Query string and query parameters encoding on Tomcat 8.5.5
Hi.
I do not understand what happens with query paramers and URI encoding in
Tomcat 8.5.5.
On client side, the query is :
https://localhost:8447/adele_admin/ldapapi/personnes?mot=P%C3%A9net
Where "Pénet" is, as far as I understand, correctly encoded.
On server side, the Connector-s all have URIEncoding forced to UTF-8
(which is the default value anyway).
In the logs, I can see :
::1 - - [15/Sep/2016:15:52:27 +0200] "OPTIONS
/adele_admin/ldapapi/personnes?mot=Pénet HTTP/2.0" 200 -
::1 - lpenet [15/Sep/2016:15:52:41 +0200] "GET
/adele_admin/ldapapi/personnes?mot=Pénet HTTP/2.0" 404 -
(404 is ok there)
But request.getQueryString() (where request is the HttpServletRequest
instance passed by tomcat) returns a wrongly encoded
mot=Pénet
and
request.getParameter("mot")
returns
"Pénet"
I need the query string to be ok so that libraries like RestEasy which
relies on it correctly works. In my REST api, I get poorly encoded
@QueryParam-s...
Is there a parameter I missed ? I carefully reviewed the CHANGELOG, but
might have missed something...
Thanks in advance,
Ludovic
|
| AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
|
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Fwd: Compiling Tomcat Native 1.2.8
On 12/09/2016 22:32, Pierce Allen wrote:
Hello -
I run a collection Tomcat web servers on Redhat 7.2 (up-to-date)
Normally we like to compile and use the latest stable version of
Tomcat Native we can get our hands on (currently the one that ships
with Tomcat 8.5.5.0 is labeled tcnative 1.2.8). However, when I try to
compile recent versions of Tomcat Native I get an error that my
OpenSSL version is too low:
checking OpenSSL library version >= 1.0.2... configure: error: Your
version of O penSSL is not compatible with this version of tcnative
I don't really want to muck up the distro by trying to update OpenSSL
by downloading and compiling OpenSSL's source code. RedHat backports
security fixes to OpenSSL 1.0.1e so there are no "heartbleed" or other
known vulnerabilities with the in-band OpenSSL version. Is there some
workaround or procedure that can be used to get recent versions of
Tomcat Native to compile on up to date RedHat systems?
In a similar situation, I statically link openssl.
Please find enclosed my .spec for Tomcat 8.5.5.
I tried not to alter it too much when removing information specific to
my organisation.
Ludovic
|
| AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
|
%define major_version 8
%define minor_version 5
%define revision 5
%define full_version %{major_version}.%{minor_version}.%{revision}
%define native_major_version 1
%define native_minor_version 2
%define native_revision 8
%define native_full_version %{native_major_version}.%{native_minor_version}.%{native_revision}
%define commons_daemon_version 1.0.15
%define openssl_major 1
%define openssl_minor 0
%define openssl_revision 2h
%define openssl_full_version %{openssl_major}.%{openssl_minor}.%{openssl_revision}
%define apr_major 1
%define apr_minor 5
%define apr_revision 2
%define apr_full_version %{apr_major}.%{apr_minor}.%{apr_revision}
Name: my-tomcat
Version: %{full_version}
Release: 1
Summary: My Own Tomcat
License: My License
Group: my.group
autoprov: yes
autoreq: yes
Requires: my-jre
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XX)
# dependance vers le jdk 7 par facilite (le 8 serait mieux)
BuildRequires: apr-devel openssl-devel java-1.7.0-openjdk, java-1.7.0-openjdk-devel, chrpath
%define source_file http://mirrors.ircam.fr/pub/apache/tomcat/tomcat-%{major_version}/v%{full_version}/bin/apache-tomcat-%{full_version}.tar.gz
%define openssl_file https://www.openssl.org/source/openssl-%{openssl_major}.%{openssl_minor}.%{openssl_revision}.tar.gz
%define apr_file http://wwwftp.ciril.fr/pub/apache/apr/apr-%{apr_major}.%{apr_minor}.%{apr_revision}.tar.bz2
Source: %{source_file}
Source1: mysql-connector-java-5.1.23-bin.jar
Source2: OracleDriver-7.jar
Source3: postgresql-9.4.1209.jar
Source6: %{openssl_file}
Source7: %{apr_file}
Patch: manager.patch
Patch1: server.xml.patch
Patch2: tomcat-users.xml.patch
# FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/
%define basedir %{_var}/lib/%{name}
%define appdir %{basedir}/webapps
%define bindir %{_datadir}/%{name}/bin
%define confdir %{_sysconfdir}/%{name}
%define homedir %{_datadir}/%{name}
%define libdir %{_javadir}/%{name}
%define logdir %{_var}/log/%{name}
%define cachedir %{_var}/cache/%{name}
%define tempdir %{cachedir}/temp
%define workdir %{cachedir}/work
%define _initrddir %{_sysconfdir}/init.d
%define tomcat_base %{homedir}
%description
My desc
Startup and shutdown are managed with commons-daemon %{commons_daemon_version}.
