUgn7g09LqCmMz9IbF6TQLBhP0zEO+oQl7mSOglGu+ePo > 7uKfsp6zJFLQfrMo6E+bifCqqJiuV4OOtmdUnpAXM6LXcs7pB2Ge9kqObzuIY2Kv > J9Pkgiln0ikPIQb2zEl3kDrPTHCaE8qB3C8wiLVoGadsQKDcSQYDrl78SDV2vWzX > XLbDbxqgB/zbKRaLBKoSxE3VbiMuvmmAwPumbAD/bonqAki1xWTfcSXz8V7PySPl > RbqGFkzyw9J4M+DNdoanzNRUoxsSeeaLNOC/c6wI21+Nb6g2NCdzMZH8t2GLSYSI > EyoA9/7xsP2U4kXWd/UDJMfi+NNAMyn1o/wd3GCliwgRYU98cmApkGSqdcFonbwc > dIx8HUYrOSUZOYf+hA3+jEznYcflUlMX92bXkMwxEFh6RGQq70z9WT93zqG/r06x > MnhQ9/qvngFErknLSLqi/iP5uXG+KVynzThZT1NmE6PWQJNHqxWi0l8VFdK8bUdt > vZUd8OHN5eWDSeoySuDzPTcalLmZoK3HvC1DNqUse+L8YSKROy6r0zkyMbMwf2w6 > vasQT+wQKUBkD9KnnL2cPumj7be16pygT/S5XWs6EY0N0qNJ1dI= > =HSjP > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
