Andy,
On 8/15/23 03:32, Andy Pont wrote:
Chris wrote…
The .forward() should keep all request headers (and many other things)
in-tact. You might want to log some things in plugins/whatever to see
what is being done.
You should be using the *same objects* your servlet got for the
request and response when calling RequestDispatcher.forward(). You can
"wrap" them if necessary to make certain modifications.
I have put the relevant parts of the source code onto PasteBin [1]. If
anyone spots any stupid mistakes then please do let me know!
My code has some logging output in it but it doesn’t appear to be being
added into the log files which are owned and created by the existing
“backend”. That is probably just down to me not having the correct
logger context.
Yes, but I think you should not have to. What are the possible reasons
for that specific 302 response? Are you *sure* it's complaining about
the User-Agent string?
The log file from the backend records which Java class the mesage has
come from so I am fairly confident I am looking in the correct class.
There appear to be two functions that output the error in the log and
which endup redirecting to permissionDenied.do [2]. I’m not sure which
one is being called but the check and end result appear to be the same
in both.
The UserAgent class that it references is complex (IMO) but as far as I
can tell it is only looking at the “user-agent” header.
So it looks like the backend service IS being called, but rejecting the
request because of the "UserAgent" object complaining about it.
I would log the User-Agent header from the request in your front-end
before the RequestDispatcher.forward() call, and if possible, also log
it in your backend service just before the "return false".
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