%prep
%{__mkdir} -p $RPM_BUILD_DIR/%{name}
cat << \EOF > %{_builddir}/%{name}/%{name}-req
#!/bin/sh
%{__find_requires} $* |\
sed -e '/libcrypto/d' -e '/libssl.so/d' -e '/pkgconfig'
EOF
%define __find_requires %{_builddir}/%{name}/%{name}-req
chmod +x %{__find_requires}
%define _use_internal_dependency_generator 0
%setup -T -D -a 6 -n .
%setup -T -D -a 7 -n .
%setup -T -D -a 0 -n .
%patch -p0
%patch1 -p0
%patch2 -p0
cd ${RPM_BUILD_DIR}
tar xvzf apache-tomcat-%{full_version}/bin/tomcat-native.tar.gz
tar xvzf apache-tomcat-%{full_version}/bin/commons-daemon-native.tar.gz
if [ ! -d ${RPM_BUILD_DIR}/openssl-%{openssl_major}.%{openssl_minor}.%{openssl_revision} ]; then
mv ${RPM_BUILD_DIR}/openssl-* ${RPM_BUILD_DIR}/openssl-%{openssl_major}.%{openssl_minor}.%{openssl_revision}
fi
%build
%{__rm} -rf $RPM_BUILD_ROOT
pushd .
cd ${RPM_BUILD_DIR}/openssl-%{openssl_major}.%{openssl_minor}.%{openssl_revision}
./config --prefix=${RPM_BUILD_DIR}/openssl-inst no-shared -fPIC
make
make install_sw
popd
pushd .
cd ${RPM_BUILD_DIR}/apr-%{apr_major}.%{apr_minor}.%{apr_revision}
CFLAGS="-fPIC" ./configure --prefix=${RPM_BUILD_DIR}/apr-inst
make
make install
# lthis line desactivate dynamic linking against openssl
sed -i -e "/dlname=/d" -e "/library_names=/d" ${RPM_BUILD_DIR}/apr-inst/lib/libapr-1.la
popd
pushd .
cd ${RPM_BUILD_DIR}/tomcat-native-%{native_full_version}-src/native
CFLAGS="-fPIC" ./configure --prefix=${RPM_BUILD_DIR}/tomcat-native-inst
Re: Websockets : differents behaviours on connection when using WS or WSS
On 18/07/2016 16:25, l.pe...@senat.fr wrote:
Hi.
I am using Tomcat 8.0.36 with Atmosphere 2.4.5 (
https://github.com/Atmosphere/atmosphere ) to implement WebSockets
with fallbacks such as long polling.
I am writing tests using Tomcat JSR356 implementation.
I studied your WebSocket samples and I am using a fake trustore :
ClientEndpointConfig cec =
ClientEndpointConfig.Builder.create().build();
File keyStorePath = new File("path/to/test.keystore");
cec.getUserProperties().put(WsWebSocketContainer.SSL_TRUSTSTORE_PROPERTY,
keyStorePath.getAbsolutePath());
cec.getUserProperties().put(WsWebSocketContainer.SSL_TRUSTSTORE_PWD_PROPERTY,
"pouetpouet");
or similarly I am setting the
WsWebSocketContainer.SSL_CONTEXT_PROPERTY to a passthrough ssl
context, accepting all certificates (it's just for tests, it's ok).
