Re: security-constraint blocks welcome file with 403
On Mon, Jun 19, 2017 at 3:09 PM, Mark Thomaswrote: > On 19/06/17 08:24, Greg Huber wrote: > > Hello, > > > > If I add a security constrait to block direct access to jsp outside of > > /WEB-INF/ it blocks the welcome-file with a 403. Is there a caveat for > > using this here? > > Your welcome file is invalid. It should be a file name without a path. > Remember it applies to all directories, not just the web application root. > > Security constraints apply to welcome files. > > You'll need to use a servlet to do a forward to "WEB-INF/jsps/index.jsp" > > Mark > > > > > > > > > > No direct JSP access > > > > No-JSP > > *.jsp > > > > > > no-users > > > > > > > > > > Don't assign users to this role > > no-users > > > > > > > > WEB-INF/jsps/index.jsp > > > > > > Cheers Greg > > > > This is what I have done using spring. @RequestMapping(value = { "/", "/login" }) public ModelAndView login(@RequestParam(value = "error", required = false) String error, @RequestParam(value = "logout", required = false) String logout) { ModelAndView modelAndView = new ModelAndView(); modelAndView.setViewName("login"); return modelAndView; } And my login.jsp file resides inside the WEB-INF/jsp/login.jsp In case if you are using spring. ;) > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Apache Tomcat 7 (7.0.78) - Introduction
On Wed, May 31, 2017 at 1:01 PM, 付传淮 <337435...@qq.com> wrote: > I am learning tomcat,I found such a title on the following page. > http://tomcat.apache.org/tomcat-7.0-doc/introduction.html > at all Introduction of the tomcat document,you can see: > > Context - In a nutshell, a Context is a web application. > > Term2 - This is it. > > Term3 - This is it! > > I do not understand what the Term 2 and 3 are doing, is this the key just > like the key character reserved in Java? I think they are just trying to explain the terminology used in their document and Term1 and Term2 are example for it. So if I have understood it correctly it is like *context *- In a nutshell, a Context is a web application. explains the meaning of context. And context it self is a term and hence it is in bold.
Re: Websocket & Logging
Thank you all for helping out, it really solved my issue :) On Thu, Mar 30, 2017 at 9:40 PM, Mark Thomas <ma...@apache.org> wrote: > On 30/03/17 16:56, Addy D wrote: > > On Thu, Mar 30, 2017 at 8:49 PM, Konstantin Kolinko < > knst.koli...@gmail.com> > > wrote: > > > >> 2017-03-30 12:15 GMT+03:00 Addy D <pathfinder2104.w...@gmail.com>: > >>> I can see following in log, while starting tomcat: > >>> > >>> Mar 30, 2017 2:33:22 PM > >>> org.springframework.web.socket.server.support.WebSocketHandlerMapping > >>> registerHandler > >>> INFO: Mapped URL path [/call] onto handler of type [class > >>> org.springframework.web.socket.server.support. > >> WebSocketHttpRequestHandler] > >>> > >>> Same kind of logs are also available when I run my Spring boot > >> application, > >>> in this app I am able to connect to wss://localhost:8443/call. > > > > > No my application is not "ROOT", > > The the URL you quote above won't work. > > > i have my application as "myapp" but I > > have a similar (almost same, I am moving spring boot app to tomcat) > > spring-boot application which works fine with embedded tomcat in it with > > the same url, in fact in application startup time, I see "/call" getting > > registered in the tomcat log. as shown below. > > You have two options. > > 1. Rename myapp.war to ROOT.war > > 2. Use wss://localhost:8443/myappp/call to access your service > > I'd also recommend a careful read of the Servlet specification, > particularly section 3.5 along with this page from the Tomcat docs: > http://tomcat.apache.org/tomcat-8.5-doc/config/context.html#Naming > > Mark > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Websocket & Logging
