Re: Redirection/URL rewriting Tomcat 8.5.14

[Daniel Savard]

Hi Chris,

2017-05-12 13:31 GMT-04:00 Christopher Schultz :

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Daniel,
>
> On 5/12/17 10:03 AM, Daniel Savard wrote:
> > Hi everyone,
> >
> > my question is not specific to the Tomcat version specified in the
> > subject line. I am trying to implement a URL rewrite or
> > redirection using Tomcat. What I want to do is the following:
> >
> > In a given instance of Tomcat, I have each application context
> > setup using the xml files in
> > $CATALINA_BASE/conf/[enginename]/[hostname]/, so far so good. Hence
> > for app1 I then have the URL:
> https://myserver:myport/app1, etc.
> >
> > What I need to do, is to have a dummy application which purpose is
> > just to redirect/rewrite the URL from one application to another.
> > So, I need in fact an empty application capturing each request and
> > send back to the browser a rewritten URL to the another
> > application.
> >
> > For example, suppose I want to redirect app1 to app2, I need to
> rewrite all
> > possible URL with query options and so one replacing only app1 by
> > app2 in the URL.
> >
> > https://myserver:myport/app1/something_more_specific?opt1 should be
> >  rewritten as
> > https://myserver:myport/app2/something_more_specific?opt1
> >
> > To do this, I read about the rewrite valve here:
> > http://tomcat.apache.org/tomcat-8.5-doc/rewrite.html
> >
> > So, I created an empty directory $CATALINA_BASE/webapps/app1 with
> > the following file:
> >
> > $CATALINA_BASE/webapps/app1/WEB-INF/rewrite.config
> >
> > And my $CATALINA_BASE/conf/[enginename]/[hostname]/app1.xml has the
> >  following entry within its context:
> >
> >  > className="org.apache.catalina.valves.rewrite.RewriteValve"/>
> >
> > My rewrite.config file is as follow:
> >
> > RewriteCond %{REQUEST_URI} ^/app1/?.* RewriteRule ^/app1(/?.*)$
> > /app2$1 [L]
> >
> > Without anything else, I am getting a HTTP 404 code. With an empty
> >  index.html I am getting a blank page. Within a working application
> > I am getting the application's welcome page. But never the URL is
> rewritten. The
> > rewrite.config file is actually read, I checked by introducing
> > some typo and I am getting an error message at startup.
> >
> > Is there a way to debug this problem? How can I see what is going
> > on with the execution of the rewriting class?
>
> I think everything you have above is correct, except that you want to
> deploy everything in the ROOT application instead of into "app1". With
> "app1", you are re-writing "/app1/app1" to "/app1/app2" when in fact you
> want to rewrite "/app1" to "/app2", correct?
>
> Also, it's important that /app1 not be a deployed application, otherwise
> requests to that context path with be sent to the /app1 application
> instead of to the ROOT webapp.
>
> - -chris
> -BEGIN PGP SIGNATURE-
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBCAAGBQJZFfGGAAoJEBzwKT+lPKRYlfsQAK9+rFzKtrrPS73Ma9VDclkn
> Lr3oG65TdKPhwVEtQlQoxLggX3GLiepImPzjY52rnMhxCZj+tt5n/fCkqVzEPnIp
> /NNgz/nX/GWqYjU11V58Azh2GRrjBqCJmesawxB/Y5+2NjcW6PrXJNje5PBmkbjs
> QkI5ftAYih7zxWQ4yASJfYwOmmjPpdNfyEM0IR/qkh/VnTz5bVu0/EgeOOK0/Dny
> EsK+3ptm+gdTNVt9jqwEnhWx5tsgpanhTycyyagwROT2A7NaldIi7xARPW3ZlSSF
> 0ncvQ8Z3G0KolBsGsDVyNgNv+bF38sfxOaN7xyp9GXFJVX5hKfRFBphiWPl+jjzz
> mwPcA3MsqDM3fQ4hMTAffmnUAj786pTZ6MCjDnumFjnQZB0zXASEpfI4G9f3+dKM
> fiVdjUQxgrXlUl6wcqBGUidN5PDb+akY8w9xNDl3PvBjrXfFIIfttLgGmxF5cej6
> dkvLqZoitIDzt8dOkWSns3UdK+fq3a1Hjw1BOPlvnvKbnhz2QXrxua6WMDQapohs
> JUUkAR3sujPUs/Tgjq5SiIEBe9sbwQTysNgtw9MzFUmAB7D87cCt0zI8dCbaL54Z
> iYUI0+IDVG7rc7+TwFeRo+ok96qMK1IKCiZt/8pe/097WcWMQq9FeYpGAg4YgZYo
> bwhJFBohEZeuwZCwhN9F
> =J7pC
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
Thanks for the tip. I am almost there. Actually, moving everything in ROOT
solved at least the actual execution of the rewriting. However, it didn't
solve entirely my problem.

If I access the URL: https://myhost/app1 in my browser the URL is actually
rewritten to https://myhost/app2 and access the index.html, etc. This is
fine.

However, if I try to access the URL: https://myhost/app1/ in my browser the
URL is NOT rewritten even if the actual application is properly accessed. I
really need the URL to be sent back to the browser. The same thing happens
if something follows the first part of the URI /app1/something will lead to
/app1/something instead of /app2/something.

The reason I am struggling with this and need this behavior is because a
commercial application we are running here is having a new version where
some files kept the same name as the older version, but the content is not
the same (typically icons, logos and pictures) and in the previous version,
they were marked to not expired in the 

Re: Redirection/URL rewriting Tomcat 8.5.14

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Daniel,

On 5/12/17 10:03 AM, Daniel Savard wrote:
> Hi everyone,
> 
> my question is not specific to the Tomcat version specified in the 
> subject line. I am trying to implement a URL rewrite or
> redirection using Tomcat. What I want to do is the following:
> 
> In a given instance of Tomcat, I have each application context
> setup using the xml files in
> $CATALINA_BASE/conf/[enginename]/[hostname]/, so far so good. Hence
> for app1 I then have the URL:
https://myserver:myport/app1, etc.
> 
> What I need to do, is to have a dummy application which purpose is 
> just to redirect/rewrite the URL from one application to another.
> So, I need in fact an empty application capturing each request and
> send back to the browser a rewritten URL to the another
> application.
> 
> For example, suppose I want to redirect app1 to app2, I need to
rewrite all
> possible URL with query options and so one replacing only app1 by 
> app2 in the URL.
> 
> https://myserver:myport/app1/something_more_specific?opt1 should be
>  rewritten as 
> https://myserver:myport/app2/something_more_specific?opt1
> 
> To do this, I read about the rewrite valve here: 
> http://tomcat.apache.org/tomcat-8.5-doc/rewrite.html
> 
> So, I created an empty directory $CATALINA_BASE/webapps/app1 with 
> the following file:
> 
> $CATALINA_BASE/webapps/app1/WEB-INF/rewrite.config
> 
> And my $CATALINA_BASE/conf/[enginename]/[hostname]/app1.xml has the
>  following entry within its context:
> 
>  className="org.apache.catalina.valves.rewrite.RewriteValve"/>
> 
> My rewrite.config file is as follow:
> 
> RewriteCond %{REQUEST_URI} ^/app1/?.* RewriteRule ^/app1(/?.*)$ 
> /app2$1 [L]
> 
> Without anything else, I am getting a HTTP 404 code. With an empty
>  index.html I am getting a blank page. Within a working application
> I am getting the application's welcome page. But never the URL is
rewritten. The
> rewrite.config file is actually read, I checked by introducing
> some typo and I am getting an error message at startup.
> 
> Is there a way to debug this problem? How can I see what is going
> on with the execution of the rewriting class?

I think everything you have above is correct, except that you want to
deploy everything in the ROOT application instead of into "app1". With
"app1", you are re-writing "/app1/app1" to "/app1/app2" when in fact you
want to rewrite "/app1" to "/app2", correct?

Also, it's important that /app1 not be a deployed application, otherwise
requests to that context path with be sent to the /app1 application
instead of to the ROOT webapp.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJZFfGGAAoJEBzwKT+lPKRYlfsQAK9+rFzKtrrPS73Ma9VDclkn
Lr3oG65TdKPhwVEtQlQoxLggX3GLiepImPzjY52rnMhxCZj+tt5n/fCkqVzEPnIp
/NNgz/nX/GWqYjU11V58Azh2GRrjBqCJmesawxB/Y5+2NjcW6PrXJNje5PBmkbjs
QkI5ftAYih7zxWQ4yASJfYwOmmjPpdNfyEM0IR/qkh/VnTz5bVu0/EgeOOK0/Dny
EsK+3ptm+gdTNVt9jqwEnhWx5tsgpanhTycyyagwROT2A7NaldIi7xARPW3ZlSSF
0ncvQ8Z3G0KolBsGsDVyNgNv+bF38sfxOaN7xyp9GXFJVX5hKfRFBphiWPl+jjzz
mwPcA3MsqDM3fQ4hMTAffmnUAj786pTZ6MCjDnumFjnQZB0zXASEpfI4G9f3+dKM
fiVdjUQxgrXlUl6wcqBGUidN5PDb+akY8w9xNDl3PvBjrXfFIIfttLgGmxF5cej6
dkvLqZoitIDzt8dOkWSns3UdK+fq3a1Hjw1BOPlvnvKbnhz2QXrxua6WMDQapohs
JUUkAR3sujPUs/Tgjq5SiIEBe9sbwQTysNgtw9MzFUmAB7D87cCt0zI8dCbaL54Z
iYUI0+IDVG7rc7+TwFeRo+ok96qMK1IKCiZt/8pe/097WcWMQq9FeYpGAg4YgZYo
bwhJFBohEZeuwZCwhN9F
=J7pC
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Redirection/URL rewriting Tomcat 8.5.14

[Daniel Savard]

Hi everyone,

my question is not specific to the Tomcat version specified in the subject
line. I am trying to implement a URL rewrite or redirection using Tomcat.
What I want to do is the following:

In a given instance of Tomcat, I have each application context setup using
the xml files in $CATALINA_BASE/conf/[enginename]/[hostname]/, so far so
good. Hence for app1 I then have the URL: https://myserver:myport/app1, etc.

What I need to do, is to have a dummy application which purpose is just to
redirect/rewrite the URL from one application to another. So, I need in
fact an empty application capturing each request and send back to the
browser a rewritten URL to the another application.

For example, suppose I want to redirect app1 to app2, I need to rewrite all
possible URL with query options and so one replacing only app1 by app2 in
the URL.

https://myserver:myport/app1/something_more_specific?opt1 should be
rewritten as https://myserver:myport/app2/something_more_specific?opt1

To do this, I read about the rewrite valve here:
http://tomcat.apache.org/tomcat-8.5-doc/rewrite.html

So, I created an empty directory $CATALINA_BASE/webapps/app1 with the
following file:

$CATALINA_BASE/webapps/app1/WEB-INF/rewrite.config

And my $CATALINA_BASE/conf/[enginename]/[hostname]/app1.xml has the
following entry within its context:



My rewrite.config file is as follow:

RewriteCond %{REQUEST_URI} ^/app1/?.*
RewriteRule ^/app1(/?.*)$ /app2$1 [L]

Without anything else, I am getting a HTTP 404 code. With an empty
index.html I am getting a blank page. Within a working application I am
getting the application's welcome page. But never the URL is rewritten. The
rewrite.config file is actually read, I checked by introducing some typo
and I am getting an error message at startup.

Is there a way to debug this problem? How can I see what is going on with
the execution of the rewriting class?

Regards,
-
Daniel Savard

Re: URL Rewriting

[Kiran Badi]

 Why are you so eager to remove the ids from the URL?

Thanks Chris for reply,It was looking ugly thats the reason.Anyways, now 
that I have fixed most of gaps, I think I should be fine with this.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

[Kiran Badi]

Andre, I am a big fan of yours with the way you explain the things in 
neat way.Being a moderator/owner of some of large lists of my profession 
for close to 8 years now I rarely had this kind of patience to write so 
much and so neat.


BTW For the time being, I would prefer to keep this thread on hold 
though point d is something I can experiment with.


Give me sometime to think about to redesign this piece of code.

On 6/15/2012 3:53 AM, André Warnier wrote:

Kiran Badi wrote:

Please inline for my answers Andre.

Kiran,


Why does that id=17 visible in the URL bother you ?
Is it because of some security aspect ? (that the user could change 
it, and get something else than what they should be getting ?)
Thanks for reminding this aspect.I was not checking for empty 
resultset in my code.Fixed that one now.:)


1) If that is the case, then the basic logic of your application is 
flawed.  If this is information that really needs to be sent by the 
browser to the server, then the browser must have that information. 
And if that information originally comes from the server and is sent 
to the browser, then there is /nothing/ that you can do to block 
some user from playing around with it, before sending it back to the 
server.
If you do not want the user to be able to play around with some 
information, then don't send it to him in the first place. O

Ok let me share the way I wrote this piece,

href=%=request.getContextPath()%/getmyservice.do?id=${myid} , 
this is link basically where I append the id(id comes from DB) send 
this to the servlet and it the pulls the records from db for 
corresponding id and then sends it back again to JSP for display.But 
I am not able to figure out as why I not getting the url of jsp 
something like


http://localhost:8080/ourstory/myiddata.jsp

.So thought that let me try to rewrite the url in case if its possible.


2) if the browser /must/ send some information to the server as part 
of the URL, then there is /nothing/ that can be done on the server 
side, to stop the browser showing this information in the URL bar.


To illustrate this :
- imagine that the server sends a page to the browser, and this page 
contains a link like :
a 
href=http://localhost:8080/mysite/getmyservice.do?id=my-very-secret-information;click 
here/a


Then the user, just by moving his mouse above click here, sees the 
content of that link at the bottom of his screen, in the status bar, 
right ?
And the user can right-click on click here, and choose copy link 
location.
And then the user can open another browser window, and paste this 
URL in the URL bar.
And then the user can modify this link before hitting the return 
button, so that the link now looks like

http://localhost:8080/mysite/getmyservice.do?id=some-other-information
right ?
And all this happens in the browser, /before/ the server even sees 
this browser request.

So what could the server do ?
This is interesting information,how about sending the info as POST 
rather than Get.Not sure if I can convert clicking of the link from 
get from post.but I will try.But again the place where I am 
displaying the generating the links, is not within form, they just 
hyperlinks with id appended to it.


Now I know both get/post can be broken if one wants it,thats all 
together is different case,but for now I need tidy and clean url with 
no id appended to it.


Does my requirement makes sense ?



Since you ask it that way, the answer would be no.

Step 1 : the browser contacts the server via a request with some URL 
(doesn't really mater which one at this stage, but in this first step 
there is no id yet).


Step 2 : the server does something with that request, and returns some 
response to the browser.  In this response, somewhere, the id to use 
in step 3 must be mentioned, or some other way to retrieve the id.


Step 3 : the browser sends another request to the server, in which 
this id parameter must be included (or some other way for the server 
to retrieve the correct id).


Step 4 : the server receives this second request, retrieves the id, 
and does something useful with it.


Now, at step 3, if the browser must include this id value in the 
request, it must include it somewhere.  This somewhere can be :


a) in the URL of a hyperlink.  In that case, the user will see the id 
parameter in the hyperlink, and in the browser URL bar when the user 
clicks the hyperlink.


b) in the body of the request. In this case, the user would not see 
the id parameter in the URL at step 3.  But it also means that the 
request in step 3 must be a POST request.

That is typically done with a
form method=POST action=/the/url/to/which/this/is/posted
...
input type=hidden name=id value=my-id-value /
...
/form

You cannot do that with a simple hyperlink. Clicking a hyperlink sends 
a GET request, not a POST request. And GET requests do not have a body.
It also means that the server, at step 2, must compose and send this 
html page to the browser, with the 

Re: URL Rewriting

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Kiran,

On 6/13/12 12:16 AM, Kiran Badi wrote:
 I have bunch of functionalities which are showing up with urls  as
 
 http://localhost:8080/mysite/getmyservice.do?id=17 and I just need
 to hide them and show some neat url something like
 mysite/getmyservice.do without displaying parameters.

