Re: Filtering URL via tomcat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ravi,
On 5/1/2009 7:36 PM, Ravi Sharma wrote:
I wanted to server these pages only to registered user of my site so i put
one filter in web.xml of my application
filter
filter-nameDownLoadSecurityFilter/filter-name
filter-classcom.app.security.SecurityFilter/filter-class
/filter
filter-mapping
filter-nameDownLoadSecurityFilter/filter-name
url-pattern/audio/download/*/url-pattern
/filter-mapping
Looks good so far. I still think you might just want to use the built-in
authentication and authorization capabilities provided by the container.
Have you looked into using security-constraint?
Now if user is logged in then i don't do any redirection to login page in
Filter class. Class code as follows
[snip]
try
{
checkSecurity(request);
}
catch(UserNotLoggedIn ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
LOGINURL +?URL= + targetUrl);
Technically, this should be:
httpResponse.sendRedirect(httpRequest.getContextPath()
+ response.encodeRedirecURL(LOGINURL)
+ ?URL=
+ java.net.URLEncoder.encode(targetURL, UTF-8)
);
Problem : Now when user is logged in then user should be able to see this
page content of
http://www.mysite.com/app/audio/download/abc.html
but on this page in browser user getting following tomcat error
*Type* Status report
*message* */app/audio/download/abc.html
**description* *The requested resource (/app/audio/download/abc.html) is not
available.**
Did you say that Tomcat generates pages like
/app/audio/download/foo.html for you after the webapp is deployed? I
have seen a lot of people complain that files created after webapp
deployment are not seen by the DefaultServlet, which serves static
content for you.
If you need to serve files that have been created after deployment, you
might want to write your own servlet to serve them. Better yet, serve
them out of another directory because when you undeploy a webapp, Tomcat
might delete the webapp directory and also all your generated files.
You might be able to use the DefaultServlet by changing some settings on
it like whether to cache information about the directories is has
scanned before.
I believe your filter is functioning correctly. Tomcat, in this case, is
what is the problem for you.
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkn/RDEACgkQ9CaO5/Lv0PAsCACeO3fLNjoHYEdUWmA65pGGZxrG
ZN8AoKqqDDv5FuRwP07h5G8s5oBZFEG+
=QTtT
-END PGP SIGNATURE-
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Filtering URL via tomcat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ravi, Some things aren't adding up: http://www.mysiste.com/audio/abc.html (anyone/guests can see this page) http://www.mysiste.com/audio/app/download/abc.html (only logged in user can see this page) ...and... the root of my site reside in appache httpd server so i have folder structure like mysite/public_html/audio mysite/public_html/app/audio/download in my httpd conf i have something like this JkMount /app/audio/download/* ajp13w You have JkMounted /app/audio/download but your URLs above suggest this should be /audio/app/download/abc.html. That's strange. You have your webapp in a directory called mysite but the context name is app. That's strange. On 4/27/2009 2:26 PM, Ravi Sharma wrote: http://www.mysite.com/audio/abc.html is a html being served by httpd correctly then when i try to access http://www.mysite.com/app/audio/download/abc.htmli get following error on browser *Type* Status report *message* */app/audio/download/abc.html **description* *The requested resource (/app/audio/download/abc.html) is not available.** Sounds like this is a Tomcat error. Are you attempting to serve /app/audio/download/abc.html from within Tomcat? If so, is that file (abc.html) actually deployed as part of the web application? I think it would be helpful to post more of your httpd configuration and the output of 'find' in your webapp's root directory. Another question: why are you implementing your own authentication and authorization instead of using those built-in features of Tomcat? Seems like re-inventing the wheel... There are no errors in catalina.out(and this is the only file in logs dir of Tomcat) catalina.out will not contain errors like file not found. If you want to see what requests are being served, you'll want to enable the AccessLogValve. See http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html for details. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkn7IRUACgkQ9CaO5/Lv0PALDwCgiiLbGQ3m1VbcnqUp2cWGtCZR 1HsAn11gsfaTF1DxL9xd3/QMRiVaqhFH =aPN/ -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Filtering URL via tomcat
Hi All,
Please help me for this problem, i am not able to get to the root of the
problem.
My site have few open/free pages which can be accessed by anyone/guests and
few only for registered users. So you can access those pages only by login
to the site
http://www.mysiste.com/audio/abc.html (anyone/guests can see this page)
http://www.mysiste.com/audio/app/download/abc.html (only logged in user can
see this page)
I am using tomcat 5.5 and appache httpd server 2.2.
the root of my site reside in appache httpd server
so i have folder structure like
mysite/public_html/audio
mysite/public_html/app/audio/download
in my httpd conf i have something like this
JkMount /app/audio/download/* ajp13w
..
..
