I wanted to share my experience with getting Slide working on WebSphere with Security included.
Thanks to the post on the slide-user list from Lynn Richards (http://www.mail-archive.com/slide-user@jakarta.apache.org/msg10690.html). Sorry this is a long post, but I know I would have found this level of detail helpful a couple of days ago - a committer is welcome to add this to the wiki?: http://wiki.apache.org/jakarta-slide/WebSphereSetup. I've put detail and background in, so that even if following my details below don't help, they may lead you in the right direction. You will need: * slide-server-2.1 source code - in order to make corrections and re-build. * IBM HTTP Server (IHS) and the Web Server Plugin SLIDE SOURCE CHANGES - UTF-8 There are a two places (that I could find) in the code where the content type is set to "text/xml; charset=\"UTF-8\"". The WebSphere servlet container can't handle the quotes around the encoding. This needs to be changed to "text/xml; charset=UTF-8". This works for Tomcat too, so perhaps it should be committed in the server source? 1. jakarta-slide-server-src-2.1\src\webdav\server\org\apache\slide\webdav\metho d\AbstractWebdavMethod.java 128c128 < public static final String TEXT_XML_UTF_8 = "text/xml; charset=\"UTF-8\""; --- > public static final String TEXT_XML_UTF_8 = "text/xml; charset=UTF-8"; 2. jakarta-slide-server-src-2.1\src\webdav\server\org\apache\slide\webdav\util\ DirectoryIndexGenerator.java 145c145 < res.setContentType("text/html; charset=\"UTF-8\""); --- > res.setContentType("text/html; charset=UTF-8"); SLIDE CONFIGURATION 1. / Path "Forbidden" The issue where all paths appear to be "/" no matter what path is accessed on Slide is due to the following code in jakarta-slide-server-src-2.1-\src\webdav\server\org\apache\slide\webdav\util \WebdavUtils.java and a difference in implementation between WebSphere and Tomcat String result = null; if (config.isDefaultServlet()) { result = req.getServletPath(); } else { result = req.getPathInfo(); } req.getServletPath() seems to always be "/" in WebSphere when the WebDAV servlet is mapped to "/". The solution is to force slide to use the getPathInfo() method by turning off the Default Servlet flag in the web.xml <param-name>default-servlet</param-name> <param-value>false</param-value> 2. The EAR file might be corrupt? web.xml validation When you install a war file on WebSphere the web.xml is parsed and validated against the spec. Any discrepancies with the spec will give you the un-helpful error that the "EAR file might be corrupt". Add the detail below to you opening node in the web.xml and make sure it is valid according to the schema (using an editor such as XML Spy) before including it in the war file: <web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"; xsi="http://www.w3.org/2001/XMLSchema-instance"; schemalocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"; You'll find that all the <description> nodes are in the wrong place within the <init-param> nodes - they should be the first child rather than the last. More importantly is the security-constraint section. To get authentication, you must define the constraint for all the possible http (WebDAV) methods. The problem is according to the web.xml spec, the only valid http-method values are: HEAD, GET, POST, PUT, DELETE, OPTIONS and TRACE. To have the other WebDAV methods secure as well, leave the specific http-method constraints out. This node is optional and if you don't specify any, all Http methods will be secure and this will include the WebDAV extensions too. <!-- Uncomment this to get authentication --> <security-constraint> <web-resource-collection> <web-resource-name>DAV resource</web-resource-name> <url-pattern>/*</url-pattern> <!-- comment out the explicit http-method list ... --> </web-resource-collection> <auth-constraint> <role-name>SlideAdmin</role-name> <role-name>User</role-name> </auth-constraint> </security-constraint> WEBSPHERE CONFIGURATION 1. Global Security How to configure WebSphere with a Custom or LDAP realm is beyond the scope of this mail list but with Security turned on, you will need to either Turn off "Java 2 Security" or define a policy file for the slide web-app. With Java 2 security on, slide will get AccessControlException(s) when it tries to check for the existence of things like its properties file (from the "java.home" location? See Configuration.java - it will catch the exception if the load fails but not if the file.exists() check is forbidden). 2. WebServer Integration It appears that when the WebSphere AppServer handles HTTP requests it assumes the same default as the IBM WebServer, namely - content is only to be expected and read for POST and PUT requests. This page on IBM's support site is old but seems to apply for v6 as well: http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg21145705. To get the WebDAV extensions to HTTP working you need to configure the IBM WebServer with the AppServer using IBM's WebServer Plugin. It's in the Plugin where you're then able to allow content in all HTTP/WebDAV requests. Ie "true" for * AcceptAllContent * Specifies whether or not users can include content in POST, PUT, GET, and HEAD requests when a Content-Length or Transfer-encoding header is contained in the request header. You can specify one of the following values for this attribute: * true if content is to be expected and read for all requests * false if content only is only to be expected and read for POST and PUT requests. false is the default. If you have version 6, with the WebServer and AppServer on the same machine and the Server setup to propagate changes to the plugin-cfg.xml file, you can set this flag in the Admin Console: Web servers > webserver1 > Plug-in properties > Request and response Check the box for - Accept content for all requests I found integrating the AppServer with the WebServer via plugin not a simple process. You should do this before installing slide and use the /snoop servlet to check if things are working via the WebServer. You could actually use a WebServer other than IBM's. The difference will be that you may need to manually configure the Plugin in the AppServer and WebServer and then when the Admin console updates the plugin-cfg.xml file you may need to copy this to the place where the WebServer expects. INSTALLING SLIDE After you install/deploy the slide.war (I gave it the enterprise application name of "slide") you need to edit the Class Loading properties. Class loader mode = Parent Last WAR class loader policy = Application This avoids the problem of WebSphere v6 including an older version of JDOM (1.0Beta7) in its lib folder as well as property file loading issues. Check that slide has been correctly associated with the WebServer Plugin: Enterprise Applications > slide > Map modules to servers You should see something like: Server WebSphere:cell=wasNode01Cell,node=webserver1_node,server=webserver1 WebSphere:cell=wasNode01Cell,node=wasNode01,server=server1 It's important to see both the server and the webserver "module" in this list. After starting the slide application it should be accessible via the WebServer (port 80 by default). All access will have to be via the WebServer and this should hopefully work without error and will be secure. Regards, Kevin Jansz -- [EMAIL PROTECTED] exari systems London | Melbourne | San Francisco enterprise document assembly Tel +61 (0)3 9621 2773 Fax +61 (0)3 9621 2776 www.exari.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