You need to send the id somehow: your options are GET (with 'id' in
the URL), POST (with 'id' in the POST body) or using something like
Javascript to communicate with the server so that the URL doesn't show
anything.

 Will hiding the url's cause any other issues ?

The downside to using POST is that pages cannot be (easily) bookmarked
by your users, and using the BACK button on the client becomes a
miserable user experience.

Why are you so eager to remove the ids from the URL?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk/aMvEACgkQ9CaO5/Lv0PDTYACeKB4E2nw3+EqrtwTMIxpIDE/w
Rl0An0nV8HNxyT7O8+H4Nrw9PJ+J0m48
=T1zH
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

[André Warnier]

Kiran Badi wrote:

Please inline for my answers Andre.

Kiran,


Why does that id=17 visible in the URL bother you ?
Is it because of some security aspect ? (that the user could change 
it, and get something else than what they should be getting ?)
Thanks for reminding this aspect.I was not checking for empty resultset 
in my code.Fixed that one now.:)


1) If that is the case, then the basic logic of your application is 
flawed.  If this is information that really needs to be sent by the 
browser to the server, then the browser must have that information. 
And if that information originally comes from the server and is sent 
to the browser, then there is /nothing/ that you can do to block some 
user from playing around with it, before sending it back to the server.
If you do not want the user to be able to play around with some 
information, then don't send it to him in the first place. O

Ok let me share the way I wrote this piece,

href=%=request.getContextPath()%/getmyservice.do?id=${myid} , this 
is link basically where I append the id(id comes from DB) send this to 
the servlet and it the pulls the records from db for corresponding id 
and then sends it back again to JSP for display.But I am not able to 
figure out as why I not getting the url of jsp something like


http://localhost:8080/ourstory/myiddata.jsp

.So thought that let me try to rewrite the url in case if its possible.


2) if the browser /must/ send some information to the server as part 
of the URL, then there is /nothing/ that can be done on the server 
side, to stop the browser showing this information in the URL bar.


To illustrate this :
- imagine that the server sends a page to the browser, and this page 
contains a link like :
a 
href=http://localhost:8080/mysite/getmyservice.do?id=my-very-secret-information;click 
here/a


Then the user, just by moving his mouse above click here, sees the 
content of that link at the bottom of his screen, in the status bar, 
right ?
And the user can right-click on click here, and choose copy link 
location.
And then the user can open another browser window, and paste this URL 
in the URL bar.
And then the user can modify this link before hitting the return 
button, so that the link now looks like

http://localhost:8080/mysite/getmyservice.do?id=some-other-information
right ?
And all this happens in the browser, /before/ the server even sees 
this browser request.

So what could the server do ?
This is interesting information,how about sending the info as POST 
rather than Get.Not sure if I can convert clicking of the link from get 
from post.but I will try.But again the place where I am displaying the 
generating the links, is not within form, they just hyperlinks with id 
appended to it.


Now I know both get/post can be broken if one wants it,thats all 
together is different case,but for now I need tidy and clean url with no 
id appended to it.


Does my requirement makes sense ?



Since you ask it that way, the answer would be no.

Step 1 : the browser contacts the server via a request with some URL (doesn't really mater 
which one at this stage, but in this first step there is no id yet).


Step 2 : the server does something with that request, and returns some response to the 
browser.  In this response, somewhere, the id to use in step 3 must be mentioned, or 
some other way to retrieve the id.


Step 3 : the browser sends another request to the server, in which this id parameter 
must be included (or some other way for the server to retrieve the correct id).


Step 4 : the server receives this second request, retrieves the id, and does something 
useful with it.


Now, at step 3, if the browser must include this id value in the request, it must 
include it somewhere.  This somewhere can be :


a) in the URL of a hyperlink.  In that case, the user will see the id parameter in the 
hyperlink, and in the browser URL bar when the user clicks the hyperlink.


b) in the body of the request. In this case, the user would not see the id parameter in 
the URL at step 3.  But it also means that the request in step 3 must be a POST request.

That is typically done with a
form method=POST action=/the/url/to/which/this/is/posted
...
input type=hidden name=id value=my-id-value /
...
/form

You cannot do that with a simple hyperlink. Clicking a hyperlink sends a GET request, not 
a POST request. And GET requests do not have a body.
It also means that the server, at step 2, must compose and send this html page to the 
browser, with the form in it, and the hidden id parameter.
It also means that the user can, after step 2, do a view page source, and see the hidden 
id value.  The user can also save this page to a disk file, edit it to change the hidden 
value, then recall this file in the browser, and press the submit button.


c) at step 2, the server could send the id parameter inside an encrypted cookie. At step 
3, the browser would send this cookie back to the server.  The application on the server 

Re: URL Rewriting

[André Warnier]

Kiran Badi wrote:

Hi All,

For some of the functionality, I have url in the below format

http://localhost:8080/mysite/getmyservice.do?id=17

What I was looking for is to hide the id part of the url and just show 
something like


http://localhost:8080/mysite/getmyservice.do#

Is this hack possible with tomcat 7.011 or 7.027 or I need to write some 
filter to do this?


I have Tomcat 7.027 on win 7 home premium and url is generated via 
servlet/jsp.




Kiran,

Why does that id=17 visible in the URL bother you ?
Is it because of some security aspect ? (that the user could change it, and get something 
else than what they should be getting ?)


1) If that is the case, then the basic logic of your application is flawed.  If this is 
information that really needs to be sent by the browser to the server, then the browser 
must have that information. And if that information originally comes from the server and 
is sent to the browser, then there is /nothing/ that you can do to block some user from 
playing around with it, before sending it back to the server.
If you do not want the user to be able to play around with some information, then don't 
send it to him in the first place.


2) if the browser /must/ send some information to the server as part of the URL, then 
there is /nothing/ that can be done on the server side, to stop the browser showing this 
information in the URL bar.


To illustrate this :
- imagine that the server sends a page to the browser, and this page contains a 
link like :
a href=http://localhost:8080/mysite/getmyservice.do?id=my-very-secret-information;click 
here/a


Then the user, just by moving his mouse above click here, sees the content of that link 
at the bottom of his screen, in the status bar, right ?

And the user can right-click on click here, and choose copy link location.
And then the user can open another browser window, and paste this URL in the 
URL bar.
And then the user can modify this link before hitting the return button, so that the link 
now looks like

http://localhost:8080/mysite/getmyservice.do?id=some-other-information
right ?
And all this happens in the browser, /before/ the server even sees this browser 
request.
So what could the server do ?



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

[Kiran Badi]

Please inline for my answers Andre.

Kiran,


Why does that id=17 visible in the URL bother you ?
Is it because of some security aspect ? (that the user could change 
it, and get something else than what they should be getting ?)
Thanks for reminding this aspect.I was not checking for empty resultset 
in my code.Fixed that one now.:)


1) If that is the case, then the basic logic of your application is 
flawed.  If this is information that really needs to be sent by the 
browser to the server, then the browser must have that information. 
And if that information originally comes from the server and is sent 
to the browser, then there is /nothing/ that you can do to block some 
user from playing around with it, before sending it back to the server.
If you do not want the user to be able to play around with some 
information, then don't send it to him in the first place. O

Ok let me share the way I wrote this piece,

href=%=request.getContextPath()%/getmyservice.do?id=${myid} , this 
is link basically where I append the id(id comes from DB) send this to 
the servlet and it the pulls the records from db for corresponding id 
and then sends it back again to JSP for display.But I am not able to 
figure out as why I not getting the url of jsp something like


http://localhost:8080/ourstory/myiddata.jsp

.So thought that let me try to rewrite the url in case if its possible.


2) if the browser /must/ send some information to the server as part 
of the URL, then there is /nothing/ that can be done on the server 
side, to stop the browser showing this information in the URL bar.


To illustrate this :
- imagine that the server sends a page to the browser, and this page 
contains a link like :
a 
href=http://localhost:8080/mysite/getmyservice.do?id=my-very-secret-information;click 
here/a


Then the user, just by moving his mouse above click here, sees the 
content of that link at the bottom of his screen, in the status bar, 
right ?
And the user can right-click on click here, and choose copy link 
location.
And then the user can open another browser window, and paste this URL 
in the URL bar.
And then the user can modify this link before hitting the return 
button, so that the link now looks like

http://localhost:8080/mysite/getmyservice.do?id=some-other-information
right ?
And all this happens in the browser, /before/ the server even sees 
this browser request.

So what could the server do ?
This is interesting information,how about sending the info as POST 
rather than Get.Not sure if I can convert clicking of the link from get 
from post.but I will try.But again the place where I am displaying the 
generating the links, is not within form, they just hyperlinks with id 
appended to it.


Now I know both get/post can be broken if one wants it,thats all 
together is different case,but for now I need tidy and clean url with no 
id appended to it.


Does my requirement makes sense ?



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

[Hassan Schroeder]

On Wed, Jun 13, 2012 at 11:12 AM, Kiran Badi ki...@poonam.org wrote:

 why I not getting the url of jsp something like

 http://localhost:8080/ourstory/myiddata.jsp

If you want 'clean' URLs you should get rid of the '.jsp' too, but ...

The bottom line is the value for 'id' needs to come from somewhere.
Your choices are:

1) Embed it in the URL for GET requests, either via query string or
as path info  (e.g. /story/data/17 ) and handle the security aspect
(if any) yourself

2) Use a form to POST the request with the id included (a bit clunky,
 same security issue)

3) Save the 'id' in session and use that -- everyone sees the same URL
 e.g. /story/data but with unique data. Obviously, this doesn't work for
 a resource that's intended to be shared  :-)

HTH,
-- 
Hassan Schroeder  hassan.schroe...@gmail.com
http://about.me/hassanschroeder
twitter: @hassan

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

[Kiran Badi]

Thanks Hassan.

If you want 'clean' URLs you should get rid of the '.jsp' too, but ...



The bottom line is the value for 'id' needs to come from somewhere.
Your choices are:

1) Embed it in the URL for GET requests, either via query string or
as path info  (e.g. /story/data/17 ) and handle the security aspect
(if any) yourself

Kiran : I think this is what I am presently doing.


2) Use a form to POST the request with the id included (a bit clunky,
  same security issue)
Form will not work as data is dynamic and form I feel will not serve the 
purpose.


3) Save the 'id' in session and use that -- everyone sees the same URL
  e.g. /story/data but with unique data. Obviously, this doesn't work for
  a resource that's intended to be shared  :-)
Yup I agree, session is ruled out.I just dont have that much patience to 
figure the things out if I get some nasty behavior.I just dont have that 
level of skill nor time.
The way I have done this is ok for me, it serves my purpose and also I 
dont have the data which is kind of private.Its just that I was 
exploring if we can hide the id.


HTH,



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

[Hassan Schroeder]

On Wed, Jun 13, 2012 at 2:34 PM, Kiran Badi ki...@poonam.org wrote:

 1) Embed it in the URL for GET requests, either via query string or
   as path info  (e.g. /story/data/17 )

 I think this is what I am presently doing.

The query string approach, yes; personally I think the pathinfo approach
is cleaner visually.

 2) Use a form to POST the request with the id included (a bit clunky,
      same security issue)

 Form will not work as data is dynamic and form I feel will not serve the
 purpose.

The data being dynamic isn't relevant. And this approach *is* used
by frameworks like Rails for cases where GET isn't appropriate.

But each approach has advantages and disadvantages, so...

-- 
Hassan Schroeder  hassan.schroe...@gmail.com
http://about.me/hassanschroeder
twitter: @hassan

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

URL Rewriting

[Kiran Badi]

Hi All,

For some of the functionality, I have url in the below format

http://localhost:8080/mysite/getmyservice.do?id=17

What I was looking for is to hide the id part of the url and just show 
something like


http://localhost:8080/mysite/getmyservice.do#

Is this hack possible with tomcat 7.011 or 7.027 or I need to write some 
filter to do this?


I have Tomcat 7.027 on win 7 home premium and url is generated via 
servlet/jsp.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

[Oguz Kologlu]

There is a handy URL rewrite filter already built.
http://www.tuckey.org/urlrewrite/

You can hide the ID if you post the form  but you need to be a bit more 
specific with what you want to do

Oz

On 13/06/2012, at 1:21 PM, Kiran Badi wrote:

 Hi All,
 
 For some of the functionality, I have url in the below format
 
 http://localhost:8080/mysite/getmyservice.do?id=17
 
 What I was looking for is to hide the id part of the url and just show 
 something like
 
 http://localhost:8080/mysite/getmyservice.do#
 
 Is this hack possible with tomcat 7.011 or 7.027 or I need to write some 
 filter to do this?
 
 I have Tomcat 7.027 on win 7 home premium and url is generated via 
 servlet/jsp.
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
 

Re: URL Rewriting

[Kiran Badi]

On 6/13/2012 9:18 AM, Oguz Kologlu wrote:

There is a handy URL rewrite filter already built.
http://www.tuckey.org/urlrewrite/

You can hide the ID if you post the form  but you need to be a bit more 
specific with what you want to do

Oz

Thanks Oguz,

I have bunch of functionalities which are showing up with urls  as

http://localhost:8080/mysite/getmyservice.do?id=17 and I just need to hide them 
and show some neat url something like mysite/getmyservice.do without displaying 
parameters.

Will hiding the url's cause any other issues ?

- Kiran


On 13/06/2012, at 1:21 PM, Kiran Badi wrote:


Hi All,

For some of the functionality, I have url in the below format

http://localhost:8080/mysite/getmyservice.do?id=17

What I was looking for is to hide the id part of the url and just show 
something like

http://localhost:8080/mysite/getmyservice.do#

Is this hack possible with tomcat 7.011 or 7.027 or I need to write some filter 
to do this?

I have Tomcat 7.027 on win 7 home premium and url is generated via servlet/jsp.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org







-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: URL Rewriting

[Oguz Kologlu]

Kiren

You'll need to pass in the id somehow.

Maybe something like:

/mysite/service/17

and use the URL rewrite filter to map it to

 /mysite/getmyservice.do?id=17

Have a look at the doco for more info

Should not cause any other issues.

Oz


On 13/06/2012, at 2:16 PM, Kiran Badi wrote:

 
 On 6/13/2012 9:18 AM, Oguz Kologlu wrote:
 There is a handy URL rewrite filter already built.
 http://www.tuckey.org/urlrewrite/
 
 You can hide the ID if you post the form  but you need to be a bit more 
 specific with what you want to do
 
 Oz
 Thanks Oguz,
 
 I have bunch of functionalities which are showing up with urls  as
 
 http://localhost:8080/mysite/getmyservice.do?id=17 and I just need to hide 
 them and show some neat url something like mysite/getmyservice.do without 
 displaying parameters.
 
 Will hiding the url's cause any other issues ?
 
 - Kiran
 
 On 13/06/2012, at 1:21 PM, Kiran Badi wrote:
 
 Hi All,
 
 For some of the functionality, I have url in the below format
 
 http://localhost:8080/mysite/getmyservice.do?id=17
 
 What I was looking for is to hide the id part of the url and just show 
 something like
 
 http://localhost:8080/mysite/getmyservice.do#
 
 Is this hack possible with tomcat 7.011 or 7.027 or I need to write some 
 filter to do this?
 
 I have Tomcat 7.027 on win 7 home premium and url is generated via 
 servlet/jsp.
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
 
 
 
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: mod_jk and URL rewriting/proxying?

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Casper,

On 2/10/12 2:20 AM, Casper Wandahl Schmidt wrote:
 Well at least I don't have to restart tomcat for the changes to
 take effect :) Maybe I would take some time to look at how tomcat
 reads from server.xml and how the host-manager works and perhaps
 find a way to persist the changes :) Any clues as to where to look
 for that part of the code?

The host manager webapp is in the main part of the TC code, but it's
all contained in a single package: org/apache/catalina/manager/host.
It's 3 classes, one of which looks like it's nothing but constants.

It should be fairly clear how the host manager is doing its work, but
re-writing XML is a risky business because most people don't like to
lose the comments and spacing, etc. that they have explicitly put into
their configuration files.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk81PJEACgkQ9CaO5/Lv0PD07gCfYsVGZfu+YqUiRrnFXx4eZBzs
IOAAoJxFIoUnjuY8gTAx/brXxZkpaIEq
=xMt0
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: mod_jk and URL rewriting/proxying?

