Re: Apache http / mod_rewrite / mod_jk [hacked SOLUTION]
All, There was a bug in the patch that I posted. Below is the final patch I will post to the group. -chris *** common/jk_uri_worker_map.c 2003-09-06 11:37:21.0 -0400 --- common/jk_uri_worker_map.c.new 2004-04-08 14:23:10.0 -0400 *** *** 80,85 --- 80,86 #define MATCH_TYPE_GENERAL_SUFFIX (3) /* match all URIs of the form *ext */ /* match all context path URIs with a path component suffix */ #define MATCH_TYPE_CONTEXT_PATH (4) + #define MATCH_TYPE_JSESSIONID (5) struct uri_worker_record { /* Original uri for logging */ *** *** 300,305 --- 301,317 "Into jk_uri_worker_map_t::uri_worker_map_open, " "suffix rule %s.%s=%s was added\n", uri, asterisk + 3, worker); + } else if(0 == strncmp("/*" JK_PATH_SESSION_IDENTIFIER "*",asterisk,14) ) { + /* jsessionid rule */ + asterisk[1] = '\0'; + uwr->worker_name = worker; + uwr->context = uri; + uwr->suffix = "\0"; /* avoids some problems */ + uwr->match_type = MATCH_TYPE_JSESSIONID; + jk_log(l, JK_LOG_DEBUG, + "Into jk_uri_worker_map_t::uri_worker_map_open, " + "jsessionid rule %s*;jsessionid*=%s was added\n", + uri, worker); } else if ('\0' != asterisk[2]) { /* general suffix rule */ asterisk[1] = '\0'; *** *** 478,483 --- 490,523 *d = '\0'; } + uri_worker_record_t *check_jsessionid_matches(char *uri, + jk_uri_worker_map_t *uw_map, + jk_logger_t *l) + { + unsigned i; + uri_worker_record_t *match = NULL; + + for(i = 0 ; i < uw_map->size ; i++) { + uri_worker_record_t *uwr = uw_map->maps[i]; + + if(MATCH_TYPE_JSESSIONID == uwr->match_type) { + /* Check context match */ + + if(0 == strncmp(uwr->context, + uri, + uwr->ctxt_len)) { + /* Looks like a match: URI contains ";jsessionid", context matches */ + + jk_log(l, JK_LOG_DEBUG, "check_jsessionid_matches: Found context match: %s\n", uwr->context); + + match = uwr; + break; + } + } /* MATCH_TYPE_JSESSIONID */ + } /* foreach mapping */ + + return match; + } char *map_uri_to_worker(jk_uri_worker_map_t *uw_map, char *uri, *** *** 493,498 --- 533,545 char *url_rewrite = strstr(uri, JK_PATH_SESSION_IDENTIFIER); if(url_rewrite) { + uri_worker_record_t *match = check_jsessionid_matches(uri, uw_map, l); + if(NULL != match) { + jk_log(l, JK_LOG_DEBUG, "Mapped URI %s to context %s using jsessioni match\n", uri, match->context); + + return match->worker_name; + } + *url_rewrite = '\0'; } jk_no2slash(uri); *** *** 559,564 --- 606,615 } } } + } else if (MATCH_TYPE_JSESSIONID == uwr->match_type) { + + /* do nothing -- these have already been handled */ + } else /* suffix match */ { int suffix_start; signature.asc Description: OpenPGP digital signature
Re: Apache http / mod_rewrite / mod_jk [hacked SOLUTION]
All, Here is my solution to the jsessionid issue discussed in this thread. The problem is that when Tomcat encodes URLs without knowing if the browser supports cookies, it adds ";jsessionid=BLAHBLAH" to each encoded URL. This is perfectly normal behavior. However, when using Apache httpd, Apache does not properly handle the addition of the ";jsessionid" information, and fails to serve up the proper file. One of the simplest solutions is to simply pass requests including the jsessionid information to Tomcat and let Tomcat handle them. mod_jk does not support this type of behavior, since it only does simple context matches (like /context/*", suffix-based context matches (/context/*.suffix) or exact matches (/context/j_security_check). I have modified mod_jk to allow URIs of this special form: /context/*;jsessionid* So you can actually do this in your configuration file: JkMount /context/*;jsessionid* my_worker The syntax matches what I figured was the most natural way to write this in a configuration file. Note that this fix does not actually let you use wildcards