Re: encodeURL, jsessionid and mod_rewrite ?

Wed, 04 Oct 2017 00:54:07 -0700 

On 04.10.2017 02:44, Christopher Schultz wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Laurant,

On 10/3/17 5:17 PM, Laurent Perez wrote:

I'm using apache+mod_proxy+mod_rewrite as a tomcat frontend. A
"foo" war is deployed at /foo context path under tomcat. The /foo
path is not public, apache has a rewrite rule defined as : /bar/*
rewrites internally to /foo/*.

I'm using jstl and its <c:url value="page.jsp"> for every url in my
jsps to gain the ;jsessionid from encodeURL whenever jsessionid
cookie is not yet set (1st requests)

Now my question is : the <c:url> results in a
"/foo/page.jsp;jsessionid=..." I want the result instead as
/bar/pages.jsp;jsessionid=....

Should I go straight for a HttpServletResponseWrapper replacing
every /foo/ with /bar/ or is there a more elegant way ? If the
apache rewrite rule is modified - say, to /barv2/, is it ok to use
mod_headers to pass the original path instead of hardcoding /bar/
?


You are going down a path that will produce endless problems, hacks,
and ugly solutions to those problems. It will be much easier for you
to simply re-name your application from "foo" to "bar" and not worry
about any of this rewriting foolishness.

- -chris


+1.
I can only agree 100% with what Chris is saying above.
The fact that you /can/ do these things at the front-end proxy level, does not mean that it is a good idea to do it. There are probably cases when you can *really* not do otherwise, and that's why these mechanisms are there. But doing this, brings endless other practical inconvenients, extra work, confusion, documentation issues, understanding issues 6 months later, support issues, etc. 
So, in a nutshell : don't do it.
P.S. The annoying bit about recommendations such as the above, is that if you follow them, you will not even know how much work and hassle you have saved to yourself, and 
1) you will not even feel thankful
and
2) we won't have the satisfaction of saying later : "well, we told you so"
;-)



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to