[Pid *]

On 10 Feb 2012, at 07:21, Casper Wandahl Schmidt kalle.pri...@gmail.com wrote:

 Den 09-02-2012 22:02, Christopher Schultz skrev:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Casper,

 On 2/9/12 1:43 PM, Casper Wandahl Schmidt wrote:
 Den 09-02-2012 19:36, Caldarale, Charles R skrev:
 From: Casper Wandahl Schmidt [mailto:kalle.pri...@gmail.com]
 Subject: mod_jk and URL rewriting/proxying? I don't want the
 app to become ROOT since I have another app that should be
 running as ROOT.
 And how is that one accessed?  From what you described it sounds
 like you want the same URL to hit different webapps based on the
 mindset of the user.
 Ha my bad. I use separate subdomains. Right now the localhost-host
 uses the default ROOT (the one shipped with Tomcat) but I plan to
 use another webapp later.
 I dont like the fact that I need to restart tomcat each time I
 need to add a new host
 Restart not required; use the host-manager webapp to add them on
 the fly.
 Nice, that will be the thing to do then :)

 Thanks for the tip!
 IIRC, the host-manager won't save the server.xml back to disk, so
 you'll have to remember to update your server.xml whenever you want to
 hot-deploy a new domain name, anyway.
 Well at least I don't have to restart tomcat for the changes to take effect 
 :) Maybe I would take some time to look at how tomcat reads from server.xml 
 and how the host-manager works and perhaps find a way to persist the changes 
 :) Any clues as to where to look for that part of the code?

Look for the digester package to see how Tomcat reads from server.xml.


p



 Casper

 - -chris
 -BEGIN PGP SIGNATURE-
 Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
 Comment: GPGTools - http://gpgtools.org
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAk80NH0ACgkQ9CaO5/Lv0PAOYACeOE6TRto+xkg05iMtKiOUcyvP
 FSUAnROQ2VOQT+GxkHMV1nYwaIdjOD+d
 =3Kim
 -END PGP SIGNATURE-

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org


 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

mod_jk and URL rewriting/proxying?

[Casper Wandahl Schmidt]

Hi List

I have a quick question (I hope).

I'm using mod_jk to forward from Apache httpd 2.2.8 to tomcat 7.0.20 
(Ubuntu 8.04). I think I saw something on this list some time ago but 
can't remember what it was really about (the real issue was not want I 
want to do).


So I want users to access my webapp from xxx.yyy.zz and then have 
apache/mod_jk to change it to xxx.yyy.zz/myapp


According to 
http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html I have 
to manipulate headers but as far as I remember there was something about 
ProxyPass and ProxyPassReverse. Are they only available to mod_proxy or 
mod_ajp?


I don't want the app to become ROOT since I have another app that should 
be running as ROOT. I thought about making seperat host's in server.xml 
but I dont like the fact that I need to restart tomcat each time I need 
to add a new host so I thought I might achieve want I want by letting 
apache httpd take care of that part.


Kind regards
Casper

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: mod_jk and URL rewriting/proxying?

[Caldarale, Charles R]

 From: Casper Wandahl Schmidt [mailto:kalle.pri...@gmail.com] 
 Subject: mod_jk and URL rewriting/proxying?

 I don't want the app to become ROOT since I have another app 
 that should be running as ROOT.

And how is that one accessed?  From what you described it sounds like you want 
the same URL to hit different webapps based on the mindset of the user.

 I dont like the fact that I need to restart tomcat each time I need 
 to add a new host

Restart not required; use the host-manager webapp to add them on the fly.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: mod_jk and URL rewriting/proxying?

[Casper Wandahl Schmidt]

Den 09-02-2012 19:36, Caldarale, Charles R skrev:

From: Casper Wandahl Schmidt [mailto:kalle.pri...@gmail.com]
Subject: mod_jk and URL rewriting/proxying?
I don't want the app to become ROOT since I have another app
that should be running as ROOT.

And how is that one accessed?  From what you described it sounds like you want 
the same URL to hit different webapps based on the mindset of the user.


Ha my bad. I use separate subdomains. Right now the localhost-host uses 
the default ROOT (the one shipped with Tomcat) but I plan to use another 
webapp later.



I dont like the fact that I need to restart tomcat each time I need
to add a new host

Restart not required; use the host-manager webapp to add them on the fly.

Nice, that will be the thing to do then :)

Thanks for the tip!


  - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: mod_jk and URL rewriting/proxying?

[Rainer Jung]

On 09.02.2012 19:07, Casper Wandahl Schmidt wrote:

Hi List

I have a quick question (I hope).

I'm using mod_jk to forward from Apache httpd 2.2.8 to tomcat 7.0.20
(Ubuntu 8.04). I think I saw something on this list some time ago but
can't remember what it was really about (the real issue was not want I
want to do).

So I want users to access my webapp from xxx.yyy.zz and then have
apache/mod_jk to change it to xxx.yyy.zz/myapp

According to
http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html I have
to manipulate headers but as far as I remember there was something about
ProxyPass and ProxyPassReverse. Are they only available to mod_proxy or
mod_ajp?


Yes, those can currently not be combined with mod_jk. Sorry.


I don't want the app to become ROOT since I have another app that should
be running as ROOT. I thought about making seperat host's in server.xml
but I dont like the fact that I need to restart tomcat each time I need
to add a new host so I thought I might achieve want I want by letting
apache httpd take care of that part.


You might want to look at the host-manager webapp.

Regards,

Rainer


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: mod_jk and URL rewriting/proxying?

[Jeffrey Janner]

 -Original Message-
 From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
 Sent: Thursday, February 09, 2012 12:36 PM
 To: Tomcat Users List
 Subject: RE: mod_jk and URL rewriting/proxying?
 
  From: Casper Wandahl Schmidt [mailto:kalle.pri...@gmail.com]
  Subject: mod_jk and URL rewriting/proxying?
 
  I don't want the app to become ROOT since I have another app
  that should be running as ROOT.
 
 And how is that one accessed?  From what you described it sounds like
 you want the same URL to hit different webapps based on the mindset of
 the user.
 
  I dont like the fact that I need to restart tomcat each time I need
  to add a new host
 
 Restart not required; use the host-manager webapp to add them on the
 fly.
 
  - Chuck
 
Chuck -
Does the host-manager persist changes now, or is it still running changes only?
That is, does one still have to modify the server.xml if we want new hosts to 
be there the next time we restart tomcat?
Jeff
__

Confidentiality Notice:  This Transmission (including any attachments) may 
contain information that is privileged, confidential, and exempt from 
disclosure under applicable law.  If the reader of this message is not the 
intended recipient you are hereby notified that any dissemination, 
distribution, or copying of this communication is strictly prohibited.  

If you have received this transmission in error, please immediately reply to 
the sender or telephone (512) 343-9100 and delete this transmission from your 
system.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: mod_jk and URL rewriting/proxying?

[Caldarale, Charles R]

 From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] 
 Subject: RE: mod_jk and URL rewriting/proxying?

 does one still have to modify the server.xml if we want new hosts 
 to be there the next time we restart tomcat?

A brief scan of the code indicates that you will have to maintain server.xml 
yourself.  All I could see was code that manipulates the active objects; 
nothing seems to be persisted.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: mod_jk and URL rewriting/proxying?

[Mark Thomas]

On 09/02/2012 20:18, Caldarale, Charles R wrote:
 From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] Subject:
 RE: mod_jk and URL rewriting/proxying?
 
 does one still have to modify the server.xml if we want new hosts 
 to be there the next time we restart tomcat?
 
 A brief scan of the code indicates that you will have to maintain
 server.xml yourself.  All I could see was code that manipulates the
 active objects; nothing seems to be persisted.

Correct. There was some code that tried to do this back in 5.5.x but it
was buggy, not maintained and therefore got dropped.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: mod_jk and URL rewriting/proxying?

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Casper,

On 2/9/12 1:43 PM, Casper Wandahl Schmidt wrote:
 Den 09-02-2012 19:36, Caldarale, Charles R skrev:
 From: Casper Wandahl Schmidt [mailto:kalle.pri...@gmail.com] 
 Subject: mod_jk and URL rewriting/proxying? I don't want the
 app to become ROOT since I have another app that should be
 running as ROOT.
 And how is that one accessed?  From what you described it sounds
 like you want the same URL to hit different webapps based on the
 mindset of the user.
 
 Ha my bad. I use separate subdomains. Right now the localhost-host
 uses the default ROOT (the one shipped with Tomcat) but I plan to
 use another webapp later.
 
 I dont like the fact that I need to restart tomcat each time I
 need to add a new host
 Restart not required; use the host-manager webapp to add them on
 the fly.
 
 Nice, that will be the thing to do then :)
 
 Thanks for the tip!

IIRC, the host-manager won't save the server.xml back to disk, so
you'll have to remember to update your server.xml whenever you want to
hot-deploy a new domain name, anyway.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk80NH0ACgkQ9CaO5/Lv0PAOYACeOE6TRto+xkg05iMtKiOUcyvP
FSUAnROQ2VOQT+GxkHMV1nYwaIdjOD+d
=3Kim
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: mod_jk and URL rewriting/proxying?

[Casper Wandahl Schmidt]

Den 09-02-2012 22:02, Christopher Schultz skrev:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Casper,

On 2/9/12 1:43 PM, Casper Wandahl Schmidt wrote:

Den 09-02-2012 19:36, Caldarale, Charles R skrev:

From: Casper Wandahl Schmidt [mailto:kalle.pri...@gmail.com]
Subject: mod_jk and URL rewriting/proxying? I don't want the
app to become ROOT since I have another app that should be
running as ROOT.

And how is that one accessed?  From what you described it sounds
like you want the same URL to hit different webapps based on the
mindset of the user.

Ha my bad. I use separate subdomains. Right now the localhost-host
uses the default ROOT (the one shipped with Tomcat) but I plan to
use another webapp later.

I dont like the fact that I need to restart tomcat each time I
need to add a new host

Restart not required; use the host-manager webapp to add them on
the fly.

Nice, that will be the thing to do then :)

Thanks for the tip!

IIRC, the host-manager won't save the server.xml back to disk, so
you'll have to remember to update your server.xml whenever you want to
hot-deploy a new domain name, anyway.
Well at least I don't have to restart tomcat for the changes to take 
effect :) Maybe I would take some time to look at how tomcat reads from 
server.xml and how the host-manager works and perhaps find a way to 
persist the changes :) Any clues as to where to look for that part of 
the code?


Casper


- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk80NH0ACgkQ9CaO5/Lv0PAOYACeOE6TRto+xkg05iMtKiOUcyvP
FSUAnROQ2VOQT+GxkHMV1nYwaIdjOD+d
=3Kim
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Changing url rewriting behaviour (';jsessionid')

[Daniel Henrique Alves Lima]

Hi, everybody. First of all: I'm sorry for my poor English.

Is it possible to change url rewriting schema to use a different path
separator (instead of ';') or even to use a request parameter (instead
of a path append) ?
The problem:

- I'm using OpenOffice API to convert (on the fly) some html pages from
our webapp;
- I need to convert resources from protected paths;
- OpenOffice don't support cookies so i must use url rewriting, BUT
OpenOffice does not seem to like the appended path ';sessionid'.

I cannot use a simple servlet filter because Tomcat is doing
authentication/authorization (declarative security).

Can i implement a Valve to change request path (from a request
parameter to ;jsessionid) before authentication/authorization is
performed ? Can this Valve change paths inside redirect headers and html
bodies ? Is there any other way (simpler) of doing this communication
between OpenOffice and Tomcat works ?


The thread in ooffice forum:
http://www.oooforum.org/forum/viewtopic.phtml?t=85789


Thanks in advance !



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[Ken Bowen]

You can use
   http://tuckey.org/urlrewrite/
to do your rewriting.   Lots of people on the list recommend it.

On Jun 29, 2009, at 3:16 PM, Daniel Henrique Alves Lima wrote:


Hi, everybody. First of all: I'm sorry for my poor English.

Is it possible to change url rewriting schema to use a different path
separator (instead of ';') or even to use a request parameter (instead
of a path append) ?
The problem:

	- I'm using OpenOffice API to convert (on the fly) some html pages  
from

our webapp;
- I need to convert resources from protected paths;
- OpenOffice don't support cookies so i must use url rewriting, BUT
OpenOffice does not seem to like the appended path ';sessionid'.

I cannot use a simple servlet filter because Tomcat is doing
authentication/authorization (declarative security).

Can i implement a Valve to change request path (from a request
parameter to ;jsessionid) before authentication/authorization is
performed ? Can this Valve change paths inside redirect headers and  
html

bodies ? Is there any other way (simpler) of doing this communication
between OpenOffice and Tomcat works ?


The thread in ooffice forum:
http://www.oooforum.org/forum/viewtopic.phtml?t=85789


Thanks in advance !



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Daniel,

On 6/29/2009 3:16 PM, Daniel Henrique Alves Lima wrote:
   Hi, everybody. First of all: I'm sorry for my poor English.

Your English is quite good!

   Is it possible to change url rewriting schema to use a different path
 separator (instead of ';') or even to use a request parameter (instead
 of a path append) ?

Are you trying to change the URLs that are emitted in the HTML your
application generates?


   The problem:
 
   - I'm using OpenOffice API to convert (on the fly) some html pages from
 our webapp;
   - I need to convert resources from protected paths;
   - OpenOffice don't support cookies so i must use url rewriting, BUT
 OpenOffice does not seem to like the appended path ';sessionid'.

So, you have written a simple client to:

1. Download a page
2. Convert that page
3. Follow links and go back to step #1

??

If yes, then you will have to capture the session id somehow, so you can
send it back to the server when you request additional pages. Without
cookies or the ;jsessionid parameter, how will you know what the session
id is?

   I cannot use a simple servlet filter because Tomcat is doing
 authentication/authorization (declarative security).

If you are just trying to remove the ;jsessionid=... from the URL,
then the use of authentication is not relevant /after/ the login page is
shown.

   Can i implement a Valve to change request path (from a request
 parameter to ;jsessionid) before authentication/authorization is
 performed ?

I don't think you want to change the /incoming/ request, do you?

 Can this Valve change paths inside redirect headers and html
 bodies ? Is there any other way (simpler) of doing this communication
 between OpenOffice and Tomcat works ?

Okay, so it sounds like you want to either remove or change the way that
the session id is encoded in URLs.  This can be done by overriding the
response's encodeURL and encodeRedirectURL methods using a filter:

public class JSessionIdParameterMungingFilter
implements javas.servlet.Filter
{
public void doFilter(ServletRequest req,
 ServletResponse rsp,
 FilterChain chain)
{
if(shouldWrap(req)
rsp instanceof HttpServletResponse
((HttpServletRequest)req).isRequestedSessionIdFromCookie())
rsp = new ResponseWrapper((HttpServletRequest)req,
  (HttpServletResponse)rsp);

chain.doFilter(req, rsp);
}

public boolean shouldWrap(ServletRequest req)
{
// Here is where you decide if you want to turn on this
// jsessionid munging. I have chosen to use a URL parameter
// munge_jsessionid as a trigger

return
true.equalsIgnoreCase(request.getParameter(munge_jsessionid));
}

static class ResponseWrapper
extends javax.servlet.http.HttpServletResponseWrapper
{
private HttpServletRequest _request;

public ResponseWrapper(HttpServletRequest req,
   HttpServletResponse rsp)
{
super(rsp);

_request = req;
}

public String encodeURL(String url)
{
if(url.contains(?))
url += jsessionid= + _request.getSessionId();
else
url += ?jsessionid= + _request.getSessionId();

return url;
}
}
}

I haven't even checked to see if this filter compiles, but the concept
is pretty clear: you change the way the jsessionid parameter is encoded
from using a ; to using ? or .

   The thread in ooffice forum:
 http://www.oooforum.org/forum/viewtopic.phtml?t=85789

The user Villeroy on this thread is correct when he announces his own
ignorance: ';' is a perfectly acceptable parameter delimiter for a URL.
This is a bug in the URL-handling library for OOo. Can you use
HttpURLConnection directly? I do not believe it has this limitation.