My test looks like :
WebSocketContainer container =
ContainerProvider.getWebSocketContainer();
RecordingReceivedMessagesSocket socket = new
RecordingReceivedMessagesSocket();
URI echoUri = new URI(getWSTestURI("/ws/delaislimites"));
ClientEndpointConfig cec =
ClientEndpointConfig.Builder.create().build();
File keyStorePath = new File("path/to/test.keystore");
cec.getUserProperties().put(WsWebSocketContainer.SSL_TRUSTSTORE_PROPERTY,
keyStorePath.getAbsolutePath());
cec.getUserProperties().put(WsWebSocketContainer.SSL_TRUSTSTORE_PWD_PROPERTY,
"pouetpouet");
Session wsSession = container.connectToServer(socket, cec,
echoUri);
I realised that my message was incomplete and, by the way, found the
answer myself.
When I do not go SSL, I do not call the same version of connectToServer.
I am doing
Session wsSession = container.connectToServer(socket, echoUri);
This version os connectToServer gets an Object rather than a endpoint as
first parameter and, among other things, looks for the ClientEndpoint
annotation.
If it finds it, it wraps it in a PojoEndpointClient (pojo is the first
parameter of connectToServer) :
Endpoint ep = new PojoEndpointClient(pojo,
Arrays.asList(annotation.decoders()));
So, if I do
container.connectToServer(new PojoEndpointClient(socket, new
ArrayList<>()), cec, echoUri);
everything is fine, because of the inits that PojoEndpointClient does.
Sorry for the noise.
Ludovic
socket.close();
log.info("Attente de la fermeture de la socket");
Assert.assertTrue(socket.awaitClose(10,TimeUnit.SECONDS));
log.info("La socket doit avoir reçu OK");
Assert.assertTrue(socket.getReceivedMessages().contains("OK"));
Assert.assertTrue(true);
RecordingReceivedMessagesSocket class looks like :
@ClientEndpoint
@Log4j2
@Getter
public class RecordingReceivedMessagesSocket extends BaseTestSocket
{
List receivedMessages = new ArrayList<>();
@OnMessage
public String onMessage(String msg, Session session)
{
log.info("Message reçu : {}", msg);
this.receivedMessages.add(msg);
return msg;
}
}
@ClientEndpoint
@Log4j2
@Getter
public class BaseTestSocket extends Endpoint
{
private Session session;
private final CountDownLatch closeLatch;
public BaseTestSocket()
{
this.closeLatch = new CountDownLatch(1);
}
@OnOpen
@Override
public void onOpen(Session session, EndpointConfig config)
{
log.info("Connexion établie.");
this.session = session;
}
public boolean awaitClose(int duration, TimeUnit unit) throws
InterruptedException
{
return this.closeLatch.await(duration,unit);
}
@OnClose
@Override
public void onClose(Session session, CloseReason reason)
{
log.info("Connexion fermée.");
this.closeLatch.countDown();
}
public void write(String message) throws IOException {
this.session.getBasicRemote().sendText(message);
}
public void writeObject(Object object) throws IOException,
EncodeException {
this.session.getBasicRemote().sendObject(object);
}
public void close() throws IOException {
this.session.close();
}
}
When I implement getWSTestURI() so that it returns a url for a non
encrypted request, such as ws://localhost/8084/ws/delaislimites :
* RecordingReceivedMessagesSocket.onMessage gets called with the
immediate server reply ("OK").
The ServerEndPoint looks like :
@Log4j2
@ManagedService(path = "/ws/delaislimites")
public class WSDelaisLimites {
@Inject
private BroadcasterFactory factory;
@Inject
private AtmosphereResourceFactory resourceFactory;
@Inject
private MetaBroadcaster metaBroadcaster;
@Ready(encoders = {JacksonEncoder.class})
@DeliverTo(DeliverTo.DELIVER_TO.ALL)
public String onReady(final AtmosphereResource r) {
log.info(&q
Websockets : differents behaviours on connection when using WS or WSS
Hi.
