Thanks for getting back to me on this Dave. There seems to be enough people wanting intranet blogging functionality that I am hoping we can pursue this thread a bit more.
Removing the offending line from security.xml does indeed solve the trackback issue. My question: Is there more specific reference (e.g., a home page) I could add to security.xml that provides a rudimentary barrier against outsiders? <property name="objectDefinitionSource"> <value> PATTERN_TYPE_APACHE_ANT /roller-ui/login-redirect.jsp=admin,editor ..... /somePage.jsp=admin,editor I realize that restricting access to the front page only is not a great security solution. But I don't need great security. Thanks, /M > -----Original Message----- > From: Dave [mailto:[EMAIL PROTECTED] > Sent: Friday, May 18, 2007 6:59 AM > To: [email protected] > Subject: Re: Odd response to trackback > > Looks like you have password-protected Roller's Trackback receiver > servlet. Unfortunately, Roller's trackback sender cannot handle > authentication so that's not going to work. > > - Dave > > > > > > On 5/17/07, Michael Brydon <[EMAIL PROTECTED]> wrote: > > Hi, > > > > > > > > I am getting a weird response when I request a trackback. Any help > > would be greatly appreciated. > > > > > > > > Rather than: > > > > > > > > <response> > > > > <error>0</error> > > > > </response> > > > > > > > > (per Fig 12 in the user guide), I get a dump of what appears to be > > /webapp/roller/themes/frontpage/_header.vm (see end of message). > > > > > > > > I am running Roller 3.1 on Apache Tomcat 5.5.23. Trackbacks used to > > work on this installation, but I may have broken something somehow while > > trying to deny access to outsiders (I use the blog for a course and > > limit it to existing Roller users only). > > > > > > > > The contents of /opt/tomcat/common/classes/roller-custom.properties: > > > > uploads.dir=/opt/roller/roller_data/uploads > > > > search.index.dir=/opt/roller/roller_data/search-index > > > > passwds.encryption.enabled=true > > > > hibernate.dialect=org.hibernate.dialect.MySQL5Dialect > > > > trackback.allowedURLs=http://misux.bus.sfu.ca:8080/.* > > > > comment.authenticator.classname=org.apache.roller.presentation.velocity. > > DefaultCommentAuthenticator > > > > > > > > I changed roller/webapp/roller/WEB-INF/security.xml to ensure that only > > authorized users can access the site. > > > > > > > > <!-- ======================== AUTHENTICATION ======================= > > --> > > > > > > > > <!-- Note the order that entries are placed against the > > objectDefinitionSource is critical. > > > > The FilterSecurityInterceptor will work from the top of the > > list down to the FIRST pattern that m$ > > > > Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) > > expressions first, with LEAST SPECIFIC$ > > > > <bean id="filterInvocationInterceptor" > > class="org.acegisecurity.intercept.web.FilterSecurityIntercepto$ > > > > <property name="authenticationManager" > > ref="authenticationManager"/> > > > > <property name="accessDecisionManager" > > ref="accessDecisionManager"/> > > > > <property name="objectDefinitionSource"> > > > > <value> > > > > PATTERN_TYPE_APACHE_ANT > > > > /roller-ui/login-redirect.jsp=admin,editor > > > > /roller-ui/yourProfile**=admin,editor > > > > /roller-ui/createWebsite**=admin,editor > > > > /roller-ui/yourWebsites**=admin,editor > > > > /roller-ui/authoring/**=admin,editor > > > > /roller-ui/admin/**=admin > > > > /rewrite-status*=admin > > > > /rewrite-status*=admin > > > > /bus756/**=admin,editor > > > > </value> > > > > <!-- Add this to above list for LDAP/SSO configuration > > --> > > > > <!-- /roller-ui/user.do*=register --> > > > > </property> > > > > </bean> > > > > > > > > An error appears in /tomcat/logs/roller.log: > > > > > > > > ERROR 2007-05-16 21:58:57,861 ApplicationDispatcher:invoke - > > Servlet.service() for servlet jsp threw exception > > > > java.lang.IllegalStateException: getOutputStream() has already been > > called for this response > > > > at > > org.apache.catalina.connector.Response.getWriter(Response.java:601) > > > > at > > org.apache.catalina.connector.ResponseFacade.getWriter(ResponseFacade.ja > > va:196) > > > > at > > org.apache.jasper.runtime.JspWriterImpl.initOut(JspWriterImpl.java:125) > > > > at > > org.apache.jasper.runtime.JspWriterImpl.flushBuffer(JspWriterImpl.java:1 > > 18) > > > > at > > org.apache.jasper.runtime.JspWriterImpl.flush(JspWriterImpl.java:173) > > > > at > > org.apache.struts.taglib.tiles.InsertTag$InsertHandler.doEndTag(InsertTa > > g.java:887) > > > > at > > org.apache.struts.taglib.tiles.InsertTag.doEndTag(InsertTag.java:460) > > > > at > > org.apache.jsp.WEB_002dINF.jsps._404_jsp._jspx_meth_tiles_005finsert_005 > > f0(_404_jsp.java:274) > > > > at > > org.apache.jsp.WEB_002dINF.jsps._404_jsp._jspService(_404_jsp.java:161) > > > > at > > org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98) > > > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > > > at > > org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.ja > > va:328) > > > > at > > org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315) > > > > at > > org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265) > > > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > > > at > > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica > > tionFilterChain.java:269) > > > > at > > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt > > erChain.java:188) > > > > at > > org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatc > > her.java:691) > > > > at > > org.apache.catalina.core.ApplicationDispatcher.processRequest(Applicatio > > nDispatcher.java:471) > > > > at > > org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDisp > > atcher.java:403) > > > > at > > org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispat > > cher.java:301) > > > > at > > org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java > > :364) > > > > at > > org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java > > :285) > > > > at > > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java > > :137) > > > > at > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java > > :117) > > > > at > > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. > > java:108) > > > > at > > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:1 > > 51) > > > > at > > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:87 > > 0) > > > > at > > org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.proc > > essConnection(Http11BaseProtocol.java:665) > > > > at > > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint > > .java:528) > > > > at > > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollow > > erWorkerThread.java:81) > > > > at > > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool > > .java:685) > > > > at java.lang.Thread.run(Thread.java:595) > > > > > > > > > > > > The screen I get is: > > > > > > > > Trackback response (error code 0 indicates success): > > > > > > > > <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" > > "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > <html xmlns="http://www.w3.org/1999/xhtml";> > > > > <head> > > > > <title>: </title> > > > > <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > <link rel="stylesheet" type="text/css" media="all" > > > > href='/roller/roller-ui/styles/layout.css;jsessionid=A9D9E2B6C93DC799B27 > > 254DABF154CC6'> > > > > <link rel="stylesheet" type="text/css" media="all" > > > > href='/roller/roller-ui/styles/roller.css;jsessionid=A9D9E2B6C93DC799B27 > > 254DABF154CC6'> > > > > <link rel="stylesheet" type="text/css" media="all" > > > > href='/roller/roller-ui/styles/menu.css;jsessionid=A9D9E2B6C93DC799B2725 > > 4DABF154CC6'> > > > > <link rel="stylesheet" type="text/css" media="all" > > > > href='/roller/roller-ui/styles/calendar.css;jsessionid=A9D9E2B6C93DC799B > > 27254DABF154CC6'> > > > > > > > > > > > > > > > > <link rel="stylesheet" type="text/css" media="all" > > > > href="/roller/roller-ui/theme/tan/colors.css" /> > > > > > > > > <script type="text/javascript" > > > > src="/roller/theme/scripts/roller.js"></script> > > > > <script type="text/javascript" > > > > src='/roller/roller-ui/scripts/calendar.js;jsessionid=A9D9E2B6C93DC799B2 > > 7254DABF154CC6'></script> > > > > <script type="text/javascript" > > > > src='/roller/roller-ui/scripts/overlib.js;jsessionid=A9D9E2B6C93DC799B27 > > 254DABF154CC6'> > > > > <!-- overLIB (c) Erik Bosrup --> > > > > </script> > > > > > > > > > > > > > > > > > > > > <style type="text/css"> > > > > > > > > #centercontent_wrap { > > > > width: 100%; > > > > } > > > > > > > > > > > > > > > > </style> > > > > </head> > > > > <body> > > > > > > > > <div id="banner"> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > <div class="bannerStatusBox"> > > > > > > > > <table class="bannerStatusBox" cellpadding="0" cellspacing="0"> > > > > <tr> > > > > <td class="bannerLeft"> > > > > > > > > > > > > > > > > > > > > > > > > </td> > > > > > > > > <td class="bannerRight"> > > > > > > > > <a href="/roller/;jsessionid=A9D9E2B6C93DC799B27254DABF154CC6"></a> > > > > > > > > | <a > > href="/roller/roller-ui/yourWebsites.do;jsessionid=A9D9E2B6C93DC799B2725 > > 4DABF154CC6?method=edit">Main Menu</a> > > > > > > > > > > > > | <a > > href="/roller/roller-ui/login-redirect.jsp;jsessionid=A9D9E2B6C93DC799B2 > > 7254DABF154CC6">Login</a> > > > > > > > > > > > > > > > > > > > > > > > > </td> > > > > </tr> > > > > </table> > > > > > > > > </div> > > > > > > > > > > > > > > > > </div> > > > > > > > > <div id="wrapper"> > > > > <div id="leftcontent_wrap"> > > > > <div id="leftcontent"> > > > > </div> > > > > </div> > > > > > > > > <div id="centercontent_wrap"> > > > > <div id="centercontent"> > > > > <h1></h1> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > <script type="text/javascript"> > > > > <!