Can you post the code you have written using the OOo API? Is there any
particular reason you are using OOo instead of plain-old Java?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpJIM0ACgkQ9CaO5/Lv0PC+VACfXTVWWcuI+YQghiW2KAbGLxFS
awkAnA9UKdzMWxRLh4kDbIAxyvQvwLgX
=/oIx
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[Daniel Henrique Alves Lima]

On Mon, 2009-06-29 at 16:15 -0400, Christopher Schultz wrote:

Hi, Chris !

 
 Are you trying to change the URLs that are emitted in the HTML your
 application generates?

Yes and no. Declarative security will only work if tomcat recognizes
jsession id (either coming encoded in requested URL or set in JSESSIONID
cookie). Without cookie support, authentication mechanism will be called
for every request (one for the html/jsp page and many others for the
referenced resources like images, js scripts and etc).

If i only change URLs generated by our webapp (for instance from
'/index.jsp;jsessionid=ABC' to '/index.jspjsessionid='ABC'), i THINK
that ooffice will successfully send requests to Tomcat, but the
container will can't infer jsession id and it will redirect to login
page.


 
 So, you have written a simple client to:
 
 1. Download a page
 2. Convert that page
 3. Follow links and go back to step #1

OOffice do the work. I just need to call load document :-)

 
 ??
 
 If yes, then you will have to capture the session id somehow, so you can
 send it back to the server when you request additional pages. Without
 cookies or the ;jsessionid parameter, how will you know what the session
 id is?

It's a feature to convert html reports to pdf:

1. Authenticated user fill a form and click a button;
2. On the server side, we
- Capture session id using HttpSession.getId();
- Execute load document (ooffice) using url with encoded 
jsessionid
(for instance,
http://localhost:8080/path/generate_report;jsessionid=ABC?a=12b=1 )
- Execute export document to pdf (ooffice);
- Close document (oofice);
- Change the response content type to pdf and copy bytes from 
local
file to response file.

There are some cache mechanisms of course ;-).


 If you are just trying to remove the ;jsessionid=... from the URL,
 then the use of authentication is not relevant /after/ the login page is
 shown.

I cannot expect the login page or ooffice will render the login page
instead of the report page.

 
 I don't think you want to change the /incoming/ request, do you?

Yes, i want :-)

Take a look at this access log from tomcat:

[29/Jun/2009:17:49:02 -0300] /path/index.jsp 200
2E9DE25E06EFEF475619B60647249809 GET /path/index.jsp HTTP/1.0
[29/Jun/2009:17:50:31 -0300] /path/index.jsp%3Bjsessionid=ABC 200  -
OPTIONS /path/index.jsp%3Bjsessionid=ABC HTTP/1.1
[29/Jun/2009:17:50:31 -0300] /path/index.jsp%3Bjsessionid=ABC 404  -
GET /path/index.jsp%3Bjsessionid=ABC HTTP/1.1


The first line is a successfully wget. The other two lines are
unsuccessfully ooffice. It seems that ooffice is escaping the
requested path :-(

I was thinking in a Valve to receive a 'jsessionid=' and change to
';jsessionid=' before the processing of authentication/authorization
mechanism. But i don't know if this is possible.
I'll have to fix redirect response headers or...


 
 Okay, so it sounds like you want to either remove or change the way that
 the session id is encoded in URLs.  This can be done by overriding the
 response's encodeURL and encodeRedirectURL methods using a filter:

This is another part of the job: Generated URLs will use 'jsession'
sintax instead of ';jsession' so they can make ooffice  happy ;-)

 The user Villeroy on this thread is correct when he announces his own
 ignorance: ';' is a perfectly acceptable parameter delimiter for a URL.
 This is a bug in the URL-handling library for OOo. Can you use
 HttpURLConnection directly? I do not believe it has this limitation.

I need ooffice to convert the reports.


Thanks in advance !

-- 
If there must be trouble, let it be in my day, 
 that my child may have peace.

Thomas Paine


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[André Warnier]

Daniel Henrique Alves Lima wrote:
...
Hi.
If I understand what you are trying to do :
1) a client enters your application, authenticates, navigates, and 
displays a result html page.

2) on this page, is a button that says get this page as PDF
3) the client clicks on that button, and is supposed to receive the same 
page, but this time as a PDF.
4) At the server side, you want to use OOo to create the PDF version 
from the html page
5) and OOo is capable, given a URL, to retrieve this page, and then 
given appropriate commands, to return a PDF version of the page.
6) But OOo has trouble with the jsessionid part of the URL, although 
it needs it in order to retrieve the page on behalf of the client.

Right ?

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[Daniel Henrique Alves Lima]

I've some few alternatives:

1. Use a Java Web Proxy to convert requests and responses between
ooffice and Tomcat;
2. Use a Java crawler (spider/mirror tool) to make the first request,
generate local files and then call oo.

I was just wondering if was easier to modify/specialize tomcat behavior
than my previous alternatives.



On Mon, 2009-06-29 at 19:24 -0300, Daniel Henrique Alves Lima wrote:
 Yes !
 
 Now imagine my frustration with ooffice escaping a ';' :-(
 
 Browser, wget and other applications seems to work ok with URL encoded
 jsessionid.
 
 
 On Tue, 2009-06-30 at 00:00 +0200, André Warnier wrote:
  Daniel Henrique Alves Lima wrote:
  ...
  Hi.
  If I understand what you are trying to do :
  1) a client enters your application, authenticates, navigates, and 
  displays a result html page.
  2) on this page, is a button that says get this page as PDF
  3) the client clicks on that button, and is supposed to receive the same 
  page, but this time as a PDF.
  4) At the server side, you want to use OOo to create the PDF version 
  from the html page
  5) and OOo is capable, given a URL, to retrieve this page, and then 
  given appropriate commands, to return a PDF version of the page.
  6) But OOo has trouble with the jsessionid part of the URL, although 
  it needs it in order to retrieve the page on behalf of the client.
  Right ?
  
  -
  To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
  For additional commands, e-mail: users-h...@tomcat.apache.org
  



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[Daniel Henrique Alves Lima]

Yes !

Now imagine my frustration with ooffice escaping a ';' :-(

Browser, wget and other applications seems to work ok with URL encoded
jsessionid.


On Tue, 2009-06-30 at 00:00 +0200, André Warnier wrote:
 Daniel Henrique Alves Lima wrote:
 ...
 Hi.
 If I understand what you are trying to do :
 1) a client enters your application, authenticates, navigates, and 
 displays a result html page.
 2) on this page, is a button that says get this page as PDF
 3) the client clicks on that button, and is supposed to receive the same 
 page, but this time as a PDF.
 4) At the server side, you want to use OOo to create the PDF version 
 from the html page
 5) and OOo is capable, given a URL, to retrieve this page, and then 
 given appropriate commands, to return a PDF version of the page.
 6) But OOo has trouble with the jsessionid part of the URL, although 
 it needs it in order to retrieve the page on behalf of the client.
 Right ?
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
-- 
If there must be trouble, let it be in my day, 
 that my child may have peace.

Thomas Paine


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[André Warnier]

Daniel Henrique Alves Lima wrote:

Yes !

Now imagine my frustration with ooffice escaping a ';' :-(

Browser, wget and other applications seems to work ok with URL encoded
jsessionid.


On Tue, 2009-06-30 at 00:00 +0200, André Warnier wrote:

Daniel Henrique Alves Lima wrote:
...
Hi.
If I understand what you are trying to do :
1) a client enters your application, authenticates, navigates, and 
displays a result html page.

2) on this page, is a button that says get this page as PDF
3) the client clicks on that button, and is supposed to receive the same 
page, but this time as a PDF.
4) At the server side, you want to use OOo to create the PDF version 
from the html page
5) and OOo is capable, given a URL, to retrieve this page, and then 
given appropriate commands, to return a PDF version of the page.
6) But OOo has trouble with the jsessionid part of the URL, although 
it needs it in order to retrieve the page on behalf of the client.

Right ?

Ok then, let me suggest maybe another architecture, a bit different, but 
where you might not have that problem.

I will just propose the general outline.

7) the PDF button on the page, points to the same URL as the one by 
which the page was retrieved, plus an additional query parameter. For 
example : http://the original page URL...?p1=v1p2=v2fmt=PDF.

(You could even generate that on-the-fly using some javascript)
8) you create a servlet filter around your webapp.
This servlet filter, on the way in, picks up the additional parameter. 
If it is not there, it does nothing and the request is processed as 
usual, giving a html result page.
If the additional parameter is there, the filter sets a flag (for 
example, request.setAttribute(x))
9) the request is processed as normally by your webapp, generating the 
html response
10) on the way out, the filter intercepts the response.  If the flag is 
not set, it does nothing and lets the html response through.

If the flag is set, it does something totally different.
11) the filter captures the html output, and writes it to a local 
temporary file. Then it calls OOo /on this file/, and asks for a PDF 
version.  Then it picks up the PDF version, and returns this as a 
response, instead of the original.

(and deletes the temporary files).

This way, OOo never has to deal with a URL, and thus also not with the 
jsessionid.


You may want to have a look at this :
http://code.google.com/p/jodconverter/
(I use that one in another context - not Tomcat - and it works fine)

You may also have a look at htmldoc, as an alternative to OOo to 
generate PDF from html.



M.  I'm thinking of a problem : if your pages contains links to 
embedded objects (like images etc..).


In that case it may be better if your PDF button points to another 
webapp, passing the original URL as a parameter. This webapp would use 
wget to retrieve the original page and its embedded content, rewriting 
the embedded URLs appropriately (it can do that), and then call OOo on 
the html file.



One other issue bothers me a bit in all this : surely, you are not going 
to load OOo for each request, just to process one response page.
So you will have to start OOo in server mode, and talk to it through 
it's UNO interface.  But how does it handle multiple concurrent requests ?


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[André Warnier]

Daniel Henrique Alves Lima wrote:

I've some few alternatives:

1. Use a Java Web Proxy to convert requests and responses between
ooffice and Tomcat;

Or use a httpd front-end..


2. Use a Java crawler (spider/mirror tool) to make the first request,
generate local files and then call oo.


This only works if the pages are not specific to the client user who 
logs in.

It would not work if the page is Show my current bonus.



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[Daniel Henrique Alves Lima]

On Tue, 2009-06-30 at 00:52 +0200, André Warnier wrote:


Hi, Andre !

 11) the filter captures the html output, and writes it to a local 
 temporary file. Then it calls OOo /on this file/, and asks for a PDF 
 version.  Then it picks up the PDF version, and returns this as a 
 response, instead of the original.
 (and deletes the temporary files).

I've used this approach once. But at that time, we only need the html
source. Now i need the html source and all the referenced resources
(images, csss, jss and another servlets/jsps).


 
 You may want to have a look at this :
 http://code.google.com/p/jodconverter/
 (I use that one in another context - not Tomcat - and it works fine)

I'll look. Thanks.

 
 You may also have a look at htmldoc, as an alternative to OOo to 
 generate PDF from html.
 
 
 M.  I'm thinking of a problem : if your pages contains links to 
 embedded objects (like images etc..).

Yes, that is the problem.

 
 In that case it may be better if your PDF button points to another 
 webapp, passing the original URL as a parameter. This webapp would use 
 wget

I could use wget directly from a non protected servlet. But i'll prefer
a java crawler (is there any port of wget to Java ?) because other
developers use Microsoft Windows :-(

 
 
 One other issue bothers me a bit in all this : surely, you are not going 
 to load OOo for each request, just to process one response page.
 So you will have to start OOo in server mode, and talk to it through 
 it's UNO interface.  But how does it handle multiple concurrent requests ?

It doesn't. You have two alternatives: 

1. Init just once oo server and serialize the access to it (throw a
linked list of task or something like that);
2. Init a pool of oo servers (each one in a different port) and run
each task in a different server.

We already use oo in another part of our application and it works fine.
The ideal, i think, is avoid to perform a lot of transformations online
and cache generated files as much as possible.

Thanks !



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[Daniel Henrique Alves Lima]

On Tue, 2009-06-30 at 01:02 +0200, André Warnier wrote:
 Daniel Henrique Alves Lima wrote:
  
  1. Use a Java Web Proxy to convert requests and responses between
  ooffice and Tomcat;
 Or use a httpd front-end..
 

Yes. But i don't need this request-response magic all the time. I just
need this to make oo happy :-)


  2. Use a Java crawler (spider/mirror tool) to make the first request,
  generate local files and then call oo.
 
 This only works if the pages are not specific to the client user who 
 logs in.
 It would not work if the page is Show my current bonus.

But i'll invoke the crawler specifying ';jsessionid='. With this, it
will execute as the source client.



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[Bill Barker]

Daniel Henrique Alves Lima email_danie...@yahoo.com.br wrote in message 
news:1246314288.10803.6.ca...@magnaopus.no-ip.biz...
 Yes !

 Now imagine my frustration with ooffice escaping a ';' :-(

 Browser, wget and other applications seems to work ok with URL encoded
 jsessionid.


The custom valve isn't that complicated (but of course, it ties you to 
Tomcat, and may need to be updated when you change from major releases).  It 
would probably look something like:

public class MySessionValve extends ValveBase {

  public void invoke(Request request, Response response)
  throws IOException, ServletException {
   String sessionID = getSessionId(request);
   if(sessionID != null) {
request.setRequestedSessionId(sessionID);
   }
   getNext().invoke(request, response);
  }

  private String getSessionId(Request request) {
 // Logic to extract the sessionID from the request here
  }
}

On all supported versions of Tomcat, this will be invoked before 
authentication (or at least if you don't make major changes to the 
configuration).

If this was my project, I'd probably take the big one-time pain of creating 
a Tag to decide how to encode links (based on user-agent or otherwise) and 
change all my pages to use it.  Otherwise, a Filter that wraps the response 
and overrides getWriter is probably easier than trying to wrap the TC 
internal Response.


 On Tue, 2009-06-30 at 00:00 +0200, André Warnier wrote:
 Daniel Henrique Alves Lima wrote:
 ...
 Hi.
 If I understand what you are trying to do :
 1) a client enters your application, authenticates, navigates, and
 displays a result html page.
 2) on this page, is a button that says get this page as PDF
 3) the client clicks on that button, and is supposed to receive the same
 page, but this time as a PDF.
 4) At the server side, you want to use OOo to create the PDF version
 from the html page
 5) and OOo is capable, given a URL, to retrieve this page, and then
 given appropriate commands, to return a PDF version of the page.
 6) But OOo has trouble with the jsessionid part of the URL, although
 it needs it in order to retrieve the page on behalf of the client.
 Right ?

 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

 -- 
 If there must be trouble, let it be in my day,
 that my child may have peace.

 Thomas Paine 




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Changing url rewriting behaviour (';jsessionid')

[Daniel Henrique Alves Lima]

First of all: Thanks (Christopher, Andre, Bill and everybody) !

The complete solution is compound of 3 parts:

1. The Valve to process jsessionid (just a piece of the source code)

if (!request.isRequestedSessionIdFromCookie()) {
String jsessionid = request.getParameter(jsessionid);
if (jsessionid != null  
request.getRequestedSessionId() == null) {
request.setRequestedSessionId(jsessionid);
request.setRequestedSessionURL(true);
}
}

Valve nextValve = getNext();
if (nextValve != null) {
nextValve.invoke(request, response);
}

I've configured this Valve in Tomcat specific webapp deployment 
descriptor (context.xml)


2. The Servlet Filter to overwrite URL encoding (just a piece)

HttpServletRequest request = (HttpServletRequest) aRequest;

String jsessionid = request.getParameter(jsessionid);
String sessionId = request.getRequestedSessionId();
if (request.isRequestedSessionIdFromURL()  jsessionid != null
 jsessionid.equals(sessionId)) {
aResponse = new HttpServletResponseWrapper((HttpServletResponse) 
aResponse) {

@Override
public String encodeRedirectURL(String url) {
return this.encodeURLImpl(super.encodeRedirectURL(url));
}

private String encodeURLImpl(String url) {
StringBuilder newURL = new StringBuilder(url);
final String searchString = ;jsessionid=;
int i = newURL.indexOf(searchString);
if (i = 0) {
int j = newURL.indexOf(?, i);
newURL.replace(i, i + 1, ?);
if (j = 0) {
newURL.replace(j, j + 1, );
}
}

return newURL.toString();
}


3. Tag libraries to handle url encoding properly

This was the easy part. We're using the grandpa of all Java web MVC 
frameworks: Struts 1.x :-)
So i've just used 'html:' tags and the magic is done !