I am using Tomcat 8.0.36 with Atmosphere 2.4.5 (
https://github.com/Atmosphere/atmosphere ) to implement WebSockets with
fallbacks such as long polling.
I am writing tests using Tomcat JSR356 implementation.
I studied your WebSocket samples and I am using a fake trustore :
ClientEndpointConfig cec =
ClientEndpointConfig.Builder.create().build();
File keyStorePath = new File("path/to/test.keystore");
cec.getUserProperties().put(WsWebSocketContainer.SSL_TRUSTSTORE_PROPERTY,
keyStorePath.getAbsolutePath());
cec.getUserProperties().put(WsWebSocketContainer.SSL_TRUSTSTORE_PWD_PROPERTY,
"pouetpouet");
or similarly I am setting the WsWebSocketContainer.SSL_CONTEXT_PROPERTY
to a passthrough ssl context, accepting all certificates (it's just for
tests, it's ok).
My test looks like :
WebSocketContainer container =
ContainerProvider.getWebSocketContainer();
RecordingReceivedMessagesSocket socket = new
RecordingReceivedMessagesSocket();
URI echoUri = new URI(getWSTestURI("/ws/delaislimites"));
ClientEndpointConfig cec =
ClientEndpointConfig.Builder.create().build();
File keyStorePath = new File("path/to/test.keystore");
cec.getUserProperties().put(WsWebSocketContainer.SSL_TRUSTSTORE_PROPERTY,
keyStorePath.getAbsolutePath());
cec.getUserProperties().put(WsWebSocketContainer.SSL_TRUSTSTORE_PWD_PROPERTY,
"pouetpouet");
Session wsSession = container.connectToServer(socket, cec,
echoUri);
socket.close();
log.info("Attente de la fermeture de la socket");
Assert.assertTrue(socket.awaitClose(10,TimeUnit.SECONDS));
log.info("La socket doit avoir reçu OK");
Assert.assertTrue(socket.getReceivedMessages().contains("OK"));
Assert.assertTrue(true);
RecordingReceivedMessagesSocket class looks like :
@ClientEndpoint
@Log4j2
@Getter
public class RecordingReceivedMessagesSocket extends BaseTestSocket
{
List receivedMessages = new ArrayList<>();
@OnMessage
public String onMessage(String msg, Session session)
{
log.info("Message reçu : {}", msg);
this.receivedMessages.add(msg);
return msg;
}
}
@ClientEndpoint
@Log4j2
@Getter
public class BaseTestSocket extends Endpoint
{
private Session session;
private final CountDownLatch closeLatch;
public BaseTestSocket()
{
this.closeLatch = new CountDownLatch(1);
}
@OnOpen
@Override
public void onOpen(Session session, EndpointConfig config)
{
log.info("Connexion établie.");
this.session = session;
}
public boolean awaitClose(int duration, TimeUnit unit) throws
InterruptedException
{
return this.closeLatch.await(duration,unit);
}
@OnClose
@Override
public void onClose(Session session, CloseReason reason)
{
log.info("Connexion fermée.");
this.closeLatch.countDown();
}
public void write(String message) throws IOException {
this.session.getBasicRemote().sendText(message);
}
public void writeObject(Object object) throws IOException,
EncodeException {
this.session.getBasicRemote().sendObject(object);
}
public void close() throws IOException {
this.session.close();
}
}
When I implement getWSTestURI() so that it returns a url for a non
encrypted request, such as ws://localhost/8084/ws/delaislimites :
* RecordingReceivedMessagesSocket.onMessage gets called with the
immediate server reply ("OK").
The ServerEndPoint looks like :
@Log4j2
@ManagedService(path = "/ws/delaislimites")
public class WSDelaisLimites {
@Inject
private BroadcasterFactory factory;
@Inject
private AtmosphereResourceFactory resourceFactory;
@Inject
private MetaBroadcaster metaBroadcaster;
@Ready(encoders = {JacksonEncoder.class})
@DeliverTo(DeliverTo.DELIVER_TO.ALL)
public String onReady(final AtmosphereResource r) {
log.info("Browser {} connected.", r.uuid());
return "OK";
}
/**
* Invoked when the client disconnect or when an unexpected closing
of the underlying connection happens.
