RE: URL rewriting help
> -Original Message- > From: Thiago H de Paula Figueiredo [mailto:thiag...@gmail.com] > Sent: Thursday, March 10, 2016 10:02 AM > > On Thu, 10 Mar 2016 10:55:41 -0300, Tony Nelson > wrote: > > > Hi All, > > Hello, Tony! > Hello again Thiago, > > I need to map URLs from our old application to the new URLs in our 5.3 > > app. Yesterday I found this page: > > > > http://blog.tapestry5.de/index.php/2010/09/06/new-url-rewriting-api/ > > For rewriting incoming requests, but not for rewriting the URLs generated by > Tapestry (usually, you need to have both), I suggest taking a look at > this: > http://tapestry.machina.com.br/2013/10/1/tapestry-url-rewriter-2-0-0- > released. > The T5.1 was very bad for rewriting outgoing URLs, but I think it was very > good for incoming ones. > This was SO MUCH EASIER! And to top it off, it works. > By that way, that very blogging engine was written by me and uses Tapestry > URL rewriter 2.0.0 itself. Sources here: > https://github.com/thiagohp/eloquentia. > I had to look in the AppModule of your blogging software to figure out how to contribute my rules, maybe you could copy that to the example in the blog post. Thanks again for all your hard work Thiago. Tony Since 1982, Starpoint Solutions has been a trusted source of human capital and solutions. We are committed to our clients, employees, environment, community and social concerns. We foster an inclusive culture based on trust, respect, honesty and solid performance. Learn more about Starpoint and our social responsibility at http://www.starpoint.com/social_responsibility This email message from Starpoint Solutions LLC is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Opinions, conclusions and other information in this message that do not relate to the official business of Starpoint Solutions shall be understood as neither given nor endorsed by it.
Re: URL rewriting help
On Thu, 10 Mar 2016 10:55:41 -0300, Tony Nelson wrote: Hi All, Hello, Tony! I need to map URLs from our old application to the new URLs in our 5.3 app. Yesterday I found this page: http://blog.tapestry5.de/index.php/2010/09/06/new-url-rewriting-api/ For rewriting incoming requests, but not for rewriting the URLs generated by Tapestry (usually, you need to have both), I suggest taking a look at this: http://tapestry.machina.com.br/2013/10/1/tapestry-url-rewriter-2-0-0-released. The T5.1 was very bad for rewriting outgoing URLs, but I think it was very good for incoming ones. By that way, that very blogging engine was written by me and uses Tapestry URL rewriter 2.0.0 itself. Sources here: https://github.com/thiagohp/eloquentia. -- Thiago H. de Paula Figueiredo Tapestry, Java and Hibernate consultant and developer http://machina.com.br - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
URL rewriting help
Hi All, I need to map URLs from our old application to the new URLs in our 5.3 app. Yesterday I found this page: http://blog.tapestry5.de/index.php/2010/09/06/new-url-rewriting-api/ Following that I wrote my first rewrite rule /maintenance/agency_required_documents.htm?agencyId=86 to /company/AgencyRequiredDocuments/86 That works fine. This morning I tried my second URL /candidate/ViewPayRate.external?sp=23761 to /candidate/ViewPayRate/23761/true Unfortunately, it seems since the base page name ViewPayRate resolves fine, 5.3 looks at ".external" as a component, and I get the following exception: Component candidate/ViewPayRate does not contain embedded component 'external'. Screenshot: http://take.ms/nLDlR My URL Rewriter isn't even being called, I presume because candidate/ViewPayRate resolves to a valid page. I verified this by slightly changing the input URL to something that wouldn't match, and my rewrite was called and everything worked fine. What is my best approach for this? I'm leaning towards putting my rewrite rules in nginx, but I was really hoping to keep this all in code. Any hints or suggestions would be greatly appreciated. For completeness, here is my existing code: public class OldCodeBaseLinkTransformer implements PageRenderLinkTransformer { @Inject @SuppressWarnings("unused") private Logger logger; @Inject private ValueEncoderSource valueEncoderSource; @Override public Link transformPageRenderLink(Link defaultLink, PageRenderRequestParameters parameters) { logger.debug("LOOK: " + defaultLink.getBasePath()); return defaultLink; } @Override public PageRenderRequestParameters decodePageRenderRequest(Request request) { final String path = request.getPath(); logger.info("path: " + path); if (path.startsWith("/maintenance/agency_required_documents.htm")) { final String agencyId = request.getParameter("agencyId"); final EventContext context = new LinkContext(valueEncoderSource).putValue(agencyId); return new PageRenderRequestParameters("company/AgencyRequiredDocuments", context, false); } else if (path.startsWith("/candidate/ViewPayRate.external")) { final String id = request.getParameter("sp"); final EventContext context = new LinkContext(valueEncoderSource).putValue(id).putValue("true"); return new PageRenderRequestParameters("candidate/viewpayrate", context, false); } return null; } } and my contribution @Contribute(PageRenderLinkTransformer.class) @Primary public static void provideURLRewriting( OrderedConfiguration configuration) { configuration.addInstance( "OldCodeBaseLink", OldCodeBaseLinkTransformer.class); } Since 1982, Starpoint Solutions has been a trusted source of human capital and solutions. We are committed to our clients, employees, environment, community and social concerns. We foster an inclusive culture based on trust, respect, honesty and solid performance. Learn more about Starpoint and our social responsibility at http://www.starpoint.com/social_responsibility This email message from Starpoint Solutions LLC is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Opinions, conclusions and other information in this message that do not relate to the official business of Starpoint Solutions shall be understood as neither given nor endorsed by it. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: SSL on url demand
