Background: I run a jruby app under tomcat 8.0.29 in a context, namely /db. I run Apache 2.4.17 in front of it, proxying my url to tomcat using mod_proxy_balancer/ajp. For asthetics, i rewrite / for my URL (e.g. https://dashboard.domain.com) to the tomcat context uri /db, and then ProxyPass/ProxyPassReverse /db to tomcat (so esentially https://dashboard.domain.com/db/). No problem. The app, upon this request, will redirect the user with a 301 redirect to the main page. If there's no session, the app then redirects the user with a 302 to the sign in page.
Problem: Upon updating to tomcat 8.0.30, instead of receiving a 301 response back, tomcat returns a 500 error. I've included the error w/stack trace, along with my app's context.xml and web.xml below. I assume this has to do with https://bz.apache.org/bugzilla/show_bug.cgi?id=56917 that was introduced in 8.0.30. I have added the parameters mapperContextRootRedirectEnabled="true" and mapperDirectoryRedirectEnabled="true" that were mentioned in the "CSRF errors after upgrade of tomcat 8 <https://mail-archives.apache.org/mod_mbox/tomcat-users/201512.mbox/ajax/%3C5671270D.2050705%40apache.org%3E> " mailing list thread to my server context.xml file (they didn't have any effect in the app's context.xml) and this has resolved my problem. It's interesting that now, instead of the 301 (on /), then the 302 (on main page), now I get a 302 (on /), then the 301 (on /db/), and then the 302 (on main page). Curl output is below for 8.0.29, 8.0.30 without changes and 8.0.30 with changes. My questions are: 1. Should the problem be occuring without the parameters added? 2. Is there a way to configure apache/tomcat so i don't need the added parameters, and don't incur the extra request? I realize that may be outside the scope of the list, if apache. Thanks, -Tony Error ------- Dec 16, 2015 1:13:06 PM org.apache.catalina.core.StandardWrapperValve invoke SEVERE: Servlet.service() for servlet [default] in context with path [/db] threw exception java.lang.IllegalArgumentException: The resource path [index.html] is not valid at org.apache.catalina.webresources.StandardRoot.validate(StandardRoot.java:250) at org.apache.catalina.webresources.StandardRoot.getResource(StandardRoot.java:212) at org.apache.catalina.webresources.StandardRoot.getResource(StandardRoot.java:206) at org.apache.catalina.servlets.DefaultServlet.serveResource(DefaultServlet.java:710) at org.apache.catalina.servlets.DefaultServlet.doGet(DefaultServlet.java:398) at javax.servlet.http.HttpServlet.service(HttpServlet.java:622) at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jruby.rack.RackFilter.doFilterInternal(RackFilter.java:78) at org.jruby.rack.UnmappedRackFilter.isDoDispatch(UnmappedRackFilter.java:111) at org.jruby.rack.AbstractFilter.isDoDispatch(AbstractFilter.java:107) at org.jruby.rack.AbstractFilter.doFilter(AbstractFilter.java:65) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) at org.apache.catalina.valves.StuckThreadDetectionValve.invoke(StuckThreadDetectionValve.java:208) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:521) at org.apache.coyote.ajp.AbstractAjpProcessor.process(AbstractAjpProcessor.java:850) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:674) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) context.xml ----------------- <Context antiResourceLocking="true"> <!-- Default set of monitored resources. If one of these changes, the --> <!-- web application will be reloaded. --> <WatchedResource>WEB-INF/web.xml</WatchedResource> <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource> </Context> web.xml ------------ <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"; id="db" metadata-complete="true" version="3.1"> <absolute-ordering /> </web-app> apache ---------- # Rewrite / to /db so the proxypass works RewriteRule ^/$ /db [NC,PT,L] # Check if a non-/db request doesn't exist as an apache asset, if so rewrite to /db and pass through RewriteCond %{REQUEST_URI} !^(/db$|/db/) RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-d RewriteRule ^/(.*)$ /db/$1 [NC,PT,QSA,L] # Proxy to tomcat ProxyPass /db balancer://loadbalancer/db ProxyPassReverse /db balancer://loadbalancer/db curl request to / in 8.0.29 ------------------------------------ > GET / HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: dashboard.domain.com > Accept: */* > < HTTP/1.1 301 Moved Permanently < Date: Thu, 17 Dec 2015 04:07:16 GMT < Server: None < Strict-Transport-Security: max-age=15768000 < Location: https://dashboard.domain.com/streams curl request to / in 8.0.30 (no changes) -------------------------------------------------------- > GET / HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: dashboard.domain.com > Accept: */* > < HTTP/1.1 500 Internal Server Error curl request to / in 8.0.30 (parameter changes) ------------------------------------------------------------------- > GET / HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: dashboard.domain.com > Accept: */* > < HTTP/1.1 302 Found < Date: Thu, 17 Dec 2015 19:42:53 GMT < Server: None < Strict-Transport-Security: max-age=15768000 < Location: /db/ > GET /db/ HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: dashboard.domain.com > Accept: */* > < HTTP/1.1 301 Moved Permanently < Date: Thu, 17 Dec 2015 19:43:47 GMT < Server: None < Strict-Transport-Security: max-age=15768000 < Location: https://dashboard.domain.com/streams