as flexibly as the config directive would lead you to believe. It only works with the specific string "*;jsessionid*" after the context and slash character. Below is the diff for jk_uri_worker_map.c. It works on my configuration. I hope it may help others. I would love to receive any constructive criticism of this patch. Feel free to email me directly. All the best, -chris = [EMAIL PROTECTED] common]$ diff -bc jk_uri_worker_map.c jk_uri_worker_map.c.new *** jk_uri_worker_map.c 2003-09-06 11:37:21.0 -0400 --- jk_uri_worker_map.c.new 2004-04-08 10:07:36.0 -0400 *** *** 80,85 --- 80,86 #define MATCH_TYPE_GENERAL_SUFFIX (3) /* match all URIs of the form *ext */ /* match all context path URIs with a path component suffix */ #define MATCH_TYPE_CONTEXT_PATH (4) + #define MATCH_TYPE_JSESSIONID (5) /* match all URLs that contains a jsessionid */ struct uri_worker_record { /* Original uri for logging */ *** *** 300,305 --- 301,316 "Into jk_uri_worker_map_t::uri_worker_map_open, " "suffix rule %s.%s=%s was added\n", uri, asterisk + 3, worker); + } else if(0 == strncmp("/*" JK_PATH_SESSION_IDENTIFIER "*",asterisk,14) ) { + /* jsessionid interceptor */ + asterisk[1] = '\0'; + uwr->worker_name = worker; + uwr->context = uri; + uwr->match_type = MATCH_TYPE_JSESSIONID; + jk_log(l, JK_LOG_DEBUG, + "Into jk_uri_worker_map_t::uri_worker_map_open, " + "jsessionid rule %s*;jsessionid*=%s was added\n", + uri, worker); } else if ('\0' != asterisk[2]) { /* general suffix rule */ asterisk[1] = '\0'; *** *** 478,483 --- 489,522 *d = '\0'; } + uri_worker_record_t *check_jsessionid_matches(char *uri, + jk_uri_worker_map_t *uw_map, + jk_logger_t *l) + { + unsigned i; + uri_worker_record_t *match = NULL; + + for(i = 0 ; i < uw_map->size ; i++) { + uri_worker_record_t *uwr = uw_map->maps[i]; + + if(MATCH_TYPE_JSESSIONID == uwr->match_type) { + /* Check context match */ + + if(0 == strncmp(uwr->context, + uri, + uwr->ctxt_len)) { + /* Looks like a match: URI contains ";jsessionid", context matches */ + + jk_log(l, JK_LOG_DEBUG, "check_jsessionid_matches: Found context match: %s\n", uwr->context); + + match = uwr; + break; + } + } /* MATCH_TYPE_JSESSIONID */ + } /* foreach mapping */ + + return match; + } char *map_uri_to_worker(jk_uri_worker_map_t *uw_map, char *uri, *** *** 493,498 --- 532,544 char *url_rewrite = strstr(uri, JK_PATH_SESSION_IDENTIFIER); if(url_rewrite) { + uri_worker_record_t *match = check_jsessionid_matches(uri, uw_map, l); + if(NULL != match) { + jk_log(l, JK_LOG_DEBUG, "Mapped URI %s to context %s using jsessionid match\n", uri, match->context); + + return match->worker_name; + } + *url_rewrite = '\0'; } jk_no2slash(uri); signature.asc Description: OpenPGP digital signature
Re: Apache http / mod_rewrite / mod_jk
All, JkMount /myapp/*;jsessionid=* workerX > This particular directive seems to be ignored on my setup. I guess I'll just look at the module source and figure it out myself. It turns out that mod_jk does not consider ";jsessionid=" part of the URL when it does matching. :( From mod_jk.log: [jk_uri_worker_map.c (486)]: Into jk_uri_worker_map_t::map_uri_to_worker [jk_uri_worker_map.c (500)]: Attempting to map URI '/app/includes/css/styles.css' [jk_uri_worker_map.c (618)]: jk_uri_worker_map_t::map_uri_to_worker, done without a match [jk_uri_worker_map.c (486)]: Into jk_uri_worker_map_t::map_uri_to_worker [jk_uri_worker_map.c (500)]: Attempting to map URI '/app/images/select.gif' [jk_uri_worker_map.c (618)]: jk_uri_worker_map_t::map_uri_to_worker, done without a match Both of these URLs definately have the session id attached to them. jk_uri_worker_map.c::map_uri_to_worker contains the following code torards the beginning of the function: char *url_rewrite = strstr(uri, JK_PATH_SESSION_IDENTIFIER); if(url_rewrite) { *url_rewrite = '\0'; } jk_no2slash(uri); So, they completely strip-out the sessionid before checking (JK_PATH_SESSION_IDENTIFIER = ";jsessionid"). My conclusion is that there's no support for this kind of think in mod_jk. The following matches are supported (from the code docs): " * Exact Context -> /exact/uri=worker e.g. /examples/do*=ajp12 * * Context Based -> /context/*=worker e.g. /examples/*=ajp12 * * Context and suffix ->/context/*.suffix=worker e.g. /examples/*.jsp=ajp12* " It's not a simple fix to add the kind of checking I'm talking about. I'll poke around to find out how this might be done. If there are any mod_jk hackers on the list reading this thread, please let me know. Also, if anyone knows if this works in other connectors (i.e. jk2), please let me know. I'm putting all of this in a post so that it gets into the archives. I'm also adding this sentence to help out with searches: The problem is with jsessionid, Apache, mod_jk and is most often characterized by broken images and failure to load stylesheets when URLs are encoded in Java doe these resources. Thanks, -chris signature.asc Description: OpenPGP digital signature
Re: Apache http / mod_rewrite / mod_jk
Kenneth, Instead of directly redirect to mod_jk, can you just use mod_write to "insert" a directory prefix which can trigger mod_jk? That's an idea. If I did that, how could I get Tomcat to figure out the right path, then? Can I do a reverse rewrite in Tomcat? Thanks, -chris signature.asc Description: OpenPGP digital signature
Re: Apache http / mod_rewrite / mod_jk
Yoav, Do you know if this is supposed to work? JkMount /myapp/*;jsessionid=* workerX It has allegedly worked for some other people. I don't know if it's supposed to work. Is it difficult to test? I have tested it. It does not work for me. Others claim that it does work. I'm wondering if I have something wrong. I've been using mod_jk for years with no problems. I have multiple workers and multiple applications, all running fine. This particular directive seems to be ignored on my setup. I guess I'll just look at the module source and figure it out myself. -chris signature.asc Description: OpenPGP digital signature
RE: Apache http / mod_rewrite / mod_jk
Instead of directly redirect to mod_jk, can you just use mod_write to "insert" a directory prefix which can trigger mod_jk? Kenneth -Original Message- From: Christopher Schultz [mailto:[EMAIL PROTECTED] Sent: Thursday, April 08, 2004 3:28 AM To: Tomcat Users List Subject: Apache http / mod_rewrite / mod_jk All, The archives show this questions being asked all the time, but with no useful responses. Please let me know if this is a known unresolved or unresolvable issue. All solutions posted anywhere for "jsessionid makes Apache go beaindead" apparently use a mod_rewrite incantation similar to the following: RewriteEngine on # Force URLs with a jsessionid to go to Tomcat. Necessary because # Apache doesn't recognise that the semi-colon is special. RewriteRule ^(/.*;jsessionid=.*)$ $1 [T=jserv-servlet] While I'm sure this worked out great the people using mod_jserv back in 1997, it does not work for mod_jk. For one thing, it does not even let you specify which worker to use :( Back in the day, Craig responded by pointing to a Tomcat FAQ entry which no longer exists, but presumably had something to do with Apache's mod_rewrite. On the other hand, a solution was posted (and confirmed by some readers) that the following works: JkMount /test/*;jsessionid=* ajp13 This seems very obvious, and there's a caveat about how it might not work on "older" versions of mod_jk. It apparently does not work for me. I'm using mod_jk (not mod_jk2), version 1.2.5 (current release) on Apache 2.0.48 as a dynamic module on Linux -- everything compiled myself with nothing out of the ordinary. Can anyone offer any advice? I've just been sucking it up and ignoring this problem for a while, now (years). Is there actually a solution out there for this? Am I just mistyping the JkMount configuration? Anyone, please help. Thanks, -chris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Apache http / mod_rewrite / mod_jk