I think you could override the service RequestSecurityManager and make it do whatever you want. On Wednesday, March 9, 2016, h3ph3st0s wrote: > Hi, > > I built a small tapestry page under jboss. I read that in order to apply > SSL I had to either put @Secure annotation or configure with > configuration.add(MetaDataConstants.SECURE_PAGE, "true"); > > Everything is ok with that, but my issue how can I make this to be > reconfigured each time depending the url if it has "http" or "https" and > without restarting application server. > > The request is that the application should be accessed with or without > SSL. Jboss is configured ok. But I am stack with this hardcoded "true". > > Can I override it ? > Is there any other workaround ? > > Just for clarification I wanted something like that ( depending on the url > ) : > String jbossDir= System.getProperty("jboss.server.base.dir"); > System.out.println(jbossDir); > Properties appProp = new Properties(); > try { > appProp.load(new BufferedInputStream(new > FileInputStream(String.format("%s/app.properties", jbossDir ) ))); > String ssl = appProp.getProperty("SSL"); > if ( ssl !=null ) { > ssl = ssl.toLowerCase().trim(); > } > *configuration.add(MetaDataConstants.SECURE_PAGE, ssl);* > } catch (FileNotFoundException e) { > configuration.add(MetaDataConstants.SECURE_PAGE, "true"); > e.printStackTrace(); > } catch (IOException e) { > configuration.add(MetaDataConstants.SECURE_PAGE, "true"); > e.printStackTrace(); > }* > ** > * >
Re: SSL on url demand
I has been a long while since I looked at this, but as far as i can remember that setting allows the application to work in both http / https mode depending on the protocol specified by the request (we use T5.4) - so if the page is requested using https all links that are generated are respecting that. -- Chris On Thu, Mar 10, 2016 at 12:34 PM, h3ph3st0s wrote: > Chris hi, > thanks for the answer but this is already tested & it works. But it is > hard-coded and practically does not allow me to switch on or off the > overall SSL context per user request. > > I have seen other applications that work either http or https > simultaneously without redeploying new compiled code. > Is there a way to accomplish this with tapestry ( for java and javascript > part ) framework version 5.3? > > Regards > Dimitri > > On 2016-03-10 12:40, Chris Poulsen wrote: > >> I think we're handling it like this: >> >> // default to non-secure pages (allows us to support both http and https >> based on the incoming request) >> configuration.add( SymbolConstants.SECURE_ENABLED, "false" ); >> >> HTH. >> >> > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
Re: SSL on url demand
Chris hi, thanks for the answer but this is already tested & it works. But it is hard-coded and practically does not allow me to switch on or off the overall SSL context per user request. I have seen other applications that work either http or https simultaneously without redeploying new compiled code. Is there a way to accomplish this with tapestry ( for java and javascript part ) framework version 5.3? Regards Dimitri On 2016-03-10 12:40, Chris Poulsen wrote: I think we're handling it like this: // default to non-secure pages (allows us to support both http and https based on the incoming request) configuration.add( SymbolConstants.SECURE_ENABLED, "false" ); HTH. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Ajax SSL Tapestry 5.3
Hi I am really amateur to this framework but I think this is the java side, right ?. Is it something that I can follow perhaps in the other question with SSL I had ? ( to turn on or off SSL on http request ? ) For this thread of mails the problem stands within the ZoneUpdater.js which is javascript. There I did ( on my opinion ) a very bad hack to replace the string of url from http to https Is there a more clever way to achieve this ? Kind regards, Dimitri On 2016-03-10 4:22, JumpStart wrote: I think it would be better to figure this out server-side. Look at the request to see if it’s HTTPS, but allow override with a parameter to the mixin. /** * Set secure to true if https is being used, else set to false. If not provided then we set it to the value of * Request.isSecure(). */ @Parameter(name = "secure", defaultPrefix = BindingConstants.LITERAL) private Boolean secure; @Inject private Request request; void afterRender() { boolean useHttps = false; if (secure == null) { useHttps = request.isSecure(); } else { useHttps = secure; } String listenerURI = componentResources.createEventLink(event, context).toAbsoluteURI(useHttps); … I’ll update JumpStart soon to do the same. Geoff On 10 Mar 2016, at 2:33 AM, h3ph3st0s wrote: Hi! In the ZoneUpdate.js I have is it ok that I inserted after this line of code : var listenerURIWithValue = this.listenerURI; the following : listenerURIWithValue=listenerURIWithValue.replace("http","https"); I mean, using 5.3 and Tapestry (not JQuery ) is this the right approach or is there some other flag that I should switch on in tapestry configuration ? If I don't do that ajax call gives "Access Denied" leading to failure on using the form. Kind regards, Dimitris - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: SSL on url demand
