A question about excluding URL patterns from filters
Hi, I have a filter that takes all requests that try to hit http and redirects them through https. Here is the web.xml configuration for that. - filter filter-nameSecuredChannelFilter/filter-name filter-classcom.psi.servlet.filter.SecuredChannelFilter/filter-class /filter filter-mapping filter-nameSecuredChannelFilter/filter-name url-pattern*/url-pattern /filter-mapping Now, I have a requirement to exclude only *.xsl from this filter. What would be the best way to make this exclusion. ? Currently, I can think of 2 ways - 1. Change the filter code to check the url pattern and exclude only url patterns that request for xsl resources. 2. Create another filter that does nothing but forward the request and the url pattern for that filter would be only *.xsl. I need to however, make sure this filter does not call the SecuredChannelFilter However, I believe there must be a more 'elegant' way to exclude a url pattern through configuration than adding/modifying more code. :) Could you shed more ideas on this. ? Thanks, Anand
Re: A question about excluding URL patterns from filters
On Feb 6, 2009, at 12:24 AM, Anand HS wrote: However, I believe there must be a more 'elegant' way to exclude a url pattern through configuration than adding/modifying more code. :) Could you shed more ideas on this. ? Move it? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: A question about excluding URL patterns from filters
From: Anand HS [mailto:anan...@gmail.com] Subject: A question about excluding URL patterns from filters I have a filter that takes all requests that try to hit http and redirects them through https. Why are you using a filter? Why not the transport-guarantee mechanism defined in the servlet spec? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: A question about excluding URL patterns from filters
Hi, Thanks for the info about the transport-guarantee. I did try to use it. Here is the config to exclude xsl files and allow all others through to HTTPS. security-constraint web-resource-collection web-resource-nameNotify page, accessed internally by application/web-resource-name url-pattern*.xsl/url-pattern /web-resource-collection user-data-constraint transport-guaranteeNONE/transport-guarantee /user-data-constraint /security-constraint !-- Force SSL for entire site -- security-constraint web-resource-collection web-resource-nameEntire Site/web-resource-name url-pattern/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint I would expect with this configuration that when i try to load any xsl through http on my browser, no redirection to https happens. But it doesnt seem to be happening. Is my configuraiton missing something. ? BTW, i use tomcat 6.0.18. Thanks, Anand On Fri, Feb 6, 2009 at 11:31 AM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Anand HS [mailto:anan...@gmail.com] Subject: A question about excluding URL patterns from filters I have a filter that takes all requests that try to hit http and redirects them through https. Why are you using a filter? Why not the transport-guarantee mechanism defined in the servlet spec? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: A question about excluding URL patterns from filters
I think I was doing a mistake in the url-pattern. giving the correct URL pattern did the trick. Thanks for the tip on transport-guarantee Chuck. Thanks, Anand On Fri, Feb 6, 2009 at 12:11 PM, Anand HS anan...@gmail.com wrote: Hi, Thanks for the info about the transport-guarantee. I did try to use it. Here is the config to exclude xsl files and allow all others through to HTTPS. security-constraint web-resource-collection web-resource-nameNotify page, accessed internally by application/web-resource-name url-pattern*.xsl/url-pattern /web-resource-collection user-data-constraint transport-guaranteeNONE/transport-guarantee /user-data-constraint /security-constraint !-- Force SSL for entire site -- security-constraint web-resource-collection web-resource-nameEntire Site/web-resource-name url-pattern/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint I would expect with this configuration that when i try to load any xsl through http on my browser, no redirection to https happens. But it doesnt seem to be happening. Is my configuraiton missing something. ? BTW, i use tomcat 6.0.18. Thanks, Anand On Fri, Feb 6, 2009 at 11:31 AM, Caldarale, Charles R chuck.caldar...@unisys.com wrote: From: Anand HS [mailto:anan...@gmail.com] Subject: A question about excluding URL patterns from filters I have a filter that takes all requests that try to hit http and redirects them through https. Why are you using a filter? Why not the transport-guarantee mechanism defined in the servlet spec? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