-- > > > > function dirty() { > > > > messages = document.getElementById("messages"); > > > > if (messages != null) { > > > > messages.className = "warnings"; > > > > var n1 = messages.childNodes[0]; > > > > var n2 = document.createTextNode("Unsaved changes"); > > > > messages.replaceChild(n2, n1); > > > > } > > > > } > > > > --> > > > > </script> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > <!-- > > > > Licensed to the Apache Software Foundation (ASF) under one or more > > > > contributor license agreements. The ASF licenses this file to You > > > > under the Apache License, Version 2.0 (the "License"); you may not > > > > use this file except in compliance with the License. > > > > You may obtain a copy of the License at > > > > > > > > http://www.apache.org/licenses/LICENSE-2.0 > > > > > > > > Unless required by applicable law or agreed to in writing, software > > > > distributed under the License is distributed on an "AS IS" BASIS, > > > > WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > > > > See the License for the specific language governing permissions and > > > > limitations under the License. For additional information regarding > > > > copyright in this work, please see the NOTICE file in the top level > > > > directory of this distribution. > > > > --> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > <h1>Welcome to Roller</h1> > > > > > > > > <p>Please enter your username and password to login.</p> > > > > > > > > > > > > > > > > <form method="post" > > > > id="loginForm" > > > > action="/roller/j_security_check;jsessionid=A9D9E2B6C93DC799B27254DABF15 > > 4CC6" > > > > onsubmit="saveUsername(this)"> > > > > > > > > <table> > > > > > > > > <tr> > > > > <th>Username:</th> > > > > <td> > > > > <input type="text" name="j_username" id="j_username" size="25" /> > > > > </td> > > > > </tr> > > > > > > > > <tr> > > > > <th>Password:</th> > > > > <td> > > > > <input type="password" name="j_password" id="j_password" size="20" /> > > > > </td> > > > > </tr> > > > > > > > > > > > > <tr> > > > > <td></td> > > > > <td> > > > > <input type="checkbox" name="rememberMe" id="rememberMe" /> > > > > <label for="rememberMe"> > > > > Remember Me > > > > </label> > > > > </td> > > > > </tr> > > > > > > > > > > > > <tr> > > > > <td></td> > > > > <td> > > > > <input type="submit" name="login" id="login" value="Login" /> > > > > <input type="reset" name="reset" id="reset" value="Reset" > > > > onclick="document.getElementById('j_username').focus()" /> > > > > </td> > > > > </tr> > > > > > > > > </table> > > > > > > > > </form> > > > > > > > > <script type="text/javascript"> > > > > <!-- > > > > > > > > if (document.getElementById) { > > > > if (getCookie("username") != null) { > > > > if (document.getElementById) { > > > > document.getElementById("j_username").value = getCookie("username"); > > > > document.getElementById("j_password").focus(); > > > > } > > > > } else { > > > > document.getElementById("j_username").focus(); > > > > } > > > > } > > > > > > > > function saveUsername(theForm) { > > > > var expires = new Date(); > > > > expires.setTime(expires.getTime() + 24 * 30 * 60 * 60 * 1000); // sets > > it for approx 30 days. > > > > setCookie("username",theForm.j_username.value,expires); > > > > } > > > > //--> > > > > </script> > > > > > > > > </div> > > > > </div> > > > > > > > > <div id="rightcontent_wrap"> > > > > <div id="rightcontent"> > > > > </div> > > > > </div> > > > > </div> > > > > > > > > <div id="footer"> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Powered by <a href="http://roller.apache.org";>Apache Roller</a> > > > > 3.1 | > > > > > > > > <a href="http://opensource2.atlassian.com/projects/roller/";> > > > > Report an Issue</a> | > > > > > > > > <a > > href="http://cwiki.apache.org/confluence/display/ROLLER/Roller+User+Docu > > mentation"> > > > > User Guide</a> | > > > > > > > > <a > > href="http://cwiki.apache.org/confluence/display/ROLLER/Roller+Mailing+L > > ists"> > > > > Mailing Lists</a> > > > > > > > > > > > > > > > > > > > > </div> > > > > > > > > <div id="datetagdiv" > > > > style="position:absolute;visibility:hidden;background-color:white;layer- > > background-color:white;"> > > > > </div> > > > > </body> > > > > </html> > > > > > > > > Target blog returned HTTP response code 200 > > > > > > > > Editing weblog entry in weblog bus756 > > > > Title > > > > Status Published (Last updated ) > > > > Permalink http://misux.bus.sfu.ca:8080/roller/bus756/entry/test > > > > > > > > ----------------------------------------------------------- > > > > Michael Brydon, Ph.D. ([EMAIL PROTECTED]) > > > > Assistant Professor, Faculty of Business Administration > > > > Simon Fraser University > > > > Vancouver, Canada > > > > office (604) 291-5408 > > > > home office (604) 637-3640 > > > > > > > > > > > >