Hi, >Like this: OK, that's what I figured. I wouldn't call once or twice a year "all the time" but that's besides the point, as the issue undoubtedly exists ;) >Do you know if this is supposed to work? > >JkMount /myapp/*;jsessionid=* workerX > >It has allegedly worked for some other people. I don't know if it's supposed to work. Is it difficult to test? Yoav Shapira This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Apache http / mod_rewrite / mod_jk
Yoav, I have no clue as to your actual question, but I'm curious: The archives show this questions being asked all the time, but with no How do you define "all the time" in the statement above? Like this: Dubious responses: http://www.mail-archive.com/[EMAIL PROTECTED]/msg84808.html http://www.mail-archive.com/[EMAIL PROTECTED]/msg74207.html http://www.mail-archive.com/[EMAIL PROTECTED]/msg84936.html (references a URL @ Google Groups with a "simple" solution that does not appear to work for me) References Craig's "pointers": http://www.mail-archive.com/[EMAIL PROTECTED]/msg78826.html No responses: http://www.mail-archive.com/[EMAIL PROTECTED]/msg75615.html That's just in the tomcat-user archives. Similar discussions occur in other forums (fora?), like jGuru. Do you know if this is supposed to work? JkMount /myapp/*;jsessionid=* workerX It has allegedly worked for some other people. -chris signature.asc Description: OpenPGP digital signature
RE: Apache http / mod_rewrite / mod_jk
Howdy, I have no clue as to your actual question, but I'm curious: >The archives show this questions being asked all the time, but with no How do you define "all the time" in the statement above? Yoav Shapira This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Apache http / mod_rewrite / mod_jk
All, The archives show this questions being asked all the time, but with no useful responses. Please let me know if this is a known unresolved or unresolvable issue. All solutions posted anywhere for "jsessionid makes Apache go beaindead" apparently use a mod_rewrite incantation similar to the following: RewriteEngine on # Force URLs with a jsessionid to go to Tomcat. Necessary because # Apache doesn't recognise that the semi-colon is special. RewriteRule ^(/.*;jsessionid=.*)$ $1 [T=jserv-servlet] While I'm sure this worked out great the people using mod_jserv back in 1997, it does not work for mod_jk. For one thing, it does not even let you specify which worker to use :( Back in the day, Craig responded by pointing to a Tomcat FAQ entry which no longer exists, but presumably had something to do with Apache's mod_rewrite. On the other hand, a solution was posted (and confirmed by some readers) that the following works: JkMount /test/*;jsessionid=* ajp13 This seems very obvious, and there's a caveat about how it might not work on "older" versions of mod_jk. It apparently does not work for me. I'm using mod_jk (not mod_jk2), version 1.2.5 (current release) on Apache 2.0.48 as a dynamic module on Linux -- everything compiled myself with nothing out of the ordinary. Can anyone offer any advice? I've just been sucking it up and ignoring this problem for a while, now (years). Is there actually a solution out there for this? Am I just mistyping the JkMount configuration? Anyone, please help. Thanks, -chris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]