Now OO is happy and i (really) need to sleep.


Thanks !





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: No URL rewriting when cookies are disabled

[nlif]

Yep, that was it exactly... I've been spoiled by frameworks :)
I did some experimentation myself, and dug a little in framework code, and
indeed, this has been taken care for me in the past, and I assumed it's done
by Tomcat (or any servlet container, for that matter), but it isn't.

Thanks,
Naaman



Christopher Schultz-2 wrote:
 
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 André,
 
 André Warnier wrote:
 Actually, I was just perusing a page in the Tomcat 6 docs :
 http://tomcat.apache.org/tomcat-6.0-doc/config/context.html
 
 and it actually says, for the cookies attribute :
 Set to true if you want cookies to be used for session identifier
 communication if supported by the client (this is the default). Set to
 false if you want to disable the use of cookies for session identifier
 communication, and rely only on URL rewriting *by the application*.
 
 André has the answer right here (though without details).
 
 In order to get your application to rewrite URLs, you need to pass every
 single outgoing URL through the HttpServletResponse.encodeURL method (or
 HttpServletResponse.encodeRedirectURL if you are using a redirect).
 
 I've found that this is detail is often overlooked in web applications.
 Most JSP tag libraries and things like that do this transparently, so
 you may not have even been aware that it was a requirement.
 
 Good luck reviewing all that code ;)
 
 - -chris
 
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.9 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
 
 iEYEARECAAYFAkmLdjcACgkQ9CaO5/Lv0PD8cQCeKvrnDjZvNJTrXCcXuzOKUeSt
 +2YAoKYSCgXVEzLMhSFFk309g0OhO8kP
 =SKW6
 -END PGP SIGNATURE-
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
 
 

-- 
View this message in context: 
http://www.nabble.com/No-URL-rewriting-when-cookies-are-disabled-tp21854081p21896827.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: No URL rewriting when cookies are disabled

[André Warnier]

nlif wrote:

Hi all,

I am using Tomcat 6.0.18, with Firefox 3.0.6.
I have a simple servlet, which calls request.getSession(true), and expects
to create a session only on the first request, and resume an existing
session on all subsequent requests. As far as I know, according to the
servlet-spec, servlet containers (e.g. Tomcat), should automatically
fallback to URL rewriting (i.e. adding the jsessionid parameter to the url)
when the browser refuses to accept cookies.

This works fine with cookies enabled, however, as soon as I disable cookies
in my browser, a new session is created for each request, and the jsessionid
is not appended to the URL.

Shouldn't this work by default?
(I know I can modify the application code to handle this, but I assumed this
is not necessary.)


Actually, I was just perusing a page in the Tomcat 6 docs :
http://tomcat.apache.org/tomcat-6.0-doc/config/context.html

and it actually says, for the cookies attribute :
Set to true if you want cookies to be used for session identifier 
communication if supported by the client (this is the default). Set to 
false if you want to disable the use of cookies for session identifier 
communication, and rely only on URL rewriting *by the application*.


(emphasis is mine)
That sounds to me as, if you want to use URL-rewriting, you have to do 
it explicitly in the application.





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: No URL rewriting when cookies are disabled

[Gregor Schneider]

It's a known bug in Tomcat, if I'm not mistaken:

https://issues.apache.org/bugzilla/show_bug.cgi?id=43839

Rgds

Gregor
-- 
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: No URL rewriting when cookies are disabled

[Caldarale, Charles R]

 From: Gregor Schneider [mailto:rc4...@googlemail.com]
 Subject: Re: No URL rewriting when cookies are disabled

 It's a known bug in Tomcat, if I'm not mistaken:
 https://issues.apache.org/bugzilla/show_bug.cgi?id=43839

That bug was fixed over a year ago, and the fix is in the version the OP is 
running.

As Andre said, it's up to the code in the webapp to call the appropriate 
methods to rewrite URLs.

If you don't want to change your code, you may be able to use this:
http://tuckey.org/

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: No URL rewriting when cookies are disabled

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

André,

André Warnier wrote:
 Actually, I was just perusing a page in the Tomcat 6 docs :
 http://tomcat.apache.org/tomcat-6.0-doc/config/context.html
 
 and it actually says, for the cookies attribute :
 Set to true if you want cookies to be used for session identifier
 communication if supported by the client (this is the default). Set to
 false if you want to disable the use of cookies for session identifier
 communication, and rely only on URL rewriting *by the application*.

André has the answer right here (though without details).

In order to get your application to rewrite URLs, you need to pass every
single outgoing URL through the HttpServletResponse.encodeURL method (or
HttpServletResponse.encodeRedirectURL if you are using a redirect).

I've found that this is detail is often overlooked in web applications.
Most JSP tag libraries and things like that do this transparently, so
you may not have even been aware that it was a requirement.

Good luck reviewing all that code ;)

- -chris

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmLdjcACgkQ9CaO5/Lv0PD8cQCeKvrnDjZvNJTrXCcXuzOKUeSt
+2YAoKYSCgXVEzLMhSFFk309g0OhO8kP
=SKW6
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: No URL rewriting when cookies are disabled

[Robert Koberg]

Hi,

Pimping the JSP XML syntax and XSL... :)

If, by any chance your JSPs are using XML syntax (or well-formed or  
can be well-formed), you can use XSL to transform all of your links to  
be encoded for cookie-less users.


For example, the following JSP:

jsp:root xmlns:jsp=http://java.sun.com/JSP/Page; xmlns:c=http://java.sun.com/jsp/jstl/core 
 version=2.0

  jsp:output
omit-xml-declaration=yes
doctype-root-element=html
doctype-system=http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd 


doctype-public=-//W3C//DTD XHTML 1.0 Transitional//EN/
  jsp:directive.page session=false contentType=text/ 
html;charset=UTF-8 pageEncoding=UTF-8/

  html xmlns=http://www.w3.org/1999/xhtml;
head
  titlefoo/title
/head
body
  pblah blah a href=foo.jsp?id=${obj.id}amp;foo=bar  
class=foofoo/a blah./p

/body
  /html
/jsp:root

can use the following XSL to transform it:

?xml version=1.0 encoding=UTF-8?
xsl:stylesheet
  xmlns:xsl=http://www.w3.org/1999/XSL/Transform;
  version=2.0
  xmlns:x=http://www.w3.org/1999/xhtml;
  xmlns:c=http://java.sun.com/jsp/jstl/core;
  exclude-result-prefixes=x

  xsl:strip-space elements=*/
  xsl:output method=xhtml /

  xsl:template match=@*|node()
xsl:copy
  xsl:apply-templates select=@*|node()/
/xsl:copy
  /xsl:template

  xsl:template match=x:a...@href]
c:url var=uri value={substring-before(@href, '?')}
  xsl:if test=contains(@href, '?')
xsl:variable name=querystring select=substring- 
after(@href, '?')/
xsl:variable name=params select=tokenize($querystring,  
'amp;')/

xsl:for-each select=$params
  xsl:variable name=param select=tokenize(., '=')/
  c:param name={$param[1]} value={$param[2]} /
/xsl:for-each
  /xsl:if
/c:url
xsl:copy
  xsl:copy-of select=@* except @href/
  xsl:attribute name=href${uri}/xsl:attribute
  xsl:apply-templates/
/xsl:copy
  /xsl:template

/xsl:stylesheet

to create:

?xml version=1.0 encoding=UTF-8?jsp:root xmlns:jsp=http://java.sun.com/JSP/Page 
 xmlns:c=http://java.sun.com/jsp/jstl/core; version=2.0
  jsp:output omit-xml-declaration=yes doctype-root-element=html  
doctype-system=http://www.w3.org/TR/xhtml1/DTD/xhtml1- 
transitional.dtd doctype-public=-//W3C//DTD XHTML 1.0 Transitional// 
EN/jsp:output
  jsp:directive.page session=false contentType=text/ 
html;charset=UTF-8 pageEncoding=UTF-8/jsp:directive.page

  html xmlns=http://www.w3.org/1999/xhtml;
head
  meta http-equiv=Content-Type content=text/html;  
charset=UTF-8 /

  titlefoo/title
/head
body
  pblah blah
c:url var=uri value=/foo.jsp
  c:param name=id value=${obj.id}/c:param
  c:param name=foo value=bar/c:param
/c:urla class=foo href=${uri}foo/a blah.
  /p
/body
  /html
/jsp:root

best,
-Rob


On Feb 5, 2009, at 6:28 PM, Christopher Schultz wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

André,

André Warnier wrote:

Actually, I was just perusing a page in the Tomcat 6 docs :
http://tomcat.apache.org/tomcat-6.0-doc/config/context.html

and it actually says, for the cookies attribute :
Set to true if you want cookies to be used for session identifier
communication if supported by the client (this is the default). Set  
to
false if you want to disable the use of cookies for session  
identifier

communication, and rely only on URL rewriting *by the application*.


André has the answer right here (though without details).

In order to get your application to rewrite URLs, you need to pass  
every
single outgoing URL through the HttpServletResponse.encodeURL method  
(or

HttpServletResponse.encodeRedirectURL if you are using a redirect).

I've found that this is detail is often overlooked in web  
applications.

Most JSP tag libraries and things like that do this transparently, so
you may not have even been aware that it was a requirement.

Good luck reviewing all that code ;)

- -chris

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmLdjcACgkQ9CaO5/Lv0PD8cQCeKvrnDjZvNJTrXCcXuzOKUeSt
+2YAoKYSCgXVEzLMhSFFk309g0OhO8kP
=SKW6
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

How to disable tomcat url rewriting

[田标]

Hi all,

I'm now using tomcat6.0 as my app server. Then how can I disable tomcat's
url rewriting forcely? I've tried several ways, eg. put a context.xml in
folder META-INF with the following content:
?xml version='1.0' encoding='UTF-8'?
Context path='/app' cookies='true'
  !-- other settings --
/Context

But seems it does not work.
Any suggestion would be appreciated.

Thanks.

RE: How to disable tomcat url rewriting

[Caldarale, Charles R]

 From: 田标 [mailto:[EMAIL PROTECTED]
 Subject: How to disable tomcat url rewriting

 Then how can I disable tomcat's url rewriting forcely?

What do you mean by tomcat's url rewriting?  Are you referring to appending 
JSESSIONID to any URLs returned?  This thread discusses some alternatives:
http://marc.info/?l=tomcat-userm=119341677911292w=2

 ?xml version='1.0' encoding='UTF-8'?
 Context path='/app' cookies='true'
   !-- other settings --
 /Context

By the way, the path attribute is not allowed here, so remove that, and cookies 
are enabled by default, so that's not needed either.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

mod_jk and url rewriting+forwarding

[Melanie Pfefer]

hi,

I want to forward
http://proxy/gqaf:soi:PAR:TRE:001 (proxy is an
apache) to
http://backend:8080/gqaf-web/gqaf:soi:PAR:TRE:001
(backend:8080 is a tomcat server)

I downloaded mod_jk and modified httpd.conf:

LoadModule jk_module modules/mod_jk.so
JkWorkersFile
/usr/local/apache224/conf/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel debug
JkMount /*TRE* MyWorker



and created workers.properties:

workers.java_home=/usr/local/java/jdk1.6.0_03/
ps=/
worker.list=MyWorker

worker.MyWorker.port=8080
worker.MyWorker.host=backend
worker.MyWorker.type=ajp13


From logs:

[Tue Apr 01 21:33:48.890 2008] [27044:1] [debug]
ajp_send_request::jk_ajp_common.c (1395): (MyWorker)
request body to send 0 - request body to resend 0
[Tue Apr 01 21:34:08.897 2008] [27044:1] [error]
ajp_connection_tcp_get_message::jk_ajp_common.c
(1004): (MyWorker) can't receive the response message
from tomcat, tomcat (172.21.26.218:8080) has forced a
connection close for socket 19
[Tue Apr 01 21:34:08.897 2008] [27044:1] [error]
ajp_get_reply::jk_ajp_common.c (1766): (MyWorker)
Tomcat is down or refused connection. No response has
been sent to the client (yet)
[Tue Apr 01 21:34:08.897 2008] [27044:1] [info]
ajp_service::jk_ajp_common.c (2186): (MyWorker)
sending request to tomcat failed (recoverable), 
(attempt=2)
[Tue Apr 01 21:34:08.897 2008] [27044:1] [error]
ajp_service::jk_ajp_common.c (2204): (MyWorker)
Connecting to tomcat failed. Tomcat is probably not
started or is listening on the wrong port
[Tue Apr 01 21:34:08.897 2008] [27044:1] [debug]
ajp_reset_endpoint::jk_ajp_common.c (691): (MyWorker)
resetting endpoint with sd = 4294967295 (socket
shutdown)
[Tue Apr 01 21:34:08.897 2008] [27044:1] [debug]
ajp_done::jk_ajp_common.c (2522): recycling connection
pool slot=0 for worker MyWorker
[Tue Apr 01 21:34:08.897 2008] [27044:1] [info]
jk_handler::mod_jk.c (2364): Service error=0 for
worker=MyWorker


I checked tomcat and it is up.

Any idea?
thanks


  __
Sent from Yahoo! Mail.
A Smarter Inbox http://uk.docs.yahoo.com/nowyoucan.html

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: mod_jk and url rewriting+forwarding

[David Smith]

mod_jk doesn't use the HTTP protocol.  It uses the AJP13 protocol.  
Unless you've done something unusual with your tomcat, the 8080 
connector will be talking HTTP, not AJP.  Default AJP port is usually 
8009, so try 'worker.MyWorker.port=8009' in your workers.properties 
file.  If you've changed the ajp connector's port config, then use that.


--David

Melanie Pfefer wrote:

hi,

I want to forward
http://proxy/gqaf:soi:PAR:TRE:001 (proxy is an
apache) to
http://backend:8080/gqaf-web/gqaf:soi:PAR:TRE:001
(backend:8080 is a tomcat server)

I downloaded mod_jk and modified httpd.conf:

LoadModule jk_module modules/mod_jk.so
JkWorkersFile
/usr/local/apache224/conf/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel debug
JkMount /*TRE* MyWorker



and created workers.properties:

workers.java_home=/usr/local/java/jdk1.6.0_03/
ps=/
worker.list=MyWorker

worker.MyWorker.port=8080
worker.MyWorker.host=backend
worker.MyWorker.type=ajp13


From logs:

[Tue Apr 01 21:33:48.890 2008] [27044:1] [debug]
ajp_send_request::jk_ajp_common.c (1395): (MyWorker)
request body to send 0 - request body to resend 0
[Tue Apr 01 21:34:08.897 2008] [27044:1] [error]
ajp_connection_tcp_get_message::jk_ajp_common.c
(1004): (MyWorker) can't receive the response message
from tomcat, tomcat (172.21.26.218:8080) has forced a
connection close for socket 19
[Tue Apr 01 21:34:08.897 2008] [27044:1] [error]
ajp_get_reply::jk_ajp_common.c (1766): (MyWorker)
Tomcat is down or refused connection. No response has
been sent to the client (yet)
[Tue Apr 01 21:34:08.897 2008] [27044:1] [info]
ajp_service::jk_ajp_common.c (2186): (MyWorker)
sending request to tomcat failed (recoverable), 
(attempt=2)

[Tue Apr 01 21:34:08.897 2008] [27044:1] [error]
ajp_service::jk_ajp_common.c (2204): (MyWorker)
Connecting to tomcat failed. Tomcat is probably not
started or is listening on the wrong port
[Tue Apr 01 21:34:08.897 2008] [27044:1] [debug]
ajp_reset_endpoint::jk_ajp_common.c (691): (MyWorker)
resetting endpoint with sd = 4294967295 (socket
shutdown)
[Tue Apr 01 21:34:08.897 2008] [27044:1] [debug]
ajp_done::jk_ajp_common.c (2522): recycling connection
pool slot=0 for worker MyWorker
[Tue Apr 01 21:34:08.897 2008] [27044:1] [info]
jk_handler::mod_jk.c (2364): Service error=0 for
worker=MyWorker


I checked tomcat and it is up.