*
* @param event
*/
@Disconnect
public void onDisconnect(AtmosphereResourceEvent event) {
if (event.isCancelled()) {
log.info("Browser {} unexpectedly disconnected",
event.getResource().uuid());
} else if (event.isClosedByClient()) {
log.info("Browser {} closed the connection",
event.getResource().uuid());
}
}
/* ... */
@Message
public String onMessage(String message) throws IOException {
StringBuilder sb = new StringBuilder();
sb.append("Reçu le message texte ");
sb.append(message);
log.info(sb.toString());
return message;
}
}
So, I am getting "OK".
When I connect through SSL, with a url like
wss://localhost:8765/ws/delaislimites :
* RecordingReceivedMessagesSocket.onMessage
Re: Tomcat Embedded and Web Fragments
On 13/07/2016 15:57, Violeta Georgieva wrote: Hi, 2016-07-07 15:07 GMT+03:00 l.pe...@senat.fr <l.pe...@senat.fr>: Hi. I am using Tomcat embedded, for integration tests. I do not find how to let it take in account web-fragments of included jars. Is there a specific config ? Does anyone have a working example ? Take a look at the Tomcat's tests https://github.com/apache/tomcat/blob/trunk/test/org/apache/catalina/startup/TestContextConfig.java Thank you ! I moved on to other tasks, but there is clearly a solution in these tests. Ludovic | | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT. | - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat Embedded and Web Fragments
Hi. I am using Tomcat embedded, for integration tests. I do not find how to let it take in account web-fragments of included jars. Is there a specific config ? Does anyone have a working example ? I am using version 8.0.36. Thanks in advance, Ludovic | | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT. | - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
JWT and Tomcat
Hi. I am planning to use JSON web tokens (JWT, see https://jwt.io/ and RFC 7519 https://tools.ietf.org/html/rfc7519 ). Is there any plan to have a "standard" valve implementing this RFC in Tomcat ? The best I could find is https://github.com/andreacomo/tomcat-jwt-security Is there an already available option I missed ? Thanks in advance, Ludovic | | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT. | - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Determining parallely deployed versions of a webapp programmatically
On 16/12/2015 15:58, l.pe...@senat.fr wrote:
Hi.
I have in some of my apps cron-like tasks, scheduled by libs such as
quartz.
As I am also an happy user of the parallel deployment feature of
tomcat, I was wondering whether, without special privileges such as
those of the "admin" webapps, I could programatically determine if a
webapp is the "top" version of a family of webapps.
So, if webapp versions :
* 1.2.1
* 1.2.2
* 1.2.3
are deployed, I should be capable to determine that 1.2.3 is the
latest and only run the scheduled task in this last one.
Is there any API to achieve that ?
I found no API and ended with the following :
1) store the ServletContext on startup, using a ServletContextListener
2) find the tomcat Context from the ServletContext, using MBeans
MBeanServer mBeanServer =
MBeanServerFactory.findMBeanServer(null).get(0);
ObjectName name = new ObjectName("Catalina", "type", "Server");
Server server = (Server) mBeanServer.getAttribute(name,
"managedResource");
Service service = server.findService("Catalina");
Engine engine = (Engine) service.getContainer();
Host host = (Host) engine.findChild(engine.getDefaultHost());
Container[] children = host.findChildren();
for(int i = 0 ; i < children.length ; i++) {
if(children[i] instanceof Context) {
Context ctx = (Context) children[i];
if(ctx.getServletContext() == sc) {
return ctx;
}
}
}
3) From the Context, go up to the host and scan contexts, finding those
whose name starts with the same base name as ours (defined as our name
stripped from an optionnal ##version ending)
Host host = (Host) context.getParent();
List ret = new ArrayList<>();
Container[] children = host.findChildren();
String shortName =
StringUtils.substringBefore(context.getName(),"##");
for(int i = 0 ; i < children.length ; i++) {
if(children[i] instanceof Context) {
Context cur = (Context) children[i];
if(StringUtils.startsWith(cur.getName(), shortName)) {
ret.add(cur);
}
}
}
return ret;
StringUtils is here org.apache.commons.lang3.StringUtils.
