-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Daniel,
On 6/29/2009 3:16 PM, Daniel Henrique Alves Lima wrote:
> Hi, everybody. First of all: I'm sorry for my poor English.
Your English is quite good!
> Is it possible to change url rewriting schema to use a different path
> separator (instead of ';') or even to use a request parameter (instead
> of a path append) ?
Are you trying to change the URLs that are emitted in the HTML your
application generates?
> The problem:
>
> - I'm using OpenOffice API to convert (on the fly) some html pages from
> our webapp;
> - I need to convert resources from protected paths;
> - OpenOffice don't support cookies so i must use url rewriting, BUT
> OpenOffice does not seem to like the appended path ';sessionid'.
So, you have written a simple client to:
1. Download a page
2. Convert that page
3. Follow links and go back to step #1
??
If yes, then you will have to capture the session id somehow, so you can
send it back to the server when you request additional pages. Without
cookies or the ;jsessionid parameter, how will you know what the session
id is?
> I cannot use a simple servlet filter because Tomcat is doing
> authentication/authorization (declarative security).
If you are just trying to remove the ";jsessionid=..." from the URL,
then the use of authentication is not relevant /after/ the login page is
shown.
> Can i implement a Valve to change request path (from a request
> parameter to ;jsessionid) before authentication/authorization is
> performed ?
I don't think you want to change the /incoming/ request, do you?
> Can this Valve change paths inside redirect headers and html
> bodies ? Is there any other way (simpler) of doing this communication
> between OpenOffice and Tomcat works ?
Okay, so it sounds like you want to either remove or change the way that
the session id is encoded in URLs. This can be done by overriding the
response's encodeURL and encodeRedirectURL methods using a filter:
public class JSessionIdParameterMungingFilter
implements javas.servlet.Filter
{
public void doFilter(ServletRequest req,
ServletResponse rsp,
FilterChain chain)
{
if(shouldWrap(req)
&& rsp instanceof HttpServletResponse
&& ((HttpServletRequest)req).isRequestedSessionIdFromCookie())
rsp = new ResponseWrapper((HttpServletRequest)req,
(HttpServletResponse)rsp);
chain.doFilter(req, rsp);
}
public boolean shouldWrap(ServletRequest req)
{
// Here is where you decide if you want to turn on this
// jsessionid munging. I have chosen to use a URL parameter
// "munge_jsessionid" as a trigger
return
"true".equalsIgnoreCase(request.getParameter("munge_jsessionid"));
}
static class ResponseWrapper
extends javax.servlet.http.HttpServletResponseWrapper
{
private HttpServletRequest _request;
public ResponseWrapper(HttpServletRequest req,
HttpServletResponse rsp)
{
super(rsp);
_request = req;
}
public String encodeURL(String url)
{
if(url.contains("?"))
url += "&jsessionid=" + _request.getSessionId();
else
url += "?jsessionid=" + _request.getSessionId();
return url;
}
}
}
I haven't even checked to see if this filter compiles, but the concept
is pretty clear: you change the way the jsessionid parameter is encoded
from using a ";" to using "?" or "&".
> The thread in ooffice forum:
> http://www.oooforum.org/forum/viewtopic.phtml?t=85789
The user "Villeroy" on this thread is correct when he announces his own
ignorance: ';' is a perfectly acceptable parameter delimiter for a URL.
This is a bug in the URL-handling library for OOo. Can you use
HttpURLConnection directly? I do not believe it has this limitation.
Can you post the code you have written using the OOo API? Is there any
particular reason you are using OOo instead of plain-old Java?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkpJIM0ACgkQ9CaO5/Lv0PC+VACfXTVWWcuI+YQghiW2KAbGLxFS
awkAnA9UKdzMWxRLh4kDbIAxyvQvwLgX
=/oIx
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