Any idea?
thanks


  __
Sent from Yahoo! Mail.
A Smarter Inbox http://uk.docs.yahoo.com/nowyoucan.html

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

  



-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: mod_jk and url rewriting+forwarding

[Rainer Jung]

David Smith schrieb:
mod_jk doesn't use the HTTP protocol.  It uses the AJP13 protocol.  
Unless you've done something unusual with your tomcat, the 8080 
connector will be talking HTTP, not AJP.  Default AJP port is usually 
8009, so try 'worker.MyWorker.port=8009' in your workers.properties 
file.  If you've changed the ajp connector's port config, then use that.


--David


And additionally: if you need to change the URL path between the request 
to Apache httpd and to the backend (in your case it looks like you want 
to prepend /gqaf-web), add mod_rewrite to your config, define a 
RewriteRule that changes the URL as required and put the passthrough 
flag [PT] directly after the RewriteRule.


Regards,

Rainer


Melanie Pfefer wrote:

hi,

I want to forward
http://proxy/gqaf:soi:PAR:TRE:001 (proxy is an
apache) to
http://backend:8080/gqaf-web/gqaf:soi:PAR:TRE:001
(backend:8080 is a tomcat server)

I downloaded mod_jk and modified httpd.conf:

LoadModule jk_module modules/mod_jk.so
JkWorkersFile
/usr/local/apache224/conf/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel debug
JkMount /*TRE* MyWorker



and created workers.properties:

workers.java_home=/usr/local/java/jdk1.6.0_03/
ps=/
worker.list=MyWorker

worker.MyWorker.port=8080
worker.MyWorker.host=backend
worker.MyWorker.type=ajp13


From logs:

[Tue Apr 01 21:33:48.890 2008] [27044:1] [debug]
ajp_send_request::jk_ajp_common.c (1395): (MyWorker)
request body to send 0 - request body to resend 0
[Tue Apr 01 21:34:08.897 2008] [27044:1] [error]
ajp_connection_tcp_get_message::jk_ajp_common.c
(1004): (MyWorker) can't receive the response message
from tomcat, tomcat (172.21.26.218:8080) has forced a
connection close for socket 19
[Tue Apr 01 21:34:08.897 2008] [27044:1] [error]
ajp_get_reply::jk_ajp_common.c (1766): (MyWorker)
Tomcat is down or refused connection. No response has
been sent to the client (yet)
[Tue Apr 01 21:34:08.897 2008] [27044:1] [info]
ajp_service::jk_ajp_common.c (2186): (MyWorker)
sending request to tomcat failed (recoverable), (attempt=2)
[Tue Apr 01 21:34:08.897 2008] [27044:1] [error]
ajp_service::jk_ajp_common.c (2204): (MyWorker)
Connecting to tomcat failed. Tomcat is probably not
started or is listening on the wrong port
[Tue Apr 01 21:34:08.897 2008] [27044:1] [debug]
ajp_reset_endpoint::jk_ajp_common.c (691): (MyWorker)
resetting endpoint with sd = 4294967295 (socket
shutdown)
[Tue Apr 01 21:34:08.897 2008] [27044:1] [debug]
ajp_done::jk_ajp_common.c (2522): recycling connection
pool slot=0 for worker MyWorker
[Tue Apr 01 21:34:08.897 2008] [27044:1] [info]
jk_handler::mod_jk.c (2364): Service error=0 for
worker=MyWorker


I checked tomcat and it is up.

Any idea?
thanks


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

URL rewriting and mod_jk

[lanili]

 Hi,
 when I use the following:
 Options +FollowSymLinks
 RewriteEngine on
 RewriteRule ^/news/([0-9]+)$ /news/$1/ [R]
 RewriteRule ^/news/([0-9]+)/$ /news.jsp?id=$1
 and I use this URL:
 http://localhost/news/1
 apache-tomcat displays the jsp-page - with source code (html and jsp
code).
 I am using apache-2.2.8 and apache-tomcat-6.0.14 and mod_jk.
 JkAutoAlias/opt/apache-tomcat-6.0.14/webapps/domainname
 JkMount/*.jsp default
 JkMount/*.* default
 JkMount/servlet/* default  

 As mentioned on several web sites I have loaded mod_jk before
mod_rewrite.   

 What is wrong?  

 Thanks, Lars 

Re: URL rewriting and mod_jk

[Rainer Jung]

Hi Lars,

most liekly you need to set the pass through flag PT for the rewrite 
rules.


See also pass through in

http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html

Also: if you are using VirtualHosts, you need to put the JkMount into 
the VirtualHosts.


Let us know, if that works.

Regards,

Rainer

[EMAIL PROTECTED] wrote:


 Hi,
 when I use the following:
 Options +FollowSymLinks
 RewriteEngine on
 RewriteRule ^/news/([0-9]+)$ /news/$1/ [R]
 RewriteRule ^/news/([0-9]+)/$ /news.jsp?id=$1
 and I use this URL:
 http://localhost/news/1
 apache-tomcat displays the jsp-page - with source code (html and jsp
code).
 I am using apache-2.2.8 and apache-tomcat-6.0.14 and mod_jk.
 JkAutoAlias/opt/apache-tomcat-6.0.14/webapps/domainname
 JkMount/*.jsp default
 JkMount/*.* default
 JkMount/servlet/* default  


 As mentioned on several web sites I have loaded mod_jk before
mod_rewrite.   

 What is wrong?  

 Thanks, Lars 


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting and mod_jk

[Lars Nielsen Lind]

Hi Rainer, and thanks for your reply.

The [PT] at the end of the line seems to be the 'trick'.

I have another question:

If the user enters: http://www.domainname.dk/news/news.jsp?id=5, is 
there then any way to force the url to change to: 
http://www.domainname.dk/news/news/5/ ?


thanks,

Lars


Rainer Jung skrev:

Hi Lars,

most liekly you need to set the pass through flag PT for the rewrite 
rules.


See also pass through in

http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html

Also: if you are using VirtualHosts, you need to put the JkMount into 
the VirtualHosts.


Let us know, if that works.

Regards,

Rainer

[EMAIL PROTECTED] wrote:


 Hi,
 when I use the following:
 Options +FollowSymLinks
 RewriteEngine on
 RewriteRule ^/news/([0-9]+)$ /news/$1/ [R]
 RewriteRule ^/news/([0-9]+)/$ /news.jsp?id=$1
 and I use this URL:
 http://localhost/news/1
 apache-tomcat displays the jsp-page - with source code (html and jsp
code).
 I am using apache-2.2.8 and apache-tomcat-6.0.14 and mod_jk.
 JkAutoAlias/opt/apache-tomcat-6.0.14/webapps/domainname
 JkMount/*.jsp default
 JkMount/*.* default
 JkMount/servlet/* default 
 As mentioned on several web sites I have loaded mod_jk before
mod_rewrite.  
 What is wrong? 
 Thanks, Lars 


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[OT] Re: URL rewriting and mod_jk

[Rainer Jung]

Hi lars,

you can match against QUERY_STRING in RewriteCond and then use the match 
via %N in the replacement part of the RewriteRule.


See QUERY_STRING and %N in the docs page of mod_rewrite.

For more special mod_rewrite questions not directly related to mod_jk or 
Tomcat interoperability, the httpd user list would be a better place.


Regards,

Rainer

Lars Nielsen Lind wrote:

Hi Rainer, and thanks for your reply.

The [PT] at the end of the line seems to be the 'trick'.

I have another question:

If the user enters: http://www.domainname.dk/news/news.jsp?id=5, is 
there then any way to force the url to change to: 
http://www.domainname.dk/news/news/5/ ?


thanks,

Lars


Rainer Jung skrev:

Hi Lars,

most liekly you need to set the pass through flag PT for the rewrite 
rules.


See also pass through in

http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html

Also: if you are using VirtualHosts, you need to put the JkMount into 
the VirtualHosts.


Let us know, if that works.

Regards,

Rainer

[EMAIL PROTECTED] wrote:


 Hi,
 when I use the following:
 Options +FollowSymLinks
 RewriteEngine on
 RewriteRule ^/news/([0-9]+)$ /news/$1/ [R]
 RewriteRule ^/news/([0-9]+)/$ /news.jsp?id=$1
 and I use this URL:
 http://localhost/news/1
 apache-tomcat displays the jsp-page - with source code (html and jsp
code).
 I am using apache-2.2.8 and apache-tomcat-6.0.14 and mod_jk.
 JkAutoAlias/opt/apache-tomcat-6.0.14/webapps/domainname
 JkMount/*.jsp default
 JkMount/*.* default
 JkMount/servlet/* default  As mentioned on several web sites 
I have loaded mod_jk before
mod_rewrite.   What is wrong?  Thanks, Lars 


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting issue in tomcat

[Ken Bowen]

Use UrlRewriteFilter:  http://tuckey.org/urlrewrite/ to express the 
rules you need.



int wrote:

I have two sites running on the same server that are sharing classes, jsps,
etc. I want them to be accessible via two different domains though, as
follows:

http://domain.com/ should serve files from /webapps/ROOT
http://otherdomain.com/should serve files from /webapps/ROOT/otherdomain

[I don't want to create a virtual host, because all the jsps and class files
will have to be replicated and the war file expanded to two places]. What I
need is a simple Url Rewrite based on host. If the host is otherdomain.com
then simply prepend otherdomain to the uri. Is there a relatively simple
way to do this in Tomcat, since I'm not able to find any?

Thanks!



  


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

URL rewriting issue in tomcat

[int]

I have two sites running on the same server that are sharing classes, jsps,
etc. I want them to be accessible via two different domains though, as
follows:

http://domain.com/ should serve files from /webapps/ROOT
http://otherdomain.com/should serve files from /webapps/ROOT/otherdomain

[I don't want to create a virtual host, because all the jsps and class files
will have to be replicated and the war file expanded to two places]. What I
need is a simple Url Rewrite based on host. If the host is otherdomain.com
then simply prepend otherdomain to the uri. Is there a relatively simple
way to do this in Tomcat, since I'm not able to find any?

Thanks!



-- 
View this message in context: 
http://www.nabble.com/URL-rewriting-issue-in-tomcat-tf4863127.html#a13916622
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Session Tracking(URL rewriting) how to avoid session Id in URL

[Dave]

Hi, I am using JSF on JBOSS.
   
  I disabled cookies and use URL rewriting for session tracking. 
  All h:outputLink URLs have session id that are added automatically.  I like 
to the link to open in a new session. How to prevent session id on the URL?
   
  Thanks,
dave

 
-
The fish are biting.
 Get more visitors on your site using Yahoo! Search Marketing.

Re: URL rewriting For Session Tracking

[Len Popp]

Or if you use the JSP standard tag lib (JSTL) you can do: c:url value=
second.jspsecond page/c:url
--
Len

On 1/4/07, Bill Barker [EMAIL PROTECTED] wrote:


Usually you would use a tag lib for this sort of thing.  With struts, it
would look something like:
  html:a href=second.jspsecond page /html:a

[EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
 Your reply answered another question that I had.  But I think I still
 haven't described my current question clearly.  suppose I have 3 JSP
pages
 in my application.
 --
 first.jsp
 second.jsp
 third.jsp
 --
 Now, in my first.jsp, I have nothing but 2 links to the other two JSP
 pages. If I want the session to be maintain when use clicks on the links
 to go to the other pages, then can first.jsp be the following:
 --
 a href=second.jspsecond page/a
 a href=third.jspthird page/a
 --
 Or, the code in first.jsp must be the following:
 --
 a href='%=response.encodeURL(second.jsp)%'second page/a
 a href='%=response.encodeURL(second.jsp)'%second page/a
 

 Note:  If I use the first syntax, then unless Tomcat or some patch or
 filter parse the code and add the jsessionid to the link automatically,
 then the user will be losing the session when to goes from first.jsp to
 the other ones.  And that's my question; can I use the first syntax.  Or
 there is no way but to use the second syntax if I want the session to be
 kept.


 Thanks,
 Kasra
 - Original Message -
 From: Caldarale, Charles R [EMAIL PROTECTED]
 To: Tomcat Users List users@tomcat.apache.org
 Sent: Wednesday, January 03, 2007 9:56 PM
 Subject: RE: URL rewriting For Session Tracking


 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Subject: Re: URL rewriting For Session Tracking

 Basically I have a webapp and I want to have a session
 for each user that connects to my server (just the usual
 servlet session that is created with jsessionid).  Do I
 have to wrap every link that I have in my webapp with an
 Httpservletresponse.encodeURL()?

 No.  As I recall, Tomcat will not create a session automatically unless
 it's absolutely necessary (e.g., tracking authenticated users) or the
 application requests it.  I'm not aware of any config parameter that
 will force creation of sessions for all clients, but all you should have
 to do is put the following somewhere in the request processing path of
 each servlet:
request.getSession(true);

 This doesn't need to go into your servlet or JSP code - you can write a
 simple filter class that does nothing but run the above code to force
 the creation of a session if one doesn't already exist.  The filter
 mapping can go into conf/web.xml so it will apply to all apps deployed
 within your Tomcat instance, or in each appropriate webapp's web.xml
 file.

 Note that per the servlet spec, Tomcat will use cookies not URL
 rewriting for session tracking; it will fall back to URL rewriting if
 the client refuses cookies.  You can also disable use of cookies by
 setting cookies=false in your Context elements (or the global
 conf/context.xml file).

 - Chuck


 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
 MATERIAL and is thus for use only by the intended recipient. If you
 received this in error, please contact the sender and delete the e-mail
 and its attachments from all computers.

 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]






-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Chuck,

Caldarale, Charles R wrote:
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
 Subject: Re: URL rewriting For Session Tracking

 Do I have to wrap every link that I have in my webapp with an 
 Httpservletresponse.encodeURL()?
 
 No.  As I recall, Tomcat will not create a session automatically unless
 it's absolutely necessary (e.g., tracking authenticated users) or the
 application requests it.

I think you are misinterpreting the OP's question... I think he wants to
/force/ the use of URL rewriting to include the jsessionid. In that
case, he /must/ run all his links through HttpServletResponse.encodeURL.

- -chris

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFnQLt9CaO5/Lv0PARAvMmAJ97y7GDRY3fY9XsAH9GCKL9lGz86QCfS1CA
k7lL+g3W3pq7tQGGlCzEYIk=
=Tiss
-END PGP SIGNATURE-

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[Mikolaj Rydzewski]

[EMAIL PROTECTED] wrote:

All I want to do is 'URL rewriting For Session Tracking'. Do I have to do this 
manually in my code (using response.encodeURL), or is there an automatic way of 
doing this in Tomcat (such as using a filter or value) that would handle this 
for me?
  
Add cookies=false to context.xml of your application and use JSTL 
c:url, Struts html:link, etc depending on your application design.


http://tomcat.apache.org/tomcat-5.5-doc/config/context.html

--
Mikolaj Rydzewski [EMAIL PROTECTED]



smime.p7s
Description: S/MIME Cryptographic Signature

RE: URL rewriting For Session Tracking

[Caldarale, Charles R]

 From: Christopher Schultz [mailto:[EMAIL PROTECTED] 
 Subject: Re: URL rewriting For Session Tracking
 
 I think you are misinterpreting the OP's question... I think 
 he wants to /force/ the use of URL rewriting to include the
 jsessionid. In that case, he /must/ run all his links through 
 HttpServletResponse.encodeURL.

So setting cookies=false in the Context element isn't sufficient?
(Assuming a session has been created via request.getSession(true), of
course.)  I haven't tried it, but that's the implication I got from
reading the doc.  What does cookies=false actually do, then?

To step back a little: why would it be important to use URL encoding to
track sessions rather than do it with cookies?

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Chuck,

Caldarale, Charles R wrote:
 So setting cookies=false in the Context element isn't sufficient?

That just tells Tomcat not to use cookies to send session identification
to the browser. Yes, the alternative to cookies is the use of URL
rewriting to put the jsessionid into the URL, but that actually has to
be done somewhere.

 To step back a little: why would it be important to use URL encoding to
 track sessions rather than do it with cookies?

Maybe they have a no cookies requirement or something like that.

I personally write all my apps so that the widest audience can use them.
Cookies are not requires in any of the apps I have written in the last
few years. In order to achieve that, one must encode every URL that gets
put into a web page.