Note that you should not try to perform 2) in the ServletContextListner
mentionned in 1), or you deadlock when calling, server.findService.
Any advice from a tomcat expert to enhance this solution welcomed. :-)
Ludovic
|
| AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
|
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Determining parallely deployed versions of a webapp programmatically
Hi. I have in some of my apps cron-like tasks, scheduled by libs such as quartz. As I am also an happy user of the parallel deployment feature of tomcat, I was wondering whether, without special privileges such as those of the "admin" webapps, I could programatically determine if a webapp is the "top" version of a family of webapps. So, if webapp versions : * 1.2.1 * 1.2.2 * 1.2.3 are deployed, I should be capable to determine that 1.2.3 is the latest and only run the scheduled task in this last one. Is there any API to achieve that ? Thanks in advance, Ludovic | | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT. | - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Parallel deployment version selection
Hi. I am using parallel deployment to upgrade my webapps with no downtime. I just have a small issue / question on how the latest version is selected. As far as I understand, the container select the latest version by lexicographically ordering the version string. So if webapp##1.0.51 and webapp##1.0.52 are deployed version 1.0.52 will be selected. I just have a periodic issue with versions ranging from 1.0.1, 1.0.2,...1.0.9 and then jumping to 1.0.10 (same thing for hundreds of course) : 1.0.9 is prefered to 1.0.10 because 9 is after 1. Is there a way to configure tomcat so that it analyses the version part as a triplet of numbers ? And so understand that 10 is more recent than 9 ? Thanks in advance, Ludovic | | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT. | - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Double call to requestInitialized when forwarding for FORM auth
On 15/07/2015 23:36, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Ludovic, On 7/15/15 3:29 AM, l.pe...@senat.fr wrote: On 13/07/2015 15:13, Christopher Schultz wrote: It looks like you or DeltaSpike are not cleaning-up as the request transitions from one state to another. Ok, thank you. What kind of notification should we process to detect this transition ? I'm not sure, since it's DeltaSpike which is objecting to the current state of the request. I think you'll have better luck with asking the DeltaSpike folks. They are welcome to come here to ask about why something may have changed. Was there ever a reply to your initial question? Yes, and a patch allowing this double initialization. But as I suspect that there is something cleaner to do, I try to scratch the subject. In your post to their list, you mentioned that there are sometimes Pretty much the same than in this case, if I sum it up. A typical example : years ago, I wrote a web filter, had to perform some locking in it (because of legacy libs) and was quite surprised to see the request going through the filter twice when serving a login page on FORM auth. I am no JEE Guru, so strange does not mean bad but surprising. Thanks, Ludovic | | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT. | - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Double call to requestInitialized when forwarding for FORM auth
On 13/07/2015 15:13, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Ludovic, On 7/10/15 2:33 AM, l.pe...@senat.fr wrote: I have a problem with DeltaSpike Servlet module ( https://deltaspike.apache.org/documentation/servlet.html ) that seems to be caused by an incorrect behavior of Tomcat. The thread on DS mailiing list : http://mail-archives.apache.org/mod_mbox/deltaspike-users/201507.mbox/ %3C559E1F24.40408%40senat.fr%3E It looks like you or DeltaSpike are not cleaning-up as the request transitions from one state to another. Ok, thank you. What kind of notification should we process to detect this transition ? Ludovic | | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT. | - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Double call to requestInitialized when forwarding for FORM auth
Hi. I have a problem with DeltaSpike Servlet module ( https://deltaspike.apache.org/documentation/servlet.html ) that seems to be caused by an incorrect behavior of Tomcat. The thread on DS mailiing list : http://mail-archives.apache.org/mod_mbox/deltaspike-users/201507.mbox/%3C559E1F24.40408%40senat.fr%3E I am using Tomcat 8.0.23 and it seems that requestInitialized is called twice when a forward is performed. In my case, this forward is performed because I am using container managed security with auth method set to FORM and Tomcat redirects to the login page. Is this behavior incorrect or should I propose a patch to DS ? Thanks in advance, Ludovic | | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT. |
