H Thilini,
Seems that I made a mistake here.
> I tested with your code snippet and it works fine to me. Please check &
> compare your *jaggery.conf* file with the given below.
>
> {
> "displayName": "test",
> "logLevel": "debug",
> "urlMappings": [
> {
> "url": "/debug/*",
> "path": "/lib/debugging.jag"
> }
> ],
> "errorPages": {
> "404": "/app/error.html"
> }
> }
>
> I forgot to test above config for PUT & DELETE requested before posting.
When I ran a full test, I was able to produce 403 Forbidden for PUT and
DELETE requests..
I looked into the problem and looks like it goes all the way to Tomcat.
Jaggery error pages are implemented via Tomcat "custom error pages" option
[1]. When you call response.sendError function in Jaggery, it ultimately
calls HttpServletResponse.sendError [2] method. In Tomcat's implementation,
sendError method restarts the entire request routing/dispatching process.
So when sendError is called for a PUT or DELETE request, whole dispatching
process restarts and try to serve the configured custom error page (
*error.html*) [3]. Since *error.html* is a static resource, now the request
is handled by the DefaultServlet [4]. Now for the DefaultServlet, the HTTP
request looks like "*apply PUT/DELETE operation on error.html*". Here,
DefaultServlet's *readonly* property comes to play [5]. Default value of
the *readonly* property is true which means clients cannot modify or delete
static resources in the server. Hence "*appying PUT/DELETE operation on
error.html*" is forbidden. Therefore the 403 Forbidden is sent to the
client.
[1] http://wiki.apache.org/tomcat/FAQ/Miscellaneous#Q6
[2]
https://tomcat.apache.org/tomcat-5.5-doc/servletapi/javax/servlet/http/HttpServletResponse.html#sendError(int)
[3] http://stackoverflow.com/a/23177116/1577286
[4] https://tomcat.apache.org/tomcat-7.0-doc/default-servlet.html#what
[5] https://tomcat.apache.org/tomcat-7.0-doc/security-howto.html#web.xml
Thanks.
On Tue, Oct 20, 2015 at 3:10 PM, Dakshika Jayathilaka <[email protected]>
wrote:
> Hi,
>
> Can you check the jaggery version that your using. AFAIK there are several
> changes done in latest version.
>
> Regards,
>
> *Dakshika Jayathilaka*
> PMC Member & Committer of Apache Stratos
> Senior Software Engineer
> WSO2, Inc.
> lean.enterprise.middleware
> 0771100911
>
> On Tue, Oct 20, 2015 at 2:58 PM, Thilini Cooray <[email protected]> wrote:
>
>> Hi,
>>
>> Our jaggery.conf file is like this [1].
>> Since HTTP GET and POST are working fine.
>> I doubt whether this can be an issue with the conf file.
>>
>> [1]
>> https://github.com/wso2/carbon-apimgt/blob/release-1.9.0/features/apimgt/org.wso2.carbon.apimgt.store.feature/src/main/resources/store/jaggery.conf
>>
>> Thanks.
>>
>> On Tue, Oct 20, 2015 at 2:38 PM, Sajith Ariyarathna <[email protected]>
>> wrote:
>>
>>> Hi Thilini,
>>>
>>> I tested with your code snippet and it works fine to me. Please check &
>>> compare your *jaggery.conf* file with the given below.
>>>
>>> {
>>> "displayName": "test",
>>> "logLevel": "debug",
>>> "urlMappings": [
>>> {
>>> "url": "/debug/*",
>>> "path": "/lib/debugging.jag"
>>> }
>>> ],
>>> "errorPages": {
>>> "404": "/app/error.html"
>>> }
>>> }
>>>
>>>
>>> Thanks.
>>>
>>> On Tue, Oct 20, 2015 at 10:54 AM, Thilini Cooray <[email protected]>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> This is the source.
>>>>
>>>> var uri = request.getRequestURI();
>>>>
>>>> var callPath=uri.replace("/store","");
>>>>
>>>> var action = "list"; // default action list the topics
>>>> if(uri != null) {
>>>> var uriMatcher = new URIMatcher(callPath);
>>>> if (uriMatcher.match("/forum") || uriMatcher.match("/forum/")) {
>>>> action = "list";
>>>> }
>>>> else if (uriMatcher.match("/forum/new")) {
>>>> action = "new"; // create topic
>>>> }
>>>> else if (uriMatcher.match("/forum/new/{id}")) {
>>>> action = "new"; // create topic
>>>> }
>>>> else if (uriMatcher.match("/forum/topic/{id}")) {
>>>> var topic = uriMatcher.elements().id;
>>>> action = "topic";
>>>> } else {
>>>> action = "exit";
>>>> }
>>>> }
>>>>
>>>> if(action == "exit"){
>>>> *response.sendError(404);*
>>>> } else {
>>>>
>>>> // Logic comes here
>>>>
>>>> }
>>>>
>>>> 404 will refer to
>>>> <APIM_HOME>/repository/deployment/server/jaggeryapps/store/pages/error-pages/404.html
>>>>
>>>>
>>>> Thanks.
>>>>
>>>>
>>>>
>>>> On Tue, Oct 20, 2015 at 10:39 AM, Sajith Ariyarathna <[email protected]
>>>> > wrote:
>>>>
>>>>> Hi Thilini,
>>>>>
>>>>> Can you share your code here?