Some JSP taglibs provide this capability so you don't have to worry
about it. But, that means that every URL you emit must go through one of
those tags. I mostly use Velocity (not JSP) and there are niceties in
the Velocity-Tools package (that work with Struts, which is a bonus)
that do the same thing.

It all comes down to the same thing: you must run your URLs through
HttpServletResponse.encodeURL if you want to use URL rewriting at all.

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFnRnI9CaO5/Lv0PARAtfpAJ4qW0hrjvzbXhRGg3CrF3tsMUmuLQCbBz05
5bu0ZELNsuHss9CoJQDnaJ8=
=2D9m
-END PGP SIGNATURE-

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[David Delbecq]

En l'instant précis du 01/04/07 16:04, Caldarale, Charles R s'exprimait
dans toute sa noblesse:
 From: Christopher Schultz [mailto:[EMAIL PROTECTED] 
 Subject: Re: URL rewriting For Session Tracking

 I think you are misinterpreting the OP's question... I think 
 he wants to /force/ the use of URL rewriting to include the
 jsessionid. In that case, he /must/ run all his links through 
 HttpServletResponse.encodeURL.
 

 So setting cookies=false in the Context element isn't sufficient?
   
no, setting cookies=false just disable session tracking using cookies.
Proper link to your webapplication should travel inside encodeUrl() at
some point before rendering it to outputstream. Most tag that output
urls are doing it internally (struts:link/, c:url/ amongst other are
doing it)
 (Assuming a session has been created via request.getSession(true), of
 course.)  I haven't tried it, but that's the implication I got from
 reading the doc.  
Strange, reading the doc i see this  Set to false if you want to
disable the use of cookies for session identifier communication, and
rely only on URL rewriting by the application. . That is clear, if you
set to false, you must use url rewriting in your application to track
session identifier. Setting cookies to false won't magically parse all
your pages to add session identifier. (See J2EE specifications for details)
 What does cookies=false actually do, then?
   
It disables use of cookies for session tracking
 To step back a little: why would it be important to use URL encoding to
 track sessions rather than do it with cookies?

   
Because

1) not everyone has cookies enabled in their browser
2) in some cases it can be useful to have 2 sessions in same browser
(something you can't do with cookies)


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[fausto mancini]

David Delbecq wrote:


2) in some cases it can be useful to have 2 sessions in same browser
(something you can't do with cookies)


Hello David,
I've never thought about that; it looks interesting. Do you have a real 
use case for that?


Thank you in advance.

_F_M

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: URL rewriting For Session Tracking

[Peter Crowther]

 From: fausto mancini [mailto:[EMAIL PROTECTED] 
  2) in some cases it can be useful to have 2 sessions in same browser
  (something you can't do with cookies)
 
 Hello David,
 I've never thought about that; it looks interesting. Do you 
 have a real use case for that?

Here's one: Principle of least privilege.  I regularly have a normal
(user) session on a Web application open.  Sometimes I want to perform
administrative actions on that same webapp, and at that point it's
useful to be able to create a short-lived second admin session without
closing my user session.

- Peter

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: URL rewriting For Session Tracking

[Caldarale, Charles R]

 From: David Delbecq [mailto:[EMAIL PROTECTED] 
 Subject: Re: URL rewriting For Session Tracking

Many thanks to Chris and David for the enlightenment.

Another question: How would one handle links embedded in static content?
Is it simply a matter of don't do that?

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[Mikolaj Rydzewski]

Caldarale, Charles R wrote:

To step back a little: why would it be important to use URL encoding to
track sessions rather than do it with cookies?
  

Some log analyzers use such information to generate user profiles, etc.

--
Mikolaj Rydzewski [EMAIL PROTECTED]



smime.p7s
Description: S/MIME Cryptographic Signature

Re: URL rewriting For Session Tracking

[David Delbecq]

En l'instant précis du 01/04/07 16:32, fausto mancini s'exprimait dans
toute sa noblesse:


 David Delbecq wrote:

 2) in some cases it can be useful to have 2 sessions in same browser
 (something you can't do with cookies)

 Hello David,
 I've never thought about that; it looks interesting. Do you have a
 real use case for that?

 Thank you in advance.

 _F_M

 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

Several

1) you need to debug a concurrency problem with 2 users in your webapp.
It's easier to reproduce it if you can log in as 2 different users at
the same time (just disable cookies on browser and done)
2) A site admin want to have on the site the 'look of the site as
anonymous' without having to logout/log in
3) You want to check how webapp behave when one user has 2 sessions
(active on 2 different terminals for example)

Of course, first is anyway incompatible with http based
authentification, can only work on form based authentification (because
browser caches the user/pass)


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Chuck,

Caldarale, Charles R wrote:
 From: David Delbecq [mailto:[EMAIL PROTECTED] 
 Subject: Re: URL rewriting For Session Tracking
 
 Many thanks to Chris and David for the enlightenment.
 
 Another question: How would one handle links embedded in static content?
 Is it simply a matter of don't do that?

Yeah, it's basically a don't do that kind of situation. If cookies
aren't being used for whatever reason, static content will certainly
trip you up.

- -chris

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFnSLf9CaO5/Lv0PARAo9FAKC4S46+6J6YKCLVBkDYnlpF9E+ovQCdE6bN
WHOKs9dEHz8SYOgBe21I6aE=
=C972
-END PGP SIGNATURE-

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: URL rewriting For Session Tracking

[Peter Crowther]

 From: David Delbecq [mailto:[EMAIL PROTECTED] 
 Of course, first is anyway incompatible with http based
 authentification, can only work on form based 
 authentification (because browser caches the user/pass)

Not true - if the app uses in-memory session cookies (true for ASP,
ASP.Net and JSP) you just need two browser processes.  I regularly start
two instances of Internet Exploder... sorry, Explorer... to allow me to
have multiple sessions to the same application.

- Peter

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[David Delbecq]

En l'instant précis du 01/04/07 16:37, Caldarale, Charles R s'exprimait
dans toute sa noblesse:
 From: David Delbecq [mailto:[EMAIL PROTECTED] 
 Subject: Re: URL rewriting For Session Tracking
 

 Many thanks to Chris and David for the enlightenment.

 Another question: How would one handle links embedded in static content?
 Is it simply a matter of don't do that?
   
Yes and no :)

Don't do that if you intend to use default static resource serving (the
servlet you don't see and that tomcat maps to your static ressources)

But there are ways around it
1) as suggested earlier in this thread, create a filter that will try to
locate your links and rewrite them (quite tricky)
2) creates a servlet that maps to *.xhtml and does the parsing (less
tricky as none of the urls inside static ressources are already encoded)
  - Chuck


 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
 MATERIAL and is thus for use only by the intended recipient. If you
 received this in error, please contact the sender and delete the e-mail
 and its attachments from all computers.

 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

   


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[jobs]

Hi Bill,

In my case, I can't use taglibs since I am generating the code dynamically.
But even if I could use taglibs, then part of what the taglib does is really
using response.encodeURL(second.jsp) to do the URL rewriting without you
having to worry about it.  So, I think the ultimate answer is that yes, I
need to do URL rewriting for each individual link in my server manually if I
want user connections to have a session associated with them; any link that
I don't do this for, and the user clicks on will cause the session to be
lost.  And as a result, there is no magic switch that Tomcat or any filter
has that I can turn on to have this automatically done.  This is really what
I want to know, that there is no magic switch that I am missing on.

The problem is that I have thousands of links in my pages, and now I have to
go in and change each one of them so that they do URL rewriting in case the
user's doesn't allow cookies.

Am I correct in assuming that there is no magic switch in Tomcat or anywhere
to have url rewriting done for me?

By the way, I know that I can write a servlet filter that would parse the
response being sent to the user and do URL rewriting for any link in the
response, but I think that is considered a bad practice since then every
link will have the jsessionid with it.  Suppose I am linking to
www.yahoo.com which is outside my application, then the jsessionid will be
associated with that link as well which someone had mentioned it is not a
safe practice.

Thanks,
Kasra






- Original Message - 
From: Bill Barker [EMAIL PROTECTED]

To: users@tomcat.apache.org
Sent: Wednesday, January 03, 2007 11:51 PM
Subject: Re: URL rewriting For Session Tracking


Usually you would use a tag lib for this sort of thing.  With struts, it 
would look something like:

 html:a href=second.jspsecond page /html:a

[EMAIL PROTECTED] wrote in message 
news:[EMAIL PROTECTED]
Your reply answered another question that I had.  But I think I still 
haven't described my current question clearly.  suppose I have 3 JSP 
pages in my application.

--
first.jsp
second.jsp
third.jsp
--
Now, in my first.jsp, I have nothing but 2 links to the other two JSP 
pages. If I want the session to be maintain when use clicks on the links 
to go to the other pages, then can first.jsp be the following:

--
a href=second.jspsecond page/a
a href=third.jspthird page/a
--
Or, the code in first.jsp must be the following:
--
a href='%=response.encodeURL(second.jsp)%'second page/a
a href='%=response.encodeURL(second.jsp)'%second page/a


Note:  If I use the first syntax, then unless Tomcat or some patch or 
filter parse the code and add the jsessionid to the link automatically, 
then the user will be losing the session when to goes from first.jsp to 
the other ones.  And that's my question; can I use the first syntax.  Or 
there is no way but to use the second syntax if I want the session to be 
kept.



Thanks,
Kasra
- Original Message - 
From: Caldarale, Charles R [EMAIL PROTECTED]

To: Tomcat Users List users@tomcat.apache.org
Sent: Wednesday, January 03, 2007 9:56 PM
Subject: RE: URL rewriting For Session Tracking



From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Subject: Re: URL rewriting For Session Tracking

Basically I have a webapp and I want to have a session
for each user that connects to my server (just the usual
servlet session that is created with jsessionid).  Do I
have to wrap every link that I have in my webapp with an
Httpservletresponse.encodeURL()?


No.  As I recall, Tomcat will not create a session automatically unless
it's absolutely necessary (e.g., tracking authenticated users) or the
application requests it.  I'm not aware of any config parameter that
will force creation of sessions for all clients, but all you should have
to do is put the following somewhere in the request processing path of
each servlet:
   request.getSession(true);

This doesn't need to go into your servlet or JSP code - you can write a
simple filter class that does nothing but run the above code to force
the creation of a session if one doesn't already exist.  The filter
mapping can go into conf/web.xml so it will apply to all apps deployed
within your Tomcat instance, or in each appropriate webapp's web.xml
file.

Note that per the servlet spec, Tomcat will use cookies not URL
rewriting for session tracking; it will fall back to URL rewriting if
the client refuses cookies.  You can also disable use of cookies by
setting cookies=false in your Context elements (or the global
conf/context.xml file).

- Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL

URL rewriting For Session Tracking

[jobs]

Hi Everyone,

I tried to find answer to this question on the archive and documentation, but I 
couldn't find a clear answer which is weird since I expected to find an answer 
easily. All I want to do is 'URL rewriting For Session Tracking'. Do I have to 
do this manually in my code (using response.encodeURL), or is there an 
automatic way of doing this in Tomcat (such as using a filter or value) that 
would handle this for me? I've been looking at HttpRedirectFilter and 
UrlRewriteFilter which are open source filters, but they seem to do a lot of 
rewriting, but not for session tracking.

Thanks for Your Help,

Kasra

RE: URL rewriting For Session Tracking

[Caldarale, Charles R]

 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
 Subject: URL rewriting For Session Tracking
 
 All I want to do is 'URL rewriting For Session Tracking'.

I have to admit that I don't really understand your question.  What do
you need to do with sessions that Tomcat doesn't already do
automatically via cookies or jsessionid?  Check the doc for the cookies
attribute of the Context element:
http://tomcat.apache.org/tomcat-5.5-doc/config/context.html

You also might want to take a look at Section 7 of the servlet spec:
http://jcp.org/aboutJava/communityprocess/final/jsr154/index.html

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[jobs]

Thanks for your reply Chuck.  I've been through the whole documentation and 
it hasn't helped.  I'll try to make my question as clear as possible. 
Basically I have a webapp and I want to have a session for each user that 
connects to my server (just the usual servlet session that is created with 
jsessionid).  Do I have to wrap every link that I have in my webapp with an 
Httpservletresponse.encodeURL()?


I was expecting that there would be a configuration swich for example in 
server.xml file of Tomcat that I would switch it on, and the url rewriting 
that would include the jsessionid would be done for me, so that I don't have 
to wrap every link in my application with Httpservletresponse.encodeURL(). 
Basically, I was hoping that I don't have to touch my code and insert 
Httpservletresponse.encodeURL() for every link that I have.  But I think 
there is no such a thing, or is seen as not a good practice.


I hope this makes my question clear.



- Original Message - 
From: Caldarale, Charles R [EMAIL PROTECTED]

To: Tomcat Users List users@tomcat.apache.org
Sent: Wednesday, January 03, 2007 8:43 PM
Subject: RE: URL rewriting For Session Tracking



From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Subject: URL rewriting For Session Tracking

All I want to do is 'URL rewriting For Session Tracking'.


I have to admit that I don't really understand your question.  What do
you need to do with sessions that Tomcat doesn't already do
automatically via cookies or jsessionid?  Check the doc for the cookies
attribute of the Context element:
http://tomcat.apache.org/tomcat-5.5-doc/config/context.html

You also might want to take a look at Section 7 of the servlet spec:
http://jcp.org/aboutJava/communityprocess/final/jsr154/index.html

- Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: URL rewriting For Session Tracking

[Caldarale, Charles R]

 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
 Subject: Re: URL rewriting For Session Tracking
 
 Basically I have a webapp and I want to have a session
 for each user that connects to my server (just the usual
 servlet session that is created with jsessionid).  Do I
 have to wrap every link that I have in my webapp with an 
 Httpservletresponse.encodeURL()?

No.  As I recall, Tomcat will not create a session automatically unless
it's absolutely necessary (e.g., tracking authenticated users) or the
application requests it.  I'm not aware of any config parameter that
will force creation of sessions for all clients, but all you should have
to do is put the following somewhere in the request processing path of
each servlet:
request.getSession(true);

This doesn't need to go into your servlet or JSP code - you can write a
simple filter class that does nothing but run the above code to force
the creation of a session if one doesn't already exist.  The filter
mapping can go into conf/web.xml so it will apply to all apps deployed
within your Tomcat instance, or in each appropriate webapp's web.xml
file.

Note that per the servlet spec, Tomcat will use cookies not URL
rewriting for session tracking; it will fall back to URL rewriting if
the client refuses cookies.  You can also disable use of cookies by
setting cookies=false in your Context elements (or the global
conf/context.xml file).

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[jobs]

Your reply answered another question that I had.  But I think I still 
haven't described my current question clearly.  suppose I have 3 JSP pages 
in my application.

--
first.jsp
second.jsp
third.jsp
--
Now, in my first.jsp, I have nothing but 2 links to the other two JSP pages. 
If I want the session to be maintain when use clicks on the links to go to 
the other pages, then can first.jsp be the following:

--
a href=second.jspsecond page/a
a href=third.jspthird page/a
--
Or, the code in first.jsp must be the following:
--
a href='%=response.encodeURL(second.jsp)%'second page/a
a href='%=response.encodeURL(second.jsp)'%second page/a


Note:  If I use the first syntax, then unless Tomcat or some patch or filter 
parse the code and add the jsessionid to the link automatically, then the 
user will be losing the session when to goes from first.jsp to the other 
ones.  And that's my question; can I use the first syntax.  Or there is no 
way but to use the second syntax if I want the session to be kept.



Thanks,
Kasra
- Original Message - 
From: Caldarale, Charles R [EMAIL PROTECTED]

To: Tomcat Users List users@tomcat.apache.org
Sent: Wednesday, January 03, 2007 9:56 PM
Subject: RE: URL rewriting For Session Tracking



From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Subject: Re: URL rewriting For Session Tracking

Basically I have a webapp and I want to have a session
for each user that connects to my server (just the usual
servlet session that is created with jsessionid).  Do I
have to wrap every link that I have in my webapp with an
Httpservletresponse.encodeURL()?