On Thu, Mar 30, 2017 at 8:49 PM, Konstantin Kolinko <knst.koli...@gmail.com> wrote: > 2017-03-30 12:15 GMT+03:00 Addy D <pathfinder2104.w...@gmail.com>: > > I can see following in log, while starting tomcat: > > > > Mar 30, 2017 2:33:22 PM > > org.springframework.web.socket.server.support.WebSocketHandlerMapping > > registerHandler > > INFO: Mapped URL path [/call] onto handler of type [class > > org.springframework.web.socket.server.support. > WebSocketHttpRequestHandler] > > > > Same kind of logs are also available when I run my Spring boot > application, > > in this app I am able to connect to wss://localhost:8443/call. > > 1. Rules: > http://tomcat.apache.org/lists.html#tomcat-users > -> 6. Top-posting is bad. > > 2. What is the name of your web application? Is it "ROOT"? > FAQ: > https://wiki.apache.org/tomcat/HowTo#How_do_I_make_my_ > web_application_be_the_Tomcat_default_application.3F > > Best regards, > Konstantin Kolinko > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > Sorry for top-posting. No my application is not "ROOT", i have my application as "myapp" but I have a similar (almost same, I am moving spring boot app to tomcat) spring-boot application which works fine with embedded tomcat in it with the same url, in fact in application startup time, I see "/call" getting registered in the tomcat log. as shown below. Mar 30, 2017 2:33:22 PM org.springframework.web.socket.server.support.WebSocketHandlerMapping registerHandler INFO: Mapped URL path [/call] onto handler of type [class org.springframework.web.socket.server.support.WebSocketHttpRequestHandler] Same logs are there when I run my spring boot application, further more I also tried about enabling logging in tomcat, so I can investigate the issue further but I am not able to start full logging in tomcat as well, (I tried modifying logging.properties, but the log levels are already set to FINE, I am not sure what to do with it).
Re: Websocket & Logging
I can see following in log, while starting tomcat: Mar 30, 2017 2:33:22 PM org.springframework.web.socket.server.support.WebSocketHandlerMapping registerHandler INFO: Mapped URL path [/call] onto handler of type [class org.springframework.web.socket.server.support.WebSocketHttpRequestHandler] Same kind of logs are also available when I run my Spring boot application, in this app I am able to connect to wss://localhost:8443/call. On Thu, Mar 30, 2017 at 11:16 AM, Addy D <pathfinder2104.w...@gmail.com> wrote: > Well, I haven't change the code, the thing was working with Spring boot > (embedded tomcat) I just moved the code/app to an actual tomcat server. > > By trying the link from websocket.org I just wanted to confirm that > nothing is wrong with my Java Script code or browser. I now come to a > conclusion that something either on tomcat or application side is missing. > > On Thu, Mar 30, 2017 at 12:43 AM, Igal @ Lucee.org <i...@lucee.org> wrote: > >> That means that the Endpoint at websocket.org is configured correctly. >> >> How doe that help troubleshooting your Endpoint? >> >> Igal Sapir >> Lucee Core Developer >> Lucee.org <http://lucee.org/> >> >> On 3/29/2017 12:10 PM, Addy D wrote: >> >>> No, I tried something different, I tried this url wss:// >>> echo.websocket.org, >>> this one is working. >>> >>> On Wed, Mar 29, 2017 at 11:49 PM, Igal @ Lucee.org <i...@lucee.org> >>> wrote: >>> >>> Can you access it in a non-secure protocol? i.e. ws:// instaed of >>>> wss://? >>>> >>>> Testing that can help eliminate possible issues. >>>> >>>> Igal Sapir >>>> Lucee Core Developer >>>> Lucee.org <http://lucee.org/> >>>> >>>> >>>> On 3/29/2017 11:17 AM, Addy D wrote: >>>> >>>> The exact url I am trying to hit is : wss://localhost:8443/call >>>>> >>>>> >>>>> On Wed, Mar 29, 2017 at 10:58 PM, Igal @ Lucee.org <i...@lucee.org> >>>>> wrote: >>>>> >>>>> On 3/29/2017 2:17 AM, Addy D wrote: >>>>> >>>>>> Hello all, >>>>>> >>>>>>> I am facing an issue in my application, I want to know following >>>>>>> things. >>>>>>> >>>>>>> 1. The tomcat is returning 404 for upgrade header (request to >>>>>>> upgrade to >>>>>>> websocket protocol). Do I need to configure anything here? >>>>>>> >>>>>>> What's the Endpoint that you've set up (and how did you set it up)? >>>>>>> >>>>>> What is the exact URL that you're trying to hit with the ws:// >>>>>> request? >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> - >>>>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>>>>> For additional commands, e-mail: users-h...@tomcat.apache.org >>>>>> >>>>>> >>>>>> >>>>>> >> >