>>>>>
>>>>> I tested following Jaggery code. (Test was executed in* AppM 1.0.0*
>>>>> pack and *Advanced Rest Client* was used as the HTTP client)
>>>>>
>>>>> *URL Mapping in jaggery.conf: *
>>>>>
>>>>> {
>>>>>
>>>>> "url": "/test/*",
>>>>>
>>>>> "path": "/lib/test.jag"
>>>>>
>>>>> }
>>>>>
>>>>>
>>>>> *File*: *test.jag*
>>>>>
>>>>> *Code:*
>>>>>
>>>>> var log = new Log("[testing]");
>>>>>
>>>>> log.info("Hit for HTTP method " + request.getMethod());
>>>>>
>>>>> response.sendError(404, "Testing page not found.");
>>>>>
>>>>>
>>>>> *Terminal Output:*
>>>>>
>>>>> [2015-10-20 10:26:52,885] INFO - [testing] Hit for HTTP method GET
>>>>>
>>>>> [2015-10-20 10:26:57,499] INFO - [testing] Hit for HTTP method POST
>>>>>
>>>>> [2015-10-20 10:27:02,045] INFO - [testing] Hit for HTTP method PUT
>>>>>
>>>>> [2015-10-20 10:27:06,011] INFO - [testing] Hit for HTTP method DELETE
>>>>>
>>>>> [2015-10-20 10:27:08,491] INFO - [testing] Hit for HTTP method HEAD
>>>>>
>>>>> [2015-10-20 10:27:10,860] INFO - [testing] Hit for HTTP method OPTIONS
>>>>>
>>>>>
>>>>> *HTTP Output:*
>>>>>
>>>>> 404 Not Found
>>>>>
>>>>> 404 Not Found
>>>>>
>>>>> 404 Not Found
>>>>>
>>>>> 404 Not Found
>>>>>
>>>>> 404 Not Found
>>>>>
>>>>> 404 Not Found
>>>>>
>>>>>
>>>>> Since the expected output was received in above, I believe the issue
>>>>> is on your side, not in Jaggery.
>>>>>
>>>>> Thanks.
>>>>>
>>>>> On Mon, Oct 19, 2015 at 2:04 PM, Thilini Cooray <[email protected]>
>>>>> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I want to send error messages for invalid URLs from API Manager Store
>>>>>> jaggery layer.
>>>>>>
>>>>>> I use response.sendError(404) for this purpose.
>>>>>> For HTTP POST and GET this method returns the correct error page
>>>>>> while it doesn't return any message for PUT and DELETE.
>>>>>>
>>>>>> I debugged [1] and found out that the errors send in all HTTP methods
>>>>>> gets hit in
>>>>>>
>>>>>> rho.response.sendError((Integer) args[0]);
>>>>>>
>>>>>> Output stream of rho.response also contains the correct error page in
>>>>>> all HTTP methods.
>>>>>> Yet it doesn't get returned in HTTP PUT and DELETE methods.
>>>>>>
>>>>>> I am unable to figure out the reason for this behaviour.
>>>>>> Any help is appreciated.
>>>>>>
>>>>>> Thanks.
>>>>>>
>>>>>> [1]
>>>>>> http://svn.wso2.org/repos/wso2/carbon/platform/tags/turing-chunk04/components/jaggery/0.9.0.ALPHA4.wso2v1/hostobjects/org.jaggeryjs.hostobjects.web/src/main/java/org/jaggeryjs/hostobjects/web/ResponseHostObject.java
>>>>>>
>>>>>> --
>>>>>> Best Regards,
>>>>>>
>>>>>> *Thilini Cooray*
>>>>>> Software Engineer
>>>>>> Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194>
>>>>>> E-mail : [email protected]
>>>>>>
>>>>>> WSO2 Inc. www.wso2.com
>>>>>> lean.enterprise.middleware
>>>>>>
>>>>>> _______________________________________________
>>>>>> Dev mailing list
>>>>>> [email protected]
>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Sajith Ariyarathna
>>>>> Software Engineer; WSO2, Inc.; http://wso2.com/
>>>>> mobile: +94 77 6602284, +94 71 3951048
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Best Regards,
>>>>
>>>> *Thilini Cooray*
>>>> Software Engineer
>>>> Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194>
>>>> E-mail : [email protected]
>>>>
>>>> WSO2 Inc. www.wso2.com
>>>> lean.enterprise.middleware
>>>>
>>>
>>>
>>>
>>> --
>>> Sajith Ariyarathna
>>> Software Engineer; WSO2, Inc.; http://wso2.com/
>>> mobile: +94 77 6602284, +94 71 3951048
>>>
>>
>>
>>
>> --
>> Best Regards,
>>
>> *Thilini Cooray*
>> Software Engineer
>> Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194>
>> E-mail : [email protected]
>>
>> WSO2 Inc. www.wso2.com
>> lean.enterprise.middleware
>>
>> _______________________________________________
>> Dev mailing list
>> [email protected]
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
--
Sajith Ariyarathna
Software Engineer; WSO2, Inc.; http://wso2.com/
mobile: +94 77 6602284, +94 71 3951048
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
