Wes, Go ahead, stir the pot!!! WAS 6.1 is a total cluster. I would love to drop kick it out of here.
By the way, my security problem really wasn't fixed. Here is how I fixed. I gave the team the green light to start testing on DEV and they all said they were getting 404 errors. I showed them that I was testing the application from my box, but as soon as I closed my browser and tried again I too got the 404 error. The basic auth session must live on cached in the header. I got signed in because I created that test file under a directory mirroring my action namespace. Once I saw security was working I removed it, and some other test files, and redeployed the application. In the end, the only way I could get Basic Auth to work running Struts 2.1.6 on WAS 6.1.0.19 was by putting a physical file in protected resource path: http://myServer/myContext/mySecurePath/index.html. The file does a redirect to the desired protected struts 2 action. When you hit that HTML file it causes WebSphere to do the Basic Auth challenge, after which the user gets redirected to Strtus 2 and life is good. The WAS Admin is downloading 6.1.0.23. Perhaps it will work better. Steve Mitchell http://www.ByteworksInc.com -----Original Message----- From: Wes Wannemacher [mailto:w...@wantii.com] Sent: Thursday, June 04, 2009 11:39 AM To: Struts Users Mailing List Subject: Re: Adding Struts 2.1.6 on WAS 6.1 breaks welcome-file in web.xml For the record, we have requested licenses for WebSphere because there have been more than a few problems. I know Martin Cooper worked hard to get us access to different versions of WebSphere in a way that kept apache, us developers and struts safe while keeping IBM happy. I don't think we were ever told "no," but the process has been very slow. //not really trying to stir the pot (well, maybe a little) -Wes On Thu, Jun 4, 2009 at 12:11 PM, Mitchell, Steven <steven.mitch...@umb.com> wrote: > Half of this problem has been solved--the important half. During testing I > disabled security to verify that all of the Struts2 mappings worked, which > they did. When my war was deployed to WebSphere by our auto-deploy script it > caused the LDAP role mappings to be dropped, which is the reason why security > did not once I re-enabled it. > > The problem with the welcome file persists. As a test, I commented out the > Struts 2 filers. I created a directory matching a secured Struts 2 > namespace, and added a HTML file matching the welcome-file in the web.xml > file. When I hit the base URL of the protected Strtus2 namespace, > http://myServer/myContext/mySecuredNameSpace/, with the Struts 2 filter > disabled Basic auth was triggered and WebSphere successfully returned the > index.html file in the root of that directory. When I re-enabled the Struts > 2 filters the welcome-file quit working again. > > I would still like to understand why the welcome-file doesn't work on > WebSphere 6.1 with Struts 2, but it is not a show stopper. We will simply > provide the users a deep link directly to the desired, secured action. > > Steve Mitchell > http://www.ByteworksInc.com > > -----Original Message----- > From: Mitchell, Steven > Sent: Wednesday, June 03, 2009 4:48 PM > To: 'Struts Users Mailing List' > Subject: RE: Adding Struts 2.1.6 on WAS 6.1 breaks welcome-file in web.xml > > Wes, > > That was an interesting exercise. I changed my welcome-file to be > "index.action", added the zero-byte file "/webapp/index.action", and defined > the following action: > > <action name="index" > > <result>/index.html</result> > </action> > > This worked the same on Tomcat 5.5 as it did when my welcome-file was just > "index.html." Unfortunately, on WebSphere I still got the message: "Error > 404: There is no Action mapped for namespace / and action name index ." Of > course, if I type http://myserver/mycontext/index.action in the browser that > works fine. Something is seriously hosed on WAS 6.1. > > I've asked the WAS Admin to bump us up to 6.1.0.23 and I'll continue testing > tomorrow. > > Thank you for your suggestion. > > Steve Mitchell > http://www.ByteworksInc.com > > -----Original Message----- > From: Mitchell, Steven [mailto:steven.mitch...@umb.com] > Sent: Wednesday, June 03, 2009 4:18 PM > To: Struts Users Mailing List > Subject: RE: Adding Struts 2.1.6 on WAS 6.1 breaks welcome-file in web.xml > > Wes, > > Boy do I wish the client would just use Tomcat! I'll try going down the > action route. I'm actually using index.html now, which is a real file that I > can access if I type the whole URL: http://myserver/mycontext/index.html. If > I understand what you are asking me to try, I will create a zero byte > /webapp/index.action, change my Web.xml from: > > <welcome-file-list> > <welcome-file>index.html</welcome-file> > </welcome-file-list> > > to: > > <welcome-file-list> > <welcome-file>index.action</welcome-file> > </welcome-file-list> > > and add an action named "index". Is that correct? Actually, my index.html > redirects to /mynamespace/myaction.action. If I just used that I would need > to create a directory named /mynamespace with a zero byte file called > myaction.action. Is that correct? > > Steve Mitchell > http://www.ByteworksInc.com > > -----Original Message----- > From: Wes Wannemacher [mailto:w...@wantii.com] > Sent: Wednesday, June 03, 2009 4:00 PM > To: Struts Users Mailing List > Subject: Re: Adding Struts 2.1.6 on WAS 6.1 breaks welcome-file in web.xml > > On Wed, Jun 3, 2009 at 4:54 PM, Mitchell, Steven > <steven.mitch...@umb.com> wrote: > [...] >> >> Error 404: SRVE0190E: File not found: /secure/MySecureAction.action > [...] > > I don't know about all of the problems, but one thing that might help > you understand this a little bit... This 404 might not be WAS' fault. > In the Spec (can't remember if it was 2.3 / 2.4) it was specified that > a file had to exist on the file system for it to be usable as a > welcome-file. This is sort of a pain for Struts2. One quick hack that > worked in Tomcat is to just create a zero-byte file called > index.action. I can't guarantee that WAS will be happy with that, but > I have used that before. > > -Wes > > > -- > Wes Wannemacher > Author - Struts 2 In Practice > Includes coverage of Struts 2.1, Spring, JPA, JQuery, Sitemesh and more > http://www.manning.com/wannemacher > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org > > > ------------------------------------------------------------------------------ > NOTICE: This electronic mail message and any attached files are > confidential. The information is exclusively for the use of the individual > or entity intended as the recipient. If you are not the intended recipient, > any use, copying, printing, reviewing, retention, disclosure, distribution or > forwarding of the message or any attached file is not authorized and is > strictly prohibited. If you have received this electronic mail message in > error, please advise the sender by reply electronic mail immediately and > permanently delete the original transmission, any attachments and any copies > of this message from your computer system. Thank you. > > ============================================================================== > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org > > -- Wes Wannemacher Author - Struts 2 In Practice Includes coverage of Struts 2.1, Spring, JPA, JQuery, Sitemesh and more http://www.manning.com/wannemacher --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