Re: Websocket & Logging
Well, I haven't change the code, the thing was working with Spring boot (embedded tomcat) I just moved the code/app to an actual tomcat server. By trying the link from websocket.org I just wanted to confirm that nothing is wrong with my Java Script code or browser. I now come to a conclusion that something either on tomcat or application side is missing. On Thu, Mar 30, 2017 at 12:43 AM, Igal @ Lucee.org <i...@lucee.org> wrote: > That means that the Endpoint at websocket.org is configured correctly. > > How doe that help troubleshooting your Endpoint? > > Igal Sapir > Lucee Core Developer > Lucee.org <http://lucee.org/> > > On 3/29/2017 12:10 PM, Addy D wrote: > >> No, I tried something different, I tried this url wss:// >> echo.websocket.org, >> this one is working. >> >> On Wed, Mar 29, 2017 at 11:49 PM, Igal @ Lucee.org <i...@lucee.org> >> wrote: >> >> Can you access it in a non-secure protocol? i.e. ws:// instaed of wss://? >>> >>> Testing that can help eliminate possible issues. >>> >>> Igal Sapir >>> Lucee Core Developer >>> Lucee.org <http://lucee.org/> >>> >>> >>> On 3/29/2017 11:17 AM, Addy D wrote: >>> >>> The exact url I am trying to hit is : wss://localhost:8443/call >>>> >>>> >>>> On Wed, Mar 29, 2017 at 10:58 PM, Igal @ Lucee.org <i...@lucee.org> >>>> wrote: >>>> >>>> On 3/29/2017 2:17 AM, Addy D wrote: >>>> >>>>> Hello all, >>>>> >>>>>> I am facing an issue in my application, I want to know following >>>>>> things. >>>>>> >>>>>> 1. The tomcat is returning 404 for upgrade header (request to upgrade >>>>>> to >>>>>> websocket protocol). Do I need to configure anything here? >>>>>> >>>>>> What's the Endpoint that you've set up (and how did you set it up)? >>>>>> >>>>> What is the exact URL that you're trying to hit with the ws:// request? >>>>> >>>>> >>>>> >>>>> >>>>> - >>>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>>>> For additional commands, e-mail: users-h...@tomcat.apache.org >>>>> >>>>> >>>>> >>>>> >
Re: Websocket & Logging
No, I tried something different, I tried this url wss://echo.websocket.org, this one is working. On Wed, Mar 29, 2017 at 11:49 PM, Igal @ Lucee.org <i...@lucee.org> wrote: > Can you access it in a non-secure protocol? i.e. ws:// instaed of wss://? > > Testing that can help eliminate possible issues. > > Igal Sapir > Lucee Core Developer > Lucee.org <http://lucee.org/> > > > On 3/29/2017 11:17 AM, Addy D wrote: > >> The exact url I am trying to hit is : wss://localhost:8443/call >> >> >> On Wed, Mar 29, 2017 at 10:58 PM, Igal @ Lucee.org <i...@lucee.org> >> wrote: >> >> On 3/29/2017 2:17 AM, Addy D wrote: >>> >>> Hello all, >>>> >>>> I am facing an issue in my application, I want to know following things. >>>> >>>> 1. The tomcat is returning 404 for upgrade header (request to upgrade to >>>> websocket protocol). Do I need to configure anything here? >>>> >>>> What's the Endpoint that you've set up (and how did you set it up)? >>> >>> What is the exact URL that you're trying to hit with the ws:// request? >>> >>> >>> >>> >>> - >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>> >>> >
Re: Websocket & Logging
The exact url I am trying to hit is : wss://localhost:8443/call On Wed, Mar 29, 2017 at 10:58 PM, Igal @ Lucee.org <i...@lucee.org> wrote: > On 3/29/2017 2:17 AM, Addy D wrote: > >> Hello all, >> >> I am facing an issue in my application, I want to know following things. >> >> 1. The tomcat is returning 404 for upgrade header (request to upgrade to >> websocket protocol). Do I need to configure anything here? >> > What's the Endpoint that you've set up (and how did you set it up)? > > What is the exact URL that you're trying to hit with the ws:// request? > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Websocket & Logging