..
and mysite.com is poiniting to mysite/public_html
*app* is my tomcat application context
and in tomcat web.xml one Filter is listning to url
filter
filter-nameDownLoadSecurityFilter/filter-name
filter-classcom.app.security.SecurityFilter/filter-class
/filter
filter-mapping
filter-nameDownLoadSecurityFilter/filter-name
url-pattern/audio/download/*/url-pattern
/filter-mapping
So all the pages will be served by apache httpd except the pages which are
like app/audio/download.
So now when somone try to access app/audio/download/some.html the request
passed to tomcat, in turns filter check this url and if user is not logged
in then login screen comes up.
User login and proceed and login screen automcatically forward the request
to the page which was requested app/audio/download/some.html, but here i get
this tomcat error
*Type* Status report
*message* */app/audio/download/some.html*
*description* *The requested resource (/app/audio/download/some.html) is not
available.*
these html pages are static pages and exists in apache http home dir of
websites
public_html/app/audio/download/some.html
but then i thought may be it need to exists in tomcat web apps too., so
under web-apps/app dir i created audio link to audio directory under
public_html
so now webapps dir has following link
webapps/app/audio - /home/mysite/public_html/audio
so basically if i try to access any thing with
http://www.mysite.com/app/audio, it should be served from audio dir in
webapps which in turn audio dir from appache httpd.
But its not working. :(
I dont know whats wrong.
following is my java filter class
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
try
{
checkSecurity(request);
}
catch(UserNotLoggedIn ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
LOGINURL +?URL= + targetUrl);
return;
}
catch(OperationNotAllowedForUser ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
DENIENDURL );
return;
}
chain.doFilter(request, response);
doAfterProcessing(request, response);
}
private void doAfterProcessing(ServletRequest request, ServletResponse
response)
throws IOException, ServletException {
}
Thanks in advance
Ravi
Re: Filtering URL via tomcat
Ravi,
First :
so basically if i try to access any thing with
http://www.mysite.com/app/audio, it should be served from audio dir in
webapps which in turn audio dir from appache httpd.
But its not working. :(
its not working is not something that allows anyone to help you.
HOW is it not working ? What do you do, what do you expect, and what are
you getting as an error ?
That means :
- tell us what URL you are using in the browser
- what error do you see in the browser ?
- what error do you see in the Apache logfile ?
- and what error do you see in the Tomcat logfile ?
Then (old African proverb) : if you want to eat an elephant, you should
do it a little bit at a time.
In other words, simplify the problem if you can.
Assuming that your Tomcat listens on port 8080 for example (you can see
that in the conf/server.xml, Connector tags), try the following :
- turn off Apache httpd
- in the browser, enter the URL
http://www.mysiste.com:8080/app/audio/download/abc.html
(that goes to Tomcat directly, without going through Apache).
What happens then ?
Don't be afraid to add some details.
Ravi Sharma wrote:
Hi All,
Please help me for this problem, i am not able to get to the root of the
problem.
My site have few open/free pages which can be accessed by anyone/guests and
few only for registered users. So you can access those pages only by login
to the site
http://www.mysiste.com/audio/abc.html (anyone/guests can see this page)
http://www.mysiste.com/audio/app/download/abc.html (only logged in user can
see this page)
I am using tomcat 5.5 and appache httpd server 2.2.
the root of my site reside in appache httpd server
so i have folder structure like
mysite/public_html/audio
mysite/public_html/app/audio/download
in my httpd conf i have something like this
JkMount /app/audio/download/* ajp13w
..
..
..
and mysite.com is poiniting to mysite/public_html
*app* is my tomcat application context
and in tomcat web.xml one Filter is listning to url
filter
filter-nameDownLoadSecurityFilter/filter-name
filter-classcom.app.security.SecurityFilter/filter-class
/filter
filter-mapping
filter-nameDownLoadSecurityFilter/filter-name
url-pattern/audio/download/*/url-pattern
/filter-mapping
So all the pages will be served by apache httpd except the pages which are
like app/audio/download.
So now when somone try to access app/audio/download/some.html the request
passed to tomcat, in turns filter check this url and if user is not logged
in then login screen comes up.
User login and proceed and login screen automcatically forward the request
to the page which was requested app/audio/download/some.html, but here i get
this tomcat error
*Type* Status report
*message* */app/audio/download/some.html*
*description* *The requested resource (/app/audio/download/some.html) is not
available.*
these html pages are static pages and exists in apache http home dir of
websites
public_html/app/audio/download/some.html
but then i thought may be it need to exists in tomcat web apps too., so
under web-apps/app dir i created audio link to audio directory under
public_html
so now webapps dir has following link
webapps/app/audio - /home/mysite/public_html/audio
so basically if i try to access any thing with
http://www.mysite.com/app/audio, it should be served from audio dir in
webapps which in turn audio dir from appache httpd.