No.  As I recall, Tomcat will not create a session automatically unless
it's absolutely necessary (e.g., tracking authenticated users) or the
application requests it.  I'm not aware of any config parameter that
will force creation of sessions for all clients, but all you should have
to do is put the following somewhere in the request processing path of
each servlet:
   request.getSession(true);

This doesn't need to go into your servlet or JSP code - you can write a
simple filter class that does nothing but run the above code to force
the creation of a session if one doesn't already exist.  The filter
mapping can go into conf/web.xml so it will apply to all apps deployed
within your Tomcat instance, or in each appropriate webapp's web.xml
file.

Note that per the servlet spec, Tomcat will use cookies not URL
rewriting for session tracking; it will fall back to URL rewriting if
the client refuses cookies.  You can also disable use of cookies by
setting cookies=false in your Context elements (or the global
conf/context.xml file).

- Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting For Session Tracking

[Bill Barker]

Usually you would use a tag lib for this sort of thing.  With struts, it 
would look something like:
  html:a href=second.jspsecond page /html:a

[EMAIL PROTECTED] wrote in message 
news:[EMAIL PROTECTED]
 Your reply answered another question that I had.  But I think I still 
 haven't described my current question clearly.  suppose I have 3 JSP pages 
 in my application.
 --
 first.jsp
 second.jsp
 third.jsp
 --
 Now, in my first.jsp, I have nothing but 2 links to the other two JSP 
 pages. If I want the session to be maintain when use clicks on the links 
 to go to the other pages, then can first.jsp be the following:
 --
 a href=second.jspsecond page/a
 a href=third.jspthird page/a
 --
 Or, the code in first.jsp must be the following:
 --
 a href='%=response.encodeURL(second.jsp)%'second page/a
 a href='%=response.encodeURL(second.jsp)'%second page/a
 

 Note:  If I use the first syntax, then unless Tomcat or some patch or 
 filter parse the code and add the jsessionid to the link automatically, 
 then the user will be losing the session when to goes from first.jsp to 
 the other ones.  And that's my question; can I use the first syntax.  Or 
 there is no way but to use the second syntax if I want the session to be 
 kept.


 Thanks,
 Kasra
 - Original Message - 
 From: Caldarale, Charles R [EMAIL PROTECTED]
 To: Tomcat Users List users@tomcat.apache.org
 Sent: Wednesday, January 03, 2007 9:56 PM
 Subject: RE: URL rewriting For Session Tracking


 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Subject: Re: URL rewriting For Session Tracking

 Basically I have a webapp and I want to have a session
 for each user that connects to my server (just the usual
 servlet session that is created with jsessionid).  Do I
 have to wrap every link that I have in my webapp with an
 Httpservletresponse.encodeURL()?

 No.  As I recall, Tomcat will not create a session automatically unless
 it's absolutely necessary (e.g., tracking authenticated users) or the
 application requests it.  I'm not aware of any config parameter that
 will force creation of sessions for all clients, but all you should have
 to do is put the following somewhere in the request processing path of
 each servlet:
request.getSession(true);

 This doesn't need to go into your servlet or JSP code - you can write a
 simple filter class that does nothing but run the above code to force
 the creation of a session if one doesn't already exist.  The filter
 mapping can go into conf/web.xml so it will apply to all apps deployed
 within your Tomcat instance, or in each appropriate webapp's web.xml
 file.

 Note that per the servlet spec, Tomcat will use cookies not URL
 rewriting for session tracking; it will fall back to URL rewriting if
 the client refuses cookies.  You can also disable use of cookies by
 setting cookies=false in your Context elements (or the global
 conf/context.xml file).

 - Chuck


 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
 MATERIAL and is thus for use only by the intended recipient. If you
 received this in error, please contact the sender and delete the e-mail
 and its attachments from all computers.

 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

 




-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

URL rewriting with mod_rewrite and mod_jk possible?

[JasDA]

Hi,

I'm using a Tomcat 5.5.20 and an Apache 2.x. Using the mod_jk special request 
will be passed through the Tomcat. But now I have a problem with two Tomcat 
instances and the same context (the name is equal) in these instances.

Here is my workers.properties:

ps=\ worker.list=tomcat1, tomcat2 

worker.tomcat1.port=8009 
worker.tomcat1.host=localhost 
worker.tomcat1.type=ajp13 

worker.tomcat2.port=9009 
worker.tomcat2.host=localhost 
worker.tomcat2.type=ajp13


And here is my jk.conf

IfModule mod_jk.c
JkWorkersFile /etc/apache2/workers.properties 
JkLogFile /var/log/apache2/mod_jk.log 

# Log level to be used by mod_jk 
JkLogLevel error 

# The following line mounts all JSP files and the /servlet/ uri to tomcat 
JkMount /rimNG/* tomcat1 
JkMount /rimNGj/* tomcat1 
JkMount /rimNGuk/* tomcat1 
JkMount /rimNGit/* tomcat2 
/IfModule

As you can see all rimNGit-URLs will be passed through tomcat2. Now I want to 
create a new URL (for example rimNGit-tomcat2) that should be passed as 
rimNGit through tomcat2. At the same time all rimNGit request should be 
passed through tomcat1. Is that possible?

If I'm using mod_rewrite I could change the URL to rimNGit but in that case all 
requests would be passed through tomcat1 instead of tomcat2, am I right?

Regards
JasDA
___
Viren-Scan für Ihren PC! Jetzt für jeden. Sofort, online und kostenlos.
Gleich testen! http://www.pc-sicherheit.web.de/freescan/?mc=02


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting with mod_rewrite and mod_jk possible?

[Rainer Jung]

You can experiment with the following alternative way of defining JkMount:

If you want to forward a certain request via mod_jk wo a worker X, you 
can do that by setting:


SetHandler jakarta-servlet
SetEnv JK_WORKER_NAME X

Now you can vary this by using SetEnvIf instead of SetEnv to make it 
dependant on runtime info, such as the request URL.


Furthermore mod_rewrite can set environment variables depending on parts 
of matches regular expressions.


So something like setting

SetHandler jakarta-servlet

inside Location /rimNGit/ and inside Location /rimNGit-tomcat2/

and using mod_rewrite to set the environment variable JK_WORKER_NAME to 
tomcat1 if the URL is /rimNGit/ and to worker2 if it is 
/rimNGit-tomcat2/ (and of course rewriting the URL itself) should work.


Caution: Don't mix mapping via JkMount and via SetHandler/Environment 
for the same URLs. It might lead to unexpected results :)


If you don't like the name of the environment variable JK_WORKER_NAME, 
you can change it via


JkWorkerIndicator MyPrefferedVarName

Some of this is explained in

http://tomcat.apache.org/connectors-doc/reference/apache.html

(look for JkWorkerIndicator)

Regards,

Rainer

[EMAIL PROTECTED] wrote:

Hi,

I'm using a Tomcat 5.5.20 and an Apache 2.x. Using the mod_jk special request 
will be passed through the Tomcat. But now I have a problem with two Tomcat 
instances and the same context (the name is equal) in these instances.

Here is my workers.properties:

ps=\ worker.list=tomcat1, tomcat2 

worker.tomcat1.port=8009 
worker.tomcat1.host=localhost 
worker.tomcat1.type=ajp13 

worker.tomcat2.port=9009 
worker.tomcat2.host=localhost 
worker.tomcat2.type=ajp13



And here is my jk.conf

IfModule mod_jk.c
JkWorkersFile /etc/apache2/workers.properties 
JkLogFile /var/log/apache2/mod_jk.log 

# Log level to be used by mod_jk 
JkLogLevel error 

# The following line mounts all JSP files and the /servlet/ uri to tomcat 
JkMount /rimNG/* tomcat1 
JkMount /rimNGj/* tomcat1 
JkMount /rimNGuk/* tomcat1 
JkMount /rimNGit/* tomcat2 
/IfModule


As you can see all rimNGit-URLs will be passed through tomcat2. Now I want to create a new URL (for example 
rimNGit-tomcat2) that should be passed as rimNGit through tomcat2. At the same time 
all rimNGit request should be passed through tomcat1. Is that possible?

If I'm using mod_rewrite I could change the URL to rimNGit but in that case all 
requests would be passed through tomcat1 instead of tomcat2, am I right?

Regards
JasDA
___
Viren-Scan für Ihren PC! Jetzt für jeden. Sofort, online und kostenlos.
Gleich testen! http://www.pc-sicherheit.web.de/freescan/?mc=02


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Security constraints URL rewriting

[Erik Eide]

Hi

I'd like to re-write some of the URLs of my web app to support
wildcard prefixes (ie, /resource-id value/servlet/) and wonder if
this is possible when using authentication defined by security
constraints (and url-pattern) in the web.xml

As I understand it, the HTTP request is authenticated before my URL
re-writing filter is invoked (and would fail, as I can't map all
possible resource-id value combinations)

Is it possible to change the order in which tomcat does
authentication, so that my filter gets a chance to re-write the URL
first ?

Erik

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting best practice?

[Bruno Georges]

Kristian

you can write a servlet filter for this. It will be easier that way.
mod_rewrite is one way of doing it , but if you are going to target only
your JSP I would recommend to go to the servlet filter way.
You could also use valves, but you can do almost the same things with
servlet filter.

Example of  class is:

public final class URLRewriteFilter implements Filter {

  // you have to implement this method
  public void doFilter(ServletRequest request, ServletResponse
response, FilterChain chain)
throws IOException, ServletException {

// you code goes here
chain.doFilter(request, response);
}
}

If you need help implementing it, just let me know.

With Best Regards

Bruno Georges

Glencore International AG
Tel. +41 41 709 3204
Fax +41 41 709 3000


|-+---
| |   Kristian Rink   |
| |   [EMAIL PROTECTED]|
| |   428.net|
| |   |
| |   15.12.05 11:37  |
| |   Please respond  |
| |   to Tomcat Users|
| |   List   |
| |   |
|-+---
  
--|
  | 
 |
  |To:  Tomcat Users List users@tomcat.apache.org 
 |
  |cc:  
 |
  |Subject: URL rewiting best practise? 
 |
  | 
 |
  |Distribute:  
 |
  |Personal?   |---|
 |
  || [ ] x |
 |
  ||---|
 |
  | 
 |
  
--|





Hi all;

currently I'm into deploying a small jsp/servlet based application which
more or less utilizes a dispatcher servlet to provide .jsp-based
content. For that, I'm into using URLs like

http://foobar:8080/Site?path=home/users

to, in example, show the site section home - users. For now, I'd like
to do URL rewriting in order to provide users with an URL like

http://foobar:8080/home/users or maybe
http://foobar:8080/Site/home/users


to see the same content. My initial idea was to use apache, mod_jk and
mod_rewrite to do right this, but don't feel too good about that idea
because sooner or later the site URL will also have to carry around a
session ID and in that I am afraid that URL rewriting will get me into
trouble. So, my question: What is the best way of doing URL rewriting in
such a situation? Does tomcat provide any ways of achieving what I want?

TIA and bye,
Kris

--
Kristian Rink *  http://zimmer428.net * jab: [EMAIL PROTECTED]
icq: 48874445 *  fon: ++49 176 2447 2771

Be yourself the kind of change you want to see in this world. (Gandhi)

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




LEGAL DISCLAIMER. The contents of this e-mail and any attachments are strictly
confidential and they may not be used or disclosed by someone who is not a
named recipient.
If you have received this email in error please notify the sender by replying
to this email inserting the word misdirected as the message and delete this
e-mail from your system.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting best practise?

[Bruno Georges]

Kristian

I forgot to ask if you want the user to see the new URL or not, is this
important in your application? If this is the case then you will have to
consider looking into the HTTP response codes.
Also, do you always plan to have apache in front? If you use IE, you will
have to write an ISAPI Filter to duplicate the mod_rewrite functioanlity
[you can buy one too] as it doesn't come with IIS.

Hope this helps.

Bruno Georges

Glencore International AG
Tel. +41 41 709 3204
Fax +41 41 709 3000


|-+---
| |   Kristian Rink   |
| |   [EMAIL PROTECTED]|
| |   428.net|
| |   |
| |   15.12.05 11:37  |
| |   Please respond  |
| |   to Tomcat Users|
| |   List   |
| |   |
|-+---
  
--|
  | 
 |
  |To:  Tomcat Users List users@tomcat.apache.org 
 |
  |cc:  
 |
  |Subject: URL rewiting best practise? 
 |
  | 
 |
  |Distribute:  
 |
  |Personal?   |---|
 |
  || [ ] x |
 |
  ||---|
 |
  | 
 |
  
--|





Hi all;

currently I'm into deploying a small jsp/servlet based application which
more or less utilizes a dispatcher servlet to provide .jsp-based
content. For that, I'm into using URLs like

http://foobar:8080/Site?path=home/users

to, in example, show the site section home - users. For now, I'd like
to do URL rewriting in order to provide users with an URL like

http://foobar:8080/home/users or maybe
http://foobar:8080/Site/home/users


to see the same content. My initial idea was to use apache, mod_jk and
mod_rewrite to do right this, but don't feel too good about that idea
because sooner or later the site URL will also have to carry around a
session ID and in that I am afraid that URL rewriting will get me into
trouble. So, my question: What is the best way of doing URL rewriting in
such a situation? Does tomcat provide any ways of achieving what I want?

TIA and bye,
Kris

--
Kristian Rink *  http://zimmer428.net * jab: [EMAIL PROTECTED]
icq: 48874445 *  fon: ++49 176 2447 2771

Be yourself the kind of change you want to see in this world. (Gandhi)

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




LEGAL DISCLAIMER. The contents of this e-mail and any attachments are strictly
confidential and they may not be used or disclosed by someone who is not a
named recipient.
If you have received this email in error please notify the sender by replying
to this email inserting the word misdirected as the message and delete this
e-mail from your system.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting best practice?

[Bruno Georges]

Yes it will work that way. The servlet filter process the request it gets
from apache the same way it will without it. Also with mod_jk or mod_proxy
Make sure you don't already have some mod_rewrite rules set in your apache,
they will take precedance over the filter [if applicable of course].


Bruno Georges

Glencore International AG
Tel. +41 41 709 3204
Fax +41 41 709 3000


|-+---
| |   Kristian Rink   |
| |   [EMAIL PROTECTED]|
| |   428.net|
| |   |
| |   15.12.05 14:41  |
| |   Please respond  |
| |   to Tomcat Users|
| |   List   |
| |   |
|-+---
  
--|
  | 
 |
  |To:  Tomcat Users List users@tomcat.apache.org 
 |
  |cc:  
 |
  |Subject: Re: URL rewriting best practise?
 |
  | 
 |
  |Distribute:  
 |
  |Personal?   |---|
 |
  || [ ] x |
 |
  ||---|
 |
  | 
 |
  
--|





Hi Bruno;

Bruno Georges schrieb:
 I forgot to ask if you want the user to see the new URL or not, is this
 important in your application? If this is the case then you will have to

No, that's not really important. Just want to expose the site using a
more human-readable URL format than one filled up with ='s and
's... ;)


 Also, do you always plan to have apache in front? If you use IE, you will
 have to write an ISAPI Filter to duplicate the mod_rewrite functioanlity
 [you can buy one too] as it doesn't come with IIS.

There'll probably be an apache in front because it's already there being
reverse-proxy for the web client applications of our document management
system, and I'm about to place the tomcat right behind this apache, as
well. Should work this way, shouldn't it?

Cheers,
Kris

--
Kristian Rink *  http://zimmer428.net * jab: [EMAIL PROTECTED]
icq: 48874445 *  fon: ++49 176 2447 2771

Be yourself the kind of change you want to see in this world. (Gandhi)

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




LEGAL DISCLAIMER. The contents of this e-mail and any attachments are strictly
confidential and they may not be used or disclosed by someone who is not a
named recipient.
If you have received this email in error please notify the sender by replying
to this email inserting the word misdirected as the message and delete this
e-mail from your system.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: URL rewriting best practice?

[Hassan Schroeder]

Bruno Georges wrote:

 you can write a servlet filter for this. 

... or use an existing one:  http://tuckey.org/urlrewrite/

FWIW!
-- 
Hassan Schroeder - [EMAIL PROTECTED]
Webtuitive Design ===  (+1) 408-938-0567   === http://webtuitive.com

  dream.  code.



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]