Details from firefox "Network" tab: Request URL: https://localhost:8443/call Request Method: GET Status Code: 404 Request Headers: Host: localhost:8443 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://localhost:8443 Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: nmwooZUzvtitW09NoWgk6g== Connection: keep-alive, Upgrade Pragma: no-cache Cache-Control: no-cache Upgrade: websocket Response Headers: Content-Language: en Content-Length: 994 Content-Type: text/html;charset=utf-8 Date: Wed, 29 Mar 2017 12:02:34 GMT Console Output: GET https://localhost:8443/call [HTTP/1.1 404 17ms] Strict-Transport-Security: The connection to the site is untrustworthy, so the specified header was ignored.[Learn More] small_logo.png Firefox can’t establish a connection to the server at wss://localhost:8443/call. On Wed, Mar 29, 2017 at 5:04 PM, Addy D <pathfinder2104.w...@gmail.com> wrote: > Hey Mark, > > Thanks for replying, details are: > > 1. I am finding following things in the "Network" tab in chrome. > a. General: > > Request URL:wss://localhost:8443/call > Request Method:GET > Status Code:404 > > > b. Response Header: > > HTTP/1.1 404 > Content-Type: text/html;charset=utf-8 > Content-Language: en > Content-Length: 994 > Date: Wed, 29 Mar 2017 10:54:46 GMT > > c. Request Header: > > GET wss://localhost:8443/call HTTP/1.1 > Host: localhost:8443 > Connection: Upgrade > Pragma: no-cache > Cache-Control: no-cache > Upgrade: websocket > Origin: https://localhost:8443 > Sec-WebSocket-Version: 13 > User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 > Accept-Encoding: gzip, deflate, sdch, br > Accept-Language: en-US,en;q=0.8 > Sec-WebSocket-Key: 7QJCsfHPo++Q6d1L/MydLg== > Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits > > 2. Tomcat Logging: > In conf/logging.properties I added following things. > > handlers = 1catalina.org.apache.juli.AsyncFileHandler, > 2localhost.org.apache.juli.AsyncFileHandler, > 3manager.org.apache.juli.AsyncFileHandler, > 4host-manager.org.apache.juli.AsyncFileHandler, > 5websocket.org.apache.juli.AsyncFileHandler, java.util.logging. > ConsoleHandler > > > 5websocket.org.apache.juli.AsyncFileHandler.level = TRACE > 5websocket.org.apache.juli.AsyncFileHandler.directory = > ${catalina.base}/logs > 5websocket.org.apache.juli.AsyncFileHandler.prefix = WEBSOCKET. > > org.apache.tomcat.websocket.server.level = FINE > > 3. About endpoints: > > I have an application where I have integrated Spring + Spring MVC + > Spring Security + Spring websocket. > Spring websocket class TextWebSocketHandler is extended and using it > for communication between server and client. > > client side using simple JavaScript based WebSocket instance which > takes a single url as an argument. > > The url is wss://localhost:8443/call. I have register this "/call" by > overriding a method from WebSocketConfigurer.java as > shown below > > @Override > public void registerWebSocketHandlers(WebSocketHandlerRegistry > registry) { > registry.addHandler(callHandler(), > "/call").setAllowedOrigins("*"); > } > > Regards > Addy > > On Wed, Mar 29, 2017 at 3:32 PM, Mark Thomas <ma...@apache.org> wrote: > >> On 29/03/17 10:17, Addy D wrote: >> > Hello all, >> > >> > I am facing an issue in my application, I want to know following things. >> > >> > 1. The tomcat is returning 404 for upgrade header (request to upgrade to >> > websocket protocol). Do I need to configure anything here? >> >> It certainly looks like it. What URL are you sending the upgrade request >> to? >> >> > 2. How to enable logging for particular package of tomcat ? (I tried >> > changing logging.properties, added new logger over there but didn't >> work). >> >> What did you try adding? >> >> > 3. How can I see, registered websocket endpoints, which are registered >> by >> > my application? >> >> Not easily. We need to think about adding some debug logging and/or JMX >> information for this. >> >> How have you deploye
Re: Websocket & Logging
Hey Mark, Thanks for replying, details are: 1. I am finding following things in the "Network" tab in chrome. a. General: Request URL:wss://localhost:8443/call Request Method:GET Status Code:404 b. Response Header: HTTP/1.1 404 Content-Type: text/html;charset=utf-8 Content-Language: en Content-Length: 994 Date: Wed, 29 Mar 2017 10:54:46 GMT c. Request Header: GET wss://localhost:8443/call HTTP/1.1 Host: localhost:8443 Connection: Upgrade Pragma: no-cache Cache-Control: no-cache Upgrade: websocket Origin: https://localhost:8443 Sec-WebSocket-Version: 13 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept-Encoding: gzip, deflate, sdch, br Accept-Language: en-US,en;q=0.8 Sec-WebSocket-Key: 7QJCsfHPo++Q6d1L/MydLg== Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits 2. Tomcat Logging: In conf/logging.properties I added following things. handlers = 1catalina.org.apache.juli.AsyncFileHandler, 2localhost.org.apache.juli.AsyncFileHandler, 3manager.org.apache.juli.AsyncFileHandler, 4host-manager.org.apache.juli.AsyncFileHandler, 5websocket.org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler 5websocket.org.apache.juli.AsyncFileHandler.level = TRACE 5websocket.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs 5websocket.org.apache.juli.AsyncFileHandler.prefix = WEBSOCKET. org.apache.tomcat.websocket.server.level = FINE 3. About endpoints: I have an application where I have integrated Spring + Spring MVC + Spring Security + Spring websocket. Spring websocket class TextWebSocketHandler is extended and using it for communication between server and client. client side using simple JavaScript based WebSocket instance which takes a single url as an argument. The url is wss://localhost:8443/call. I have register this "/call" by overriding a method from WebSocketConfigurer.java as shown below @Override public void registerWebSocketHandlers(WebSocketHandlerRegistry registry) { registry.addHandler(callHandler(), "/call").setAllowedOrigins("*"); } Regards Addy On Wed, Mar 29, 2017 at 3:32 PM, Mark Thomas <ma...@apache.org> wrote: > On 29/03/17 10:17, Addy D wrote: > > Hello all, > > > > I am facing an issue in my application, I want to know following things. > > > > 1. The tomcat is returning 404 for upgrade header (request to upgrade to > > websocket protocol). Do I need to configure anything here? > > It certainly looks like it. What URL are you sending the upgrade request > to? > > > 2. How to enable logging for particular package of tomcat ? (I tried > > changing logging.properties, added new logger over there but didn't > work). > > What did you try adding? > > > 3. How can I see, registered websocket endpoints, which are registered by > > my application? > > Not easily. We need to think about adding some debug logging and/or JMX > information for this. > > How have you deployed your WebSocket endpoints? > > Mark > > > > > > P.S I have configured my tomcat to support https, below is the line which > > is used to configure https. > > > > " > keystoreFile="D:\Servers\tomcat-8.5.9\keystore.jks" > keystorePass="password" > > maxThreads="150" port="8443" > > protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" > > secure="true" sslProtocol="TLS"/> " > > > > > > I am stuck at these places, I need a direction, it would be nice if > anyone > > can help me. > > > > Thanks & Regards > > Addy > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Websocket & Logging
Hello all, I am facing an issue in my application, I want to know following things. 1. The tomcat is returning 404 for upgrade header (request to upgrade to websocket protocol). Do I need to configure anything here? 2. How to enable logging for particular package of tomcat ? (I tried changing logging.properties, added new logger over there but didn't work). 3. How can I see, registered websocket endpoints, which are registered by my application? P.S I have configured my tomcat to support https, below is the line which is used to configure https. " " I am stuck at these places, I need a direction, it would be nice if anyone can help me. Thanks & Regards Addy