But its not working. :(
I dont know whats wrong.
following is my java filter class
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
try
{
checkSecurity(request);
}
catch(UserNotLoggedIn ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
LOGINURL +?URL= + targetUrl);
return;
}
catch(OperationNotAllowedForUser ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
DENIENDURL );
return;
}
chain.doFilter(request, response);
doAfterProcessing(request, response);
}
private void doAfterProcessing(ServletRequest request, ServletResponse
response)
throws IOException, ServletException {
}
Thanks in advance
Ravi
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Filtering URL via tomcat
adding to previoius mail.
http://www.mysite.com/audio/abc.html is a html being served by httpd
correctly
then when i try to access
http://www.mysite.com/app/audio/download/abc.htmli get following error
on browser
*Type* Status report
*message* */app/audio/download/abc.html
**description* *The requested resource (/app/audio/download/abc.html) is not
available.**
the access log(mysite.com_access_log) of apache httpd says*
[27/Apr/2009:11:09:16 -0700] GET /app/audio/download/abc.html HTTP/1.1 404
1135 - Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.0.9)
Gecko/2009040821 Firefox/3.0.9 (.NET CLR 3.5.30729)
*the error log(mysite.com_error_log) of appache httpd says nothing, no issue
there*
when i tried this url
http://www.mysite.com:9080/app/audio/download/abc.html (tomcat is running on
9080)
i got the same error on browser*
Type* Status report
*message* */app/audio/download/abc.html*
*description* *The requested resource (/app/audio/download/abc.html) is not
available.* *
*
There are no errors in catalina.out(and this is the only file in logs dir of
Tomcat)
On Mon, Apr 27, 2009 at 6:57 PM, André Warnier a...@ice-sa.com wrote:
Ravi,
First :
so basically if i try to access any thing with
http://www.mysite.com/app/audio, it should be served from audio dir in
webapps which in turn audio dir from appache httpd.
But its not working. :(
its not working is not something that allows anyone to help you.
HOW is it not working ? What do you do, what do you expect, and what are
you getting as an error ?
That means :
- tell us what URL you are using in the browser
- what error do you see in the browser ?
- what error do you see in the Apache logfile ?
- and what error do you see in the Tomcat logfile ?
Then (old African proverb) : if you want to eat an elephant, you should do
it a little bit at a time.
In other words, simplify the problem if you can.
Assuming that your Tomcat listens on port 8080 for example (you can see
that in the conf/server.xml, Connector tags), try the following :
- turn off Apache httpd
- in the browser, enter the URL
http://www.mysiste.com:8080/app/audio/download/abc.html
(that goes to Tomcat directly, without going through Apache).
What happens then ?
Don't be afraid to add some details.
Ravi Sharma wrote:
Hi All,
Please help me for this problem, i am not able to get to the root of the
problem.
My site have few open/free pages which can be accessed by anyone/guests
and
few only for registered users. So you can access those pages only by login
to the site
http://www.mysiste.com/audio/abc.html (anyone/guests can see this page)
http://www.mysiste.com/audio/app/download/abc.html (only logged in user
can
see this page)
I am using tomcat 5.5 and appache httpd server 2.2.
the root of my site reside in appache httpd server
so i have folder structure like
mysite/public_html/audio
mysite/public_html/app/audio/download
in my httpd conf i have something like this
JkMount /app/audio/download/* ajp13w
..
..
..
and mysite.com is poiniting to mysite/public_html
*app* is my tomcat application context
and in tomcat web.xml one Filter is listning to url
filter
filter-nameDownLoadSecurityFilter/filter-name
filter-classcom.app.security.SecurityFilter/filter-class
/filter
filter-mapping
filter-nameDownLoadSecurityFilter/filter-name
url-pattern/audio/download/*/url-pattern
/filter-mapping
So all the pages will be served by apache httpd except the pages which are
like app/audio/download.
So now when somone try to access app/audio/download/some.html the request
passed to tomcat, in turns filter check this url and if user is not logged
in then login screen comes up.
User login and proceed and login screen automcatically forward the request
to the page which was requested app/audio/download/some.html, but here i
get
this tomcat error
*Type* Status report
*message* */app/audio/download/some.html*
*description* *The requested resource (/app/audio/download/some.html) is
not
available.*
these html pages are static pages and exists in apache http home dir of
websites
public_html/app/audio/download/some.html
but then i thought may be it need to exists in tomcat web apps too., so
under web-apps/app dir i created audio link to audio directory under
public_html
so now webapps dir has following link
webapps/app/audio - /home/mysite/public_html/audio
so basically if i try to access any thing with
http://www.mysite.com/app/audio, it should be served from audio dir in
webapps which in turn audio dir from appache httpd.
But its not working. :(
I dont know whats wrong.
following is my java filter class
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
try
{
checkSecurity(request);
}
catch(UserNotLoggedIn