Hi and thank you for the responses, Perhaps it was not clear the question. If I use configuration or "-D" or @Secure then I am stack application wide for entire usage. What I would like to know if there is a way to switch on or off depending if the user requested https and port e.g. 8443 OR http and port 8080. But without restart of applicationserver or redeployment. Thanks, Dimitri On 2016-03-10 4:36, JumpStart wrote: The simple answer is - the whole world is being moved to HTTPS very rapidly so just go with it, for EVERY request. See http://motherboard.vice.com/read/google-will-soon-shame-all-websites-that-are-unencrypted-chrome-https To do this, in your AppModule just set configuration.add(MetaDataConstants.SECURE_PAGE, "true”); then in production, staging, UAT, etc. set this system property... -Dtapestry.secure-enabled=true and in development you might like to turn it off… -Dtapestry.secure-enabled=false Alternatively, if you really must allow some requests to use HTTP, then follow the tips in here: http://tapestry.apache.org/https.html HTH, Geoff On 9 Mar 2016, at 9:56 PM, h3ph3st0s wrote: Hi, I built a small tapestry page under jboss. I read that in order to apply SSL I had to either put @Secure annotation or configure with configuration.add(MetaDataConstants.SECURE_PAGE, "true"); Everything is ok with that, but my issue how can I make this to be reconfigured each time depending the url if it has "http" or "https" and without restarting application server. The request is that the application should be accessed with or without SSL. Jboss is configured ok. But I am stack with this hardcoded "true". Can I override it ? Is there any other workaround ? Just for clarification I wanted something like that ( depending on the url ) : String jbossDir= System.getProperty("jboss.server.base.dir"); System.out.println(jbossDir); Properties appProp = new Properties(); try { appProp.load(new BufferedInputStream(new FileInputStream(String.format("%s/app.properties", jbossDir ) ))); String ssl = appProp.getProperty("SSL"); if ( ssl !=null ) { ssl = ssl.toLowerCase().trim(); } *configuration.add(MetaDataConstants.SECURE_PAGE, ssl);* } catch (FileNotFoundException e) { configuration.add(MetaDataConstants.SECURE_PAGE, "true"); e.printStackTrace(); } catch (IOException e) { configuration.add(MetaDataConstants.SECURE_PAGE, "true"); e.printStackTrace(); }* ** * - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: SSL on url demand
I think we're handling it like this: // default to non-secure pages (allows us to support both http and https based on the incoming request) configuration.add( SymbolConstants.SECURE_ENABLED, "false" ); HTH. -- Chris On Thu, Mar 10, 2016 at 3:36 AM, JumpStart < geoff.callender.jumpst...@gmail.com> wrote: > The simple answer is - the whole world is being moved to HTTPS very > rapidly so just go with it, for EVERY request. See > http://motherboard.vice.com/read/google-will-soon-shame-all-websites-that-are-unencrypted-chrome-https > > To do this, in your AppModule just set > > configuration.add(MetaDataConstants.SECURE_PAGE, "true”); > > then in production, staging, UAT, etc. set this system property... > > -Dtapestry.secure-enabled=true > > and in development you might like to turn it off… > > -Dtapestry.secure-enabled=false > > Alternatively, if you really must allow some requests to use HTTP, then > follow the tips in here: > > http://tapestry.apache.org/https.html > > HTH, > > Geoff > > > On 9 Mar 2016, at 9:56 PM, h3ph3st0s wrote: > > > > Hi, > > > > I built a small tapestry page under jboss. I read that in order to apply > SSL I had to either put @Secure annotation or configure with > > configuration.add(MetaDataConstants.SECURE_PAGE, "true"); > > > > Everything is ok with that, but my issue how can I make this to be > reconfigured each time depending the url if it has "http" or "https" and > without restarting application server. > > > > The request is that the application should be accessed with or without > SSL. Jboss is configured ok. But I am stack with this hardcoded "true". > > > > Can I override it ? > > Is there any other workaround ? > > > > Just for clarification I wanted something like that ( depending on the > url ) : > > String jbossDir= System.getProperty("jboss.server.base.dir"); > >System.out.println(jbossDir); > >Properties appProp = new Properties(); > >try { > >appProp.load(new BufferedInputStream(new > FileInputStream(String.format("%s/app.properties", jbossDir ) ))); > >String ssl = appProp.getProperty("SSL"); > >if ( ssl !=null ) { > >ssl = ssl.toLowerCase().trim(); > >} > > *configuration.add(MetaDataConstants.SECURE_PAGE, ssl);* > >} catch (FileNotFoundException e) { > >configuration.add(MetaDataConstants.SECURE_PAGE, "true"); > >e.printStackTrace(); > >} catch (IOException e) { > >configuration.add(MetaDataConstants.SECURE_PAGE, "true"); > >e.printStackTrace(); > >}* > > ** > > * > > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >