Re: Redirection/URL rewriting Tomcat 8.5.14

[Daniel Savard]

Hi Chris,

2017-05-12 13:31 GMT-04:00 Christopher Schultz :

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Daniel,
>
> On 5/12/17 10:03 AM, Daniel Savard wrote:
> > Hi everyone,
> >
> > my question is not specific to the Tomcat version specified in the
> > subject line. I am trying to implement a URL rewrite or
> > redirection using Tomcat. What I want to do is the following:
> >
> > In a given instance of Tomcat, I have each application context
> > setup using the xml files in
> > $CATALINA_BASE/conf/[enginename]/[hostname]/, so far so good. Hence
> > for app1 I then have the URL:
> https://myserver:myport/app1, etc.
> >
> > What I need to do, is to have a dummy application which purpose is
> > just to redirect/rewrite the URL from one application to another.
> > So, I need in fact an empty application capturing each request and
> > send back to the browser a rewritten URL to the another
> > application.
> >
> > For example, suppose I want to redirect app1 to app2, I need to
> rewrite all
> > possible URL with query options and so one replacing only app1 by
> > app2 in the URL.
> >
> > https://myserver:myport/app1/something_more_specific?opt1 should be
> >  rewritten as
> > https://myserver:myport/app2/something_more_specific?opt1
> >
> > To do this, I read about the rewrite valve here:
> > http://tomcat.apache.org/tomcat-8.5-doc/rewrite.html
> >
> > So, I created an empty directory $CATALINA_BASE/webapps/app1 with
> > the following file:
> >
> > $CATALINA_BASE/webapps/app1/WEB-INF/rewrite.config
> >
> > And my $CATALINA_BASE/conf/[enginename]/[hostname]/app1.xml has the
> >  following entry within its context:
> >
> >  > className="org.apache.catalina.valves.rewrite.RewriteValve"/>
> >
> > My rewrite.config file is as follow:
> >
> > RewriteCond %{REQUEST_URI} ^/app1/?.* RewriteRule ^/app1(/?.*)$
> > /app2$1 [L]
> >
> > Without anything else, I am getting a HTTP 404 code. With an empty
> >  index.html I am getting a blank page. Within a working application
> > I am getting the application's welcome page. But never the URL is
> rewritten. The
> > rewrite.config file is actually read, I checked by introducing
> > some typo and I am getting an error message at startup.
> >
> > Is there a way to debug this problem? How can I see what is going
> > on with the execution of the rewriting class?
>
> I think everything you have above is correct, except that you want to
> deploy everything in the ROOT application instead of into "app1". With
> "app1", you are re-writing "/app1/app1" to "/app1/app2" when in fact you
> want to rewrite "/app1" to "/app2", correct?
>
> Also, it's important that /app1 not be a deployed application, otherwise
> requests to that context path with be sent to the /app1 application
> instead of to the ROOT webapp.
>
> - -chris
> -BEGIN PGP SIGNATURE-
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBCAAGBQJZFfGGAAoJEBzwKT+lPKRYlfsQAK9+rFzKtrrPS73Ma9VDclkn
> Lr3oG65TdKPhwVEtQlQoxLggX3GLiepImPzjY52rnMhxCZj+tt5n/fCkqVzEPnIp
> /NNgz/nX/GWqYjU11V58Azh2GRrjBqCJmesawxB/Y5+2NjcW6PrXJNje5PBmkbjs
> QkI5ftAYih7zxWQ4yASJfYwOmmjPpdNfyEM0IR/qkh/VnTz5bVu0/EgeOOK0/Dny
> EsK+3ptm+gdTNVt9jqwEnhWx5tsgpanhTycyyagwROT2A7NaldIi7xARPW3ZlSSF
> 0ncvQ8Z3G0KolBsGsDVyNgNv+bF38sfxOaN7xyp9GXFJVX5hKfRFBphiWPl+jjzz
> mwPcA3MsqDM3fQ4hMTAffmnUAj786pTZ6MCjDnumFjnQZB0zXASEpfI4G9f3+dKM
> fiVdjUQxgrXlUl6wcqBGUidN5PDb+akY8w9xNDl3PvBjrXfFIIfttLgGmxF5cej6
> dkvLqZoitIDzt8dOkWSns3UdK+fq3a1Hjw1BOPlvnvKbnhz2QXrxua6WMDQapohs
> JUUkAR3sujPUs/Tgjq5SiIEBe9sbwQTysNgtw9MzFUmAB7D87cCt0zI8dCbaL54Z
> iYUI0+IDVG7rc7+TwFeRo+ok96qMK1IKCiZt/8pe/097WcWMQq9FeYpGAg4YgZYo
> bwhJFBohEZeuwZCwhN9F
> =J7pC
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
Thanks for the tip. I am almost there. Actually, moving everything in ROOT
solved at least the actual execution of the rewriting. However, it didn't
solve entirely my problem.

If I access the URL: https://myhost/app1 in my browser the URL is actually
rewritten to https://myhost/app2 and access the index.html, etc. This is
fine.

However, if I try to access the URL: https://myhost/app1/ in my browser the
URL is NOT rewritten even if the actual application is properly accessed. I
really need the URL to be sent back to the browser. The same thing happens
if something follows the first part of the URI /app1/something will lead to
/app1/something instead of /app2/something.

The reason I am struggling with this and need this behavior is because a
commercial application we are running here is having a new version where
some files kept the same name as the older version, but the content is not
the same (typically icons, logos and pictures) and in the previous version,
they were marked to not expired in the 

Re: Redirection/URL rewriting Tomcat 8.5.14

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Daniel,

On 5/12/17 10:03 AM, Daniel Savard wrote:
> Hi everyone,
> 
> my question is not specific to the Tomcat version specified in the 
> subject line. I am trying to implement a URL rewrite or
> redirection using Tomcat. What I want to do is the following:
> 
> In a given instance of Tomcat, I have each application context
> setup using the xml files in
> $CATALINA_BASE/conf/[enginename]/[hostname]/, so far so good. Hence
> for app1 I then have the URL:
https://myserver:myport/app1, etc.
> 
> What I need to do, is to have a dummy application which purpose is 
> just to redirect/rewrite the URL from one application to another.
> So, I need in fact an empty application capturing each request and
> send back to the browser a rewritten URL to the another
> application.
> 
> For example, suppose I want to redirect app1 to app2, I need to
rewrite all
> possible URL with query options and so one replacing only app1 by 
> app2 in the URL.
> 
> https://myserver:myport/app1/something_more_specific?opt1 should be
>  rewritten as 
> https://myserver:myport/app2/something_more_specific?opt1
> 
> To do this, I read about the rewrite valve here: 
> http://tomcat.apache.org/tomcat-8.5-doc/rewrite.html
> 
> So, I created an empty directory $CATALINA_BASE/webapps/app1 with 
> the following file:
> 
> $CATALINA_BASE/webapps/app1/WEB-INF/rewrite.config
> 
> And my $CATALINA_BASE/conf/[enginename]/[hostname]/app1.xml has the
>  following entry within its context:
> 
>  className="org.apache.catalina.valves.rewrite.RewriteValve"/>
> 
> My rewrite.config file is as follow:
> 
> RewriteCond %{REQUEST_URI} ^/app1/?.* RewriteRule ^/app1(/?.*)$ 
> /app2$1 [L]
> 
> Without anything else, I am getting a HTTP 404 code. With an empty
>  index.html I am getting a blank page. Within a working application
> I am getting the application's welcome page. But never the URL is
rewritten. The
> rewrite.config file is actually read, I checked by introducing
> some typo and I am getting an error message at startup.
> 
> Is there a way to debug this problem? How can I see what is going
> on with the execution of the rewriting class?

I think everything you have above is correct, except that you want to
deploy everything in the ROOT application instead of into "app1". With
"app1", you are re-writing "/app1/app1" to "/app1/app2" when in fact you
want to rewrite "/app1" to "/app2", correct?

Also, it's important that /app1 not be a deployed application, otherwise
requests to that context path with be sent to the /app1 application
instead of to the ROOT webapp.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJZFfGGAAoJEBzwKT+lPKRYlfsQAK9+rFzKtrrPS73Ma9VDclkn
Lr3oG65TdKPhwVEtQlQoxLggX3GLiepImPzjY52rnMhxCZj+tt5n/fCkqVzEPnIp
/NNgz/nX/GWqYjU11V58Azh2GRrjBqCJmesawxB/Y5+2NjcW6PrXJNje5PBmkbjs
QkI5ftAYih7zxWQ4yASJfYwOmmjPpdNfyEM0IR/qkh/VnTz5bVu0/EgeOOK0/Dny
EsK+3ptm+gdTNVt9jqwEnhWx5tsgpanhTycyyagwROT2A7NaldIi7xARPW3ZlSSF
0ncvQ8Z3G0KolBsGsDVyNgNv+bF38sfxOaN7xyp9GXFJVX5hKfRFBphiWPl+jjzz
mwPcA3MsqDM3fQ4hMTAffmnUAj786pTZ6MCjDnumFjnQZB0zXASEpfI4G9f3+dKM
fiVdjUQxgrXlUl6wcqBGUidN5PDb+akY8w9xNDl3PvBjrXfFIIfttLgGmxF5cej6
dkvLqZoitIDzt8dOkWSns3UdK+fq3a1Hjw1BOPlvnvKbnhz2QXrxua6WMDQapohs
JUUkAR3sujPUs/Tgjq5SiIEBe9sbwQTysNgtw9MzFUmAB7D87cCt0zI8dCbaL54Z
iYUI0+IDVG7rc7+TwFeRo+ok96qMK1IKCiZt/8pe/097WcWMQq9FeYpGAg4YgZYo
bwhJFBohEZeuwZCwhN9F
=J7pC
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Redirection of mycompany.com to www.mycompany.com

[pierre posset]

Hi,

I have found what was happening, it was one of my colleagues who has put a 
filter and didin't remember doing that.

Thank you.

 Date: Tue, 17 Dec 2013 00:30:04 +0400
 Subject: Re: Redirection of mycompany.com to www.mycompany.com
 From: knst.koli...@gmail.com
 To: users@tomcat.apache.org
 
 2013/12/16 James H. H. Lampert jam...@touchtonecorp.com:
  On 12/16/13 9:37 AM, pierre posset wrote:
 
  My problem is that when in a browser I am writing mycompany.com I am
  redirected with to www.mycompany.com.
 
 
  I could be way off-base here (it wouldn't be the first time!), but:
 
  It could also be that your browser thinks it's smarter than you are. I've
  seen browsers apparently redirect themselves (without any redirect having
  been set up) to variations on a URL, and/or to whatever is set as their
  default search engine, but so far as I know, that usually only happens if
  the browser can't resolve the URL as entered, or if the user didn't
  explicitly type the protocol prefix on the URL.
 
 By the way, the setting name in Mozilla Firefox is
 browser.fixup.alternate.enabled
 I usually explicitly change this and keyword.enabled settings to the
 value of false.
 
 http://www.mozilla.org/docs/end-user/domain-guessing.html
 http://kb.mozillazine.org/Keyword.enabled
 
 
  Does it happen with other browsers? Does it happen if you try it from
  someplace with a completely different web connection? Have you tried
  explicitly typing the http:// or the https:// at the beginning of the URL?
 
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
  

Re: Redirection of mycompany.com to www.mycompany.com

[Reinhardt Christiansen]

On 2013-12-16 12:23 PM, pierre posset wrote:

Hello,

I have a strange behavior and I do not know where to watch.

I am using tomcat7 on a debian.

My problem is that when in a browser I am writing mycompany.com I am redirected 
with to www.mycompany.com.

I am using the node host with some nodes alias.

I have searched in many configuration file and also on google but I do not find 
any answer to my behavior, isthere someone who can help me?

Thank you.

Best Regards,

Pierre Posset.


I use a service called ZoneEdit (zoneedit.com) which lets you create 
records that cause similar redirections. For example, I can point a 
domain name, like mydomain.com to xyz.techstuff.net with their records. 
Perhaps something like that is causing the redirection, rather than any 
entries on the server itself?


I expect other companies provide the same services as ZoneEdit

--
Reinhardt

---
This email is free from viruses and malware because avast! Antivirus protection 
is active.
http://www.avast.com


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Redirection of mycompany.com to www.mycompany.com

[pierre posset]

Thank you for your answer I will try to see if it is something like that which 
is happening.

 Date: Mon, 16 Dec 2013 12:34:19 -0500
 From: rhi...@sympatico.ca
 To: users@tomcat.apache.org
 Subject: Re: Redirection of mycompany.com to www.mycompany.com
 
 On 2013-12-16 12:23 PM, pierre posset wrote:
  Hello,
 
  I have a strange behavior and I do not know where to watch.
 
  I am using tomcat7 on a debian.
 
  My problem is that when in a browser I am writing mycompany.com I am 
  redirected with to www.mycompany.com.
 
  I am using the node host with some nodes alias.
 
  I have searched in many configuration file and also on google but I do not 
  find any answer to my behavior, isthere someone who can help me?
 
  Thank you.
 
  Best Regards,
 
  Pierre Posset.
  
 
 I use a service called ZoneEdit (zoneedit.com) which lets you create 
 records that cause similar redirections. For example, I can point a 
 domain name, like mydomain.com to xyz.techstuff.net with their records. 
 Perhaps something like that is causing the redirection, rather than any 
 entries on the server itself?
 
 I expect other companies provide the same services as ZoneEdit
 
 -- 
 Reinhardt
 
 ---
 This email is free from viruses and malware because avast! Antivirus 
 protection is active.
 http://www.avast.com
 
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
  

Re: Redirection of mycompany.com to www.mycompany.com

[James H. H. Lampert]

On 12/16/13 9:37 AM, pierre posset wrote:

My problem is that when in a browser I am writing mycompany.com I am redirected 
with to www.mycompany.com.


I could be way off-base here (it wouldn't be the first time!), but:

It could also be that your browser thinks it's smarter than you are. 
I've seen browsers apparently redirect themselves (without any redirect 
having been set up) to variations on a URL, and/or to whatever is set as 
their default search engine, but so far as I know, that usually only 
happens if the browser can't resolve the URL as entered, or if the user 
didn't explicitly type the protocol prefix on the URL.


Does it happen with other browsers? Does it happen if you try it from 
someplace with a completely different web connection? Have you tried 
explicitly typing the http:// or the https:// at the beginning of the URL?


--
JHHL

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Redirection of mycompany.com to www.mycompany.com

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Pierre,

On 12/16/13, 12:23 PM, pierre posset wrote:
 I am using tomcat7 on a debian.
 
 My problem is that when in a browser I am writing mycompany.com I
 am redirected with to www.mycompany.com.
 
 I am using the node host with some nodes alias.
 
 I have searched in many configuration file and also on google but
 I do not find any answer to my behavior, is there someone who can
 help me?

What is your setup and configuration?

Have you used an HTTP protocol analyzer to see if the server is in
fact redirecting the client?

- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJSr1P0AAoJEBzwKT+lPKRY4KIP/1IlGMF3NCKIYqoHIchoeM+c
4gn4BSyaQj/hStYmf9T9l/ZIZMbjpcwZj79UHZry32IDO1E4VqiBRJ1MIB45SZg3
hYmzsXY7ULt3cRpCOu00uRArjT5LjTFkaLXTjzSBaCVODdElkFsJ4KS+B0S17ONq
yUTs0ONbqFgIeVSGAZcHDErM/7OCIRo4Gg6YlUnfKU6JU+TXREXLuyih4vQpgZ2f
GpDAw98h6C6Bzfs6NpE/5Zt6akRoNI5GhvwAw4/cCpfpTe6pijCeAkP3knt6M9yN
u+DlKoPKRpM6Ezxe83OeW2D9mqcOo21+xyv0k9Nu8eevKw7YSNqF7VqWC01hflvA
ERnTaQ+6NwIBcr2ZmfPtA37J1113YgF9IU5HIvlFyKF3x8MF/D80Pdhm9Ri4fZCq
tflITS9JlVUa1G7vgyj9+auLRiikqdwHF4fRNkc9cwr6ipucWEYa8Mw+OYcOGxlB
85KZChesp5sX5ggHWOV7jSSA4kiIj7Cp1QB0ypXTc2MlpVWqWiDjvNpkln6nCN8P
XL/Pasyi39auxRiZU1KwW5Db1SRgmNjY60bjoq5vpdxDpuIdhmkZp6USAEwg5P8Z
RZQpaYKDXNiywsWDX9FoyES11KJKHGX3v3XEfxX3p4RYg/xsVpFYKaNR4ZoOsaom
UbJutrtROwVEXNaODWl0
=jciL
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Redirection of mycompany.com to www.mycompany.com

[Konstantin Kolinko]

2013/12/16 James H. H. Lampert jam...@touchtonecorp.com:
 On 12/16/13 9:37 AM, pierre posset wrote:

 My problem is that when in a browser I am writing mycompany.com I am
 redirected with to www.mycompany.com.


 I could be way off-base here (it wouldn't be the first time!), but:

 It could also be that your browser thinks it's smarter than you are. I've
 seen browsers apparently redirect themselves (without any redirect having
 been set up) to variations on a URL, and/or to whatever is set as their
 default search engine, but so far as I know, that usually only happens if
 the browser can't resolve the URL as entered, or if the user didn't
 explicitly type the protocol prefix on the URL.

By the way, the setting name in Mozilla Firefox is
browser.fixup.alternate.enabled
I usually explicitly change this and keyword.enabled settings to the
value of false.

http://www.mozilla.org/docs/end-user/domain-guessing.html
http://kb.mozillazine.org/Keyword.enabled


 Does it happen with other browsers? Does it happen if you try it from
 someplace with a completely different web connection? Have you tried
 explicitly typing the http:// or the https:// at the beginning of the URL?


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: redirection of www.xyz.com/xyz to https://xyz.com/xyz.html is not happening in httpd.conf

[Caldarale, Charles R]

 From: Dhaval Jaiswal [mailto:dhaval.jais...@via.com] 
 Subject: redirection of www.xyz.com/xyz to https://xyz.com/xyz.html is not 
 happening in httpd.conf

 i have tried through Redirect option to redirect specific page to one *.html

 it is not redirecting. Still it is redirecting to old values only.

 Even i have tried through Rewriterule.

This is the Tomcat mailing list; perhaps you want the one for httpd.  Before 
posting on that list, you might want to read this first:

http://www.catb.org/~esr/faqs/smart-questions.html

and then provide specifics rather than vague ramblings.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: redirection error due to context path after JAAS authentication with mod_proxy

[Woonsan Ko]

From: André Warnier a...@ice-sa.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Wednesday, October 12, 2011 11:52 AM
Subject: Re: redirection error due to context path after JAAS authentication 
with mod_proxy

Woonsan Ko wrote:
 Hi,
 
 I have a reverse proxy configuration like this:
 
 VirtualHost *:80   ServerName localhost   ProxyPreserveHost On   ProxyPass 
 / http://localhost:8080/app1/   ProxyPassReverse / 
 http://localhost:8080/app1/   ProxyPassReverseCookiePath /app1 / 
 /VirtualHost

If it is really like above, then why are you using an Apache httpd front-end 
at all?
Would it not be easier (+ simpler, + more efficient) to just get Tomcat to 
listen on port 80 and whatever IP address Apache httpd is listening to right 
now ?

(To get exactly the same behaviour as above, you would also have to make 
app1 be the Tomcat ROOT application.)

Note: I also use a lot of setups with Apache httpd as front-end, and Tomcat as 
a back-end, and sometimes this is very practical.  At least, when the Apache 
httpd front-end is actually doing something other than forwarding the 
requests to Tomcat.
But here, it does not seem to be doing anything at all.

Yeah, actually I gave a simplified example configuration in order to show proxy 
mappings.
We have many other reasons to keep apache httpd as front-end here.
I've suggested a system administrator about deploying app to ROOT as a 
workaround, but they are not willing to do that for some reasons.

Anyway, if there's no way to customize redirection behavior after JAAS login, 
then I probably need to find a more controllable solution instead of using 
Tomcat's JAAS login feature. (Spring Security seems a good alternative which is 
filter based.)

Thanks anyway,

Woonsan








-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: redirection error due to context path after JAAS authentication with mod_proxy

[André Warnier]

Woonsan Ko wrote:

Hi,

I have a reverse proxy configuration like this:

VirtualHost *:80 
  ServerName localhost 
  ProxyPreserveHost On 
  ProxyPass / http://localhost:8080/app1/ 
  ProxyPassReverse / http://localhost:8080/app1/ 
  ProxyPassReverseCookiePath /app1 / 
/VirtualHost


If it is really like above, then why are you using an Apache httpd front-end at 
all?
Would it not be easier (+ simpler, + more efficient) to just get Tomcat to listen on port 
80 and whatever IP address Apache httpd is listening to right now ?


(To get exactly the same behaviour as above, you would also have to make app1 be the 
Tomcat ROOT application.)


Note: I also use a lot of setups with Apache httpd as front-end, and Tomcat as a back-end, 
and sometimes this is very practical.  At least, when the Apache httpd front-end is 
actually doing something other than forwarding the requests to Tomcat.

But here, it does not seem to be doing anything at all.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: redirection error due to context path after JAAS authentication with mod_proxy

[Woonsan Ko]

- Original Message -
 From: André Warnier a...@ice-sa.com
 To: Tomcat Users List users@tomcat.apache.org
 Cc: 
 Sent: Wednesday, October 12, 2011 11:52 AM
 Subject: Re: redirection error due to context path after JAAS authentication 
 with mod_proxy
 
 Woonsan Ko wrote:
  Hi,
 
  I have a reverse proxy configuration like this:
 
  VirtualHost *:80   ServerName localhost   ProxyPreserveHost On  
 ProxyPass / http://localhost:8080/app1/   ProxyPassReverse / 
 http://localhost:8080/app1/   ProxyPassReverseCookiePath /app1 / 
 /VirtualHost
 
 If it is really like above, then why are you using an Apache httpd front-end 
 at 
 all?
 Would it not be easier (+ simpler, + more efficient) to just get Tomcat to 
 listen on port 80 and whatever IP address Apache httpd is listening to right 
 now 
 ?

One simple strong reason is that I don't want to run tomcat by root.

Thanks,

Woonsan

 
 (To get exactly the same behaviour as above, you would also have to make 
 app1 be the Tomcat ROOT application.)
 
 Note: I also use a lot of setups with Apache httpd as front-end, and Tomcat 
 as a 
 back-end, and sometimes this is very practical.  At least, when the Apache 
 httpd 
 front-end is actually doing something other than forwarding the 
 requests to Tomcat.
 But here, it does not seem to be doing anything at all.
 
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: redirection error due to context path after JAAS authentication with mod_proxy

[Pid]

On 12/10/2011 17:51, Woonsan Ko wrote:
 
 - Original Message -
 From: André Warnier a...@ice-sa.com
 To: Tomcat Users List users@tomcat.apache.org
 Cc: 
 Sent: Wednesday, October 12, 2011 11:52 AM
 Subject: Re: redirection error due to context path after JAAS authentication 
 with mod_proxy

 Woonsan Ko wrote:
  Hi,

  I have a reverse proxy configuration like this:

  VirtualHost *:80   ServerName localhost   ProxyPreserveHost On  
 ProxyPass / http://localhost:8080/app1/   ProxyPassReverse / 
 http://localhost:8080/app1/   ProxyPassReverseCookiePath /app1 / 
 /VirtualHost

 If it is really like above, then why are you using an Apache httpd front-end 
 at 
 all?
 Would it not be easier (+ simpler, + more efficient) to just get Tomcat to 
 listen on port 80 and whatever IP address Apache httpd is listening to right 
 now 
 ?
 
 One simple strong reason is that I don't want to run tomcat by root.

JSVC, iptables, Tanuki - bunch of different way to handle that.


p


 (To get exactly the same behaviour as above, you would also have to make 
 app1 be the Tomcat ROOT application.)

 Note: I also use a lot of setups with Apache httpd as front-end, and Tomcat 
 as a 
 back-end, and sometimes this is very practical.  At least, when the Apache 
 httpd 
 front-end is actually doing something other than forwarding the 
 requests to Tomcat.
 But here, it does not seem to be doing anything at all.


 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org

 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 




signature.asc
Description: OpenPGP digital signature

Re: redirection error due to context path after JAAS authentication with mod_proxy

[Brian Burch]

On 12/10/11 17:51, Woonsan Ko wrote:

One simple strong reason is that I don't want to run tomcat by root.


The debian/ubuntu deb package installs tomcat6 so that it uses authbind 
to listen on ports  1024, and it runs under its own non-root uid/gid. I 
was very impressed when I converted from tomcat5 as a vanilla install to 
tomcat6 as a deb.


Even if you are not on debian, perhaps looking at the installation 
script and file structure will help you set up something similar.


Regards,

Brian

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

re: redirection

[mateo-jl]

Hi,

i think, the best way is to use the mod_jk module. So, in a firewall 
environment, you can have your web server (Apache) in the non-protected area 
and apache will redirect all requests (http:// :80 or nothing) at your 
Tomcat server (http:// :8080) within the protected one. 
Take a look at the connectors documentation
http://tomcat.apache.org/connectors-doc/

JL

 Message du 31/03/09 18:59
 De : Melanie Pfefer 
 A : users@tomcat.apache.org
 Copie à : 
 Objet : redirection
 
 
 
 Hello
 
 I have a tomcat server running on port 8080.
 
 users need to create a dns alias which is on port 80. redirection cannot be 
 done on DNS level of course.
 
 do you have any idea how to achieve this in tomcat. For example:
 
 http://siroe redirects to http://machineX:8080 that is a tomcat application?
 
 thank you 
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 
 
 

RE: redirection

[Caldarale, Charles R]

 From: mateo-jl [mailto:mateo...@orange.fr]
 Subject: re: redirection
 
 i think, the best way is to use the mod_jk module. So, in a firewall
 environment, you can have your web server (Apache) in the non-protected
 area and apache will redirect all requests (http:// :80 or nothing)
 at your Tomcat server (http:// :8080) within the protected one.

In what way would that improve security?  Since all requests would be forwarded 
to Tomcat, adding httpd accomplishes nothing except additional overhead and 
complexity.  It's silly to place *anything* in a completely unprotected area; 
you would still have a firewall in place restricting access to just ports 80 
and 443, even if httpd were handling those ports.  Might as well have Tomcat 
handle those ports directly.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

RE: redirection

[fredk2]

I would be better...The apache httpd web server is more versatile and its
vulnerabilities are better researched. You can also add mod_security and
other modules to further protect the Tomcat against common attacks (assuming
you do not use a WAF firewall).  Furthermore you can add more Tomcats and
balance when needed... also on unix if you do not use jsvc or iptable you
need to run tomcat as root for port 80 which is not a good idea...etc...

Rgds - Fred

Caldarale, Charles R wrote:
 
 From: mateo-jl [mailto:mateo...@orange.fr]
 Subject: re: redirection
 
 i think, the best way is to use the mod_jk module. So, in a firewall
 environment, you can have your web server (Apache) in the non-protected
 area and apache will redirect all requests (http:// :80 or nothing)
 at your Tomcat server (http:// :8080) within the protected one.
 
 In what way would that improve security?  Since all requests would be
 forwarded to Tomcat, adding httpd accomplishes nothing except additional
 overhead and complexity.  It's silly to place *anything* in a completely
 unprotected area; you would still have a firewall in place restricting
 access to just ports 80 and 443, even if httpd were handling those ports. 
 Might as well have Tomcat handle those ports directly.
 
  - Chuck
 
 
 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
 MATERIAL and is thus for use only by the intended recipient. If you
 received this in error, please contact the sender and delete the e-mail
 and its attachments from all computers.
 
 
 

-- 
View this message in context: 
http://www.nabble.com/redirection-tp22809932p22827189.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: redirection

[Caldarale, Charles R]

 From: fredk2 [mailto:fre...@gmail.com]
 Subject: RE: redirection
 
 The apache httpd web server is more versatile 

Additional versatility is worthless if not needed; from a security perspective 
it merely provides more opportunities for abuse.

 its vulnerabilities are better researched

Evidence, please?  Just because httpd has been around longer does not 
necessarily mean it is more secure.  Besides, since the previously suggested 
arrangement was to forward all requests to Tomcat, httpd security is of no 
interest.

 (assuming you do not use a WAF firewall)

If you're not using a firewall, you're simply asking for trouble.

 Furthermore you can add more Tomcats and balance when needed

Performance was not a topic of discussion; even if it were, there are much 
superior load balancers available (although they do have a cost).

 on unix if you do not use jsvc or iptable you need to run 
 tomcat as root for port 80 which is not a good idea

No one ever suggested running Tomcat as root.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: redirection

[Peter Crowther]

 From: fredk2 [mailto:fre...@gmail.com]
 I would be better...The apache httpd web server is more
 versatile

Irrelevant to this problem.

 and its vulnerabilities are better researched.

References for that assertion?  I'm not disagreeing, I'd just be interested in 
the hard data.

 You can also add
 mod_security and
 other modules to further protect the Tomcat against common
 attacks (assuming you do not use a WAF firewall).

And, indeed, that Apache + mod_security + mod_jk + Tomcat has fewer 
vulnerabilities than just Tomcat.

 Furthermore you can add more Tomcats and
 balance when needed...

Irrelevant to this problem, though I agree with you in the general case.

 also on unix if you do not use jsvc or
 iptable you
 need to run tomcat as root for port 80 which is not a good
 idea...etc...

True, but that's like saying if you do not have a lock on your front door, 
your front door will not be locked which is not a good idea.  Why would anyone 
*not* run using jsvc or iptables?

- Peter

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: redirection

[mateo-jl]

Indeed the topic of this discussion is not to have 8080 as the main port of 
Tomcat.
I've just emitted one solution among many others: mod_jk. 
Some of my customers have opted for this one because of the simplicity of 
writing url, of performance (load-balancing), 
of security too (No-using 80 port for Tomcat was a security directive in some 
cases)



 Message du 01/04/09 15:47
 De : Caldarale, Charles R 
 A : Tomcat Users List 
 Copie à : 
 Objet : RE: redirection
 
  From: mateo-jl [mailto:mateo...@orange.fr]
  Subject: re: redirection
  
  i think, the best way is to use the mod_jk module. So, in a firewall
  environment, you can have your web server (Apache) in the non-protected
  area and apache will redirect all requests (http:// :80 or nothing)
  at your Tomcat server (http:// :8080) within the protected one.
 
 In what way would that improve security? Since all requests would be 
 forwarded to Tomcat, adding httpd accomplishes nothing except additional 
 overhead and complexity. It's silly to place *anything* in a completely 
 unprotected area; you would still have a firewall in place restricting access 
 to just ports 80 and 443, even if httpd were handling those ports. Might as 
 well have Tomcat handle those ports directly.
 
 - Chuck
 
 
 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
 MATERIAL and is thus for use only by the intended recipient. If you received 
 this in error, please contact the sender and delete the e-mail and its 
 attachments from all computers.
 
 

Re: redirection

[Gregor Schneider]

On Wed, Apr 1, 2009 at 4:22 PM, Peter Crowther
peter.crowt...@melandra.com wrote:

 And, indeed, that Apache + mod_security + mod_jk + Tomcat has fewer 
 vulnerabilities than just Tomcat.


Since I'm interested on hard data, too, hand over the facts, please.

It's just that I'm curious...

Rgds

Gregor
-- 
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@ http://pgpkeys.pca.dfn.de:11371
@ http://pgp.mit.edu:11371/

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: redirection

[Peter Crowther]

 From: Gregor Schneider [mailto:rc4...@googlemail.com]
 On Wed, Apr 1, 2009 at 4:22 PM, Peter Crowther
 peter.crowt...@melandra.com wrote:
 
  And, indeed, that Apache + mod_security + mod_jk + Tomcat
 has fewer vulnerabilities than just Tomcat.
 

 Since I'm interested on hard data, too, hand over the facts, please.

Quite.  If you look at the full original quote...

-- snip --
 From: fredk2 [mailto:fre...@gmail.com]
[...]
 (assuming you do not use a WAF firewall).

And, indeed, that Apache + mod_security + mod_jk + Tomcat has fewer 
vulnerabilities than just Tomcat.
-- snip --

... I was re-using the assuming from the previous poster's brackets.  Sorry - 
I should have made that more explicit.  Here's the re-stated version:

And, indeed, *assuming* that Apache + mod_security + mod_jk + Tomcat has fewer 
vulnerabilities than just Tomcat.

I'd also be very interested to see the evidence (either way) on that.

- Peter

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: redirection

[André Warnier]

Melanie Pfefer wrote:

Hello

I have a tomcat server running on port 8080.

users need to create a dns alias which is on port 80. redirection cannot be 
done on DNS level of course.

do you have any idea how to achieve this in tomcat. For example:

http://siroe redirects to http://machineX:8080 that is a tomcat application?


Hi Melanie.
Since by now, after all these ponderous answers, you might be pretty 
confused as to what to do, let me restart from the beginning.


First, you can configure Tomcat to accept requests on port 80, instead 
of, or in addition to, port 8080.
That is easy, and you would do it in principle by changing in the 
server.xml file, the existing Connector ... port=8080 to Connector 
... port=80.  That's almost it.
The only catch is that in order for this to work, this Tomcat would need 
to run as user root, because only user root can run a process that opens 
a listening port = 1024.


If this Tomcat cannot run as root, then there is a workaround : you can 
use something called jsvc, which is like a wrapper process which 
starts as root, opens port 80 for Tomcat, then runs Tomcat as a non-root 
user.  That allows Tomcat to run as a non-root user, and to still listen 
on port 80.


If none of the above is possible, then you could indeed run an Apache 
httpd in front of your Tomcat.  The Apache httpd (maybe one that is 
there already), can accept requests on port 80, look at the request, 
determine that it is one that Tomcat should handle, and pass it to the 
back-end Tomcat on another port.  This can be done in several ways :


1) the front-end Apache httpd, which listens on port 80, can just act as 
a HTTP proxy, and pass the appropriate requests to the back-end Tomcat 
on the Tomcat HTTP port 8080.
2) the front-end Apache can act as an AJP proxy, and pass requests to 
Tomcat using the AJP protocol.  This requires adding another Connector 
to Tomcat, to listen for requests that use that protocol.

There are 2 sub-cases of this :
2a) using (at the Apache httpd level), a module called mod_proxy_ajp
2b) using (at the Apache httpd level), a module called mod_jk
(In both cases, you can choose the port Tomcat uses to listen for that)

If none of the above is possible or practical, then there are still 
other solutions, using other methods in software/hardware.


Roughly, the above is in order of increasing complexity.

The issue here is not to find a solution (there are many), but to find 
the solution that is the easiest and best-adapted to your problem.


Your initial post above is not very clear as to why you need this.
Tell us a bit more about your real problem and we could probably do 
better at recommending an appropriate solution to you.



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: redirection

[Gregor Schneider]

Peter,

On Wed, Apr 1, 2009 at 4:58 PM, Peter Crowther
peter.crowt...@melandra.com wrote:

 And, indeed, *assuming* that Apache + mod_security + mod_jk + Tomcat has 
 fewer vulnerabilities than just Tomcat.

 I'd also be very interested to see the evidence (either way) on that.

See, I believe in the statement that the more components you're adding
to an environment, the more possibilities there are for a
security-hole. However, to believe is not to know...

However, when I check full-disclosure and other security-lists, I see
few issues referring to Tomcat, but I see quite some issues referring
to HTTPD and it's modules.

I guess if you're once able to break HTTPD and found your way into the
box, harm is on it's way. I further /believe/ that from this point it
makes sense to use as few components as possible.

Anyhow, that's what I believe, not what I know.

Cheers

Gregor
-- 
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@ http://pgpkeys.pca.dfn.de:11371
@ http://pgp.mit.edu:11371/

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

[OT] RE: redirection

[Peter Crowther]

 From: Gregor Schneider [mailto:rc4...@googlemail.com]
 See, I believe in the statement that the more components you're adding
 to an environment, the more possibilities there are for a
 security-hole. However, to believe is not to know...

It's clear that a naïve more components = less secure argument doesn't work 
in computer security, as I think few people on this list would argue with the 
following: A Tomcat server with a dedicated firewall in front will be more 
secure than the same Tomcat with no dedicated firewall in front.  Here, more 
components - and the assumption of fitness for purpose and correct 
configuration - lead to an assumption of higher rather than lower security.

So we're then into a discussion of how well httpd + mod_security + { mod_proxy, 
mod_jk} would serve for the purpose - a discussion of the *quality* of the 
components, rather than just the *quantity*.  And that's why I'd love to see 
the hard data because, like you, I don't know :-).

- Peter

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: redirection

[Martin Gainty]

Gregor

can you elucidate any documented security holes in Apache HTTPD?

Martin 
__ 
Verzicht und Vertraulichkeitanmerkung / Disclaimer and confidentiality note 
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger 
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung 
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem 
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. 
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung 
fuer den Inhalt uebernehmen.
This message is confidential and may be privileged. If you are not the intended 
recipient, we kindly ask you to  please inform the sender. Any unauthorised 
dissemination or copying hereof is prohibited. This message serves for 
information purposes only and shall not have any legally binding effect. Given 
that e-mails can easily be subject to manipulation, we can not accept any 
liability for the content provided.






 Date: Wed, 1 Apr 2009 17:31:34 +0200
 Subject: Re: redirection
 From: rc4...@googlemail.com
 To: users@tomcat.apache.org
 
 Peter,
 
 On Wed, Apr 1, 2009 at 4:58 PM, Peter Crowther
 peter.crowt...@melandra.com wrote:
 
  And, indeed, *assuming* that Apache + mod_security + mod_jk + Tomcat has 
  fewer vulnerabilities than just Tomcat.
 
  I'd also be very interested to see the evidence (either way) on that.
 
 See, I believe in the statement that the more components you're adding
 to an environment, the more possibilities there are for a
 security-hole. However, to believe is not to know...
 
 However, when I check full-disclosure and other security-lists, I see
 few issues referring to Tomcat, but I see quite some issues referring
 to HTTPD and it's modules.
 
 I guess if you're once able to break HTTPD and found your way into the
 box, harm is on it's way. I further /believe/ that from this point it
 makes sense to use as few components as possible.
 
 Anyhow, that's what I believe, not what I know.
 
 Cheers
 
 Gregor
 -- 
 just because your paranoid, doesn't mean they're not after you...
 gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
 gpgp-key available
 @ http://pgpkeys.pca.dfn.de:11371
 @ http://pgp.mit.edu:11371/
 
 -
 To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
 For additional commands, e-mail: users-h...@tomcat.apache.org
 

_
Rediscover Hotmail®: Get quick friend updates right in your inbox. 
http://windowslive.com/RediscoverHotmail?ocid=TXT_TAGLM_WL_HM_Rediscover_Updates1_042009

Re: redirection

[Gregor Schneider]

Martin,

On Wed, Apr 1, 2009 at 6:53 PM, Martin Gainty mgai...@hotmail.com wrote:

 Gregor

 can you elucidate any documented security holes in Apache HTTPD?


Most of them are fixed, but it proofs that there are quite some, and I
bet there will be some full disclosure in future.

For a start:

http://www.google.de/search?q=full+disclosure+apache+httpdie=utf-8oe=utf-8aq=trls=org.mozilla:de:officialclient=firefox-a

Rgds

Gregor
-- 
just because your paranoid, doesn't mean they're not after you...
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available
@ http://pgpkeys.pca.dfn.de:11371
@ http://pgp.mit.edu:11371/

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: redirection

[Mark Thomas]

Martin Gainty wrote:
 Gregor
 
 can you elucidate any documented security holes in Apache HTTPD?

Martin - did you even bother to look?

http://httpd.apache.org/security_report.html

Mark


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: redirection

[Steve]

Melanie Pfefer wrote:

Hello

I have a tomcat server running on port 8080.

users need to create a dns alias which is on port 80. redirection cannot be 
done on DNS level of course.

do you have any idea how to achieve this in tomcat. For example:

http://siroe redirects to http://machineX:8080 that is a tomcat application?

thank you



mod_proxy or mod_jk (most likely) if you are using apache.

--
eats the blues for breakfast
does unix for rent
rides for the freedom
scrapes for the challenge
310-947-8565

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: redirection

[Ilya Kazakevich]

You need some front-end proxy. 
Apache web-server could do it.
Squid could (AFAIK).
Nginx could do it also.



-Original Message-
From: Melanie Pfefer [mailto:melanie_pfe...@yahoo.co.uk] 
Sent: Tuesday, March 31, 2009 8:59 PM
To: users@tomcat.apache.org
Subject: redirection


Hello

I have a tomcat server running on port 8080.

users need to create a dns alias which is on port 80. redirection cannot be
done on DNS level of course.

do you have any idea how to achieve this in tomcat. For example:

http://siroe redirects to http://machineX:8080 that is a tomcat application?

thank you


  

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: redirection

[Caldarale, Charles R]

 From: Melanie Pfefer [mailto:melanie_pfe...@yahoo.co.uk]
 Subject: redirection
 
 I have a tomcat server running on port 8080.

Why don't you just configure Tomcat to use port 80?  That can either replace 
the existing Connector for 8080 or be an additional Connector.  Look in the 
conf/server.xml file.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

Re: Redirection after Tomcat restart

[Pavel Savara]

Hi,
Another possibility is to set up tomcat to serialize session to disk
before restart. Tt deserializes all session at the start up so user will
remain login with all session variables it in ideal case he won't notice
the restart at all.

Palko

On Mon, 2008-09-22 at 16:21 -0400, Martin Dubuc wrote:
 I am running Tomcat 6.0.18.
 
 My application uses form based authentication.
 
 I am not sure how to handle the case where a user navigates to one of the
 secure page after logging in and Tomcat is restarted. The problem is that
 from the secured page, if the user clicks on any of the links after the
 restart, Tomcat will redirect to the login page (which is expected) and
 then, after the login, it will execute the code that it would normally
 execute when the user clicks on the link. The problem that I am facing is
 that since the application is using a new session, there might be some
 session based variables that are not initialized. Ultimately, if Tomcat is
 restarted, I would rather the user be redirected to a predetermined page
 (some kind of home page), but it seems that instead, and I believe this is
 as per the servlet spec, Tomcat displays the page information it had stored
 in its container before restarting.
 
 Any advice on how to best handle this?
 
 Martin

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Redirection after Tomcat restart

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Martin,

Martin Dubuc wrote:
 The problem that I am facing is that since the application is using a
 new session, there might be some session based variables that are not
 initialized.

If you want your application to work properly in this situation, you'll
need to add checks to your code to ensure Session integrity before
proceeding. If there's a problem, redirect to some benign location.

 Ultimately, if Tomcat is restarted, I would rather the user be
 redirected to a predetermined page (some kind of home page), but it
 seems that instead, and I believe this is as per the servlet spec,
 Tomcat displays the page information it had stored in its container
 before restarting.

Correct.

 Any advice on how to best handle this?

That depends on a few things.

You could write a filter that tests for certain session contents and, in
their absence, redirects the user to your preferred page. The problem
here is that the session is (probably) not expected to look the same in
all parts of your application, so it's hard to tell which session key to
choose. Perhaps your default page inserts something into the session
like user is still logged-in.

Another choice (which I like the best) is to upgrade your application to
tolerate Tomcat's behavior. Honestly, I like this the best because it
makes it possible for people to resume their session rather than having
to start all over again (which really sucks for certain operations).

The last option I can think of is to use securityfilter
(http://securityfilter.sourceforge.net) and hack-up the
FormAuthenticator such that it redirects you to a specific location
instead of the original, saved request. There's a feature in the CVS
head where you can specify where to go once you are properly
authenticated (which overrides the go-to-saved-request behavior). You
could use this, too.

Hope that helps,
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkjYD9QACgkQ9CaO5/Lv0PALYwCfdxSV9ocTi0vC6l+ehZt4yYWO
hV4AnRJbvo2WNvN8giZoc6qAveEiR7yF
=jzKg
-END PGP SIGNATURE-

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Redirection

[Johnny Kewl]

- Original Message - 
From: Ravi Sharma [EMAIL PROTECTED]

To: Tomcat Users List users@tomcat.apache.org
Sent: Friday, August 15, 2008 8:47 PM
Subject: Redirection



Hi,
I have the following scenerio.
I have a site which provide music online. Now for hosting the actual song 
i

have purchased another site with better band widthm but no tomcat.
So my webserver(tomcat) is running on one server(say domain1) and files 
are
hosted on another (with different domain name say domain2, which anyone 
can

access using http).

Now i have to put http://domain2/abc.music on my site to access these 
files.

Now i can do something like that write a normal Servlet which receive song
id and i forward it to appropriate link(http link to another site 
domain2).

but when someone start downloading they see that data is coming from
domain2, i dont want user to see domain2, and also i can not do somethin
like when user request any file first get it on to domain1 server and then
provide it to user as it will be too much bandwidth wastage.

So is there any way to do this using anything in apache,tomcat to hide
domain2 from everyone.,

Thanks,
Ravi.


Ravi, its interesting...

I kinda like the idea of using Tomcat as the brain and other distributed 
servers as work horses... its the way the internet works...


Its all really easy... because browsers come back for info...
So you can send a lite brain page from TC and let all the image links come 
from somwhere else... so I think that how you should be thinking.


-- brain page - browser
foreign server--- browser sucking from other servers

But you cannot try hide a site... say because the user should pay for the 
music... you'll get hacked to hell... so you have to have some kind of 
security, and you are going to have some logic on the foreign sites.


For that, I would read up on something like kerberos... not that you'll have 
to impliment it, but just the idea of one server issuing a ticket, that is 
then a password into another server


And I'd need to think about it a little, but I think you could do it all 
with global cookies which we'll now call tickets...


So what happens now is that TC is picking up very little heavy traffic... no 
big music files... and the user gets a page from TC that says...  you got 
10 mins to get your music files from these links


So in that way you could have cheap SP's on apache with a tiny little bit of 
PHP/CGI... and one or two TC's serving millions of requests...


Thats the way I think I would go

Great project

Oh... BTW redirection (I think) is definitely not the way to go 
redirection is very ineficient because its round trips to browsers... good 
for, we have a new site, or down for maint... but not a good idea for a 
heavy site like you into... you lucky, I'd luv to climb into something like 
this ;)


Once you have figured out the ticket scheme... you can then even hide the 
links in Ajax... so it just happens and it happens either down loading or 
plays in a flash player or whatever
I'd also climb into a Utube type site and open up there source to get more 
idea's...


Have Fun...
---
HARBOR : http://www.kewlstuff.co.za/index.htm
The most powerful application server on earth.
The only real POJO Application Server.
See it in Action : http://www.kewlstuff.co.za/cd_tut_swf/whatisejb1.htm
---














-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Redirection

[Hassan Schroeder]

On Fri, Aug 15, 2008 at 11:47 AM, Ravi Sharma [EMAIL PROTECTED] wrote:

 So is there any way to do this using anything in apache,tomcat to hide
 domain2 from everyone.,

You should either move everything to the higher-bandwidth server,
or have your DNS identify it as a subdomain -- 'music.domain1.com'
or something.

FWIW,
-- 
Hassan Schroeder  [EMAIL PROTECTED]

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Redirection

[jeusdi]

Mmm, this property is usefull when I access at a concrete web application. I
have several web application, however, when I want to access to
http://www.grupmicros.com, I want that appears the welcome-file of my
welcome-application.

Any help will be appreciate a lot.
Thanks for all.




Radcliffe, William H. wrote:
 
 Have you tried adding
 
 
 welcome-file-list
   welcome-filemain_page.html/welcome-file
 /welcome-file-list
 
 to your application's web.xml file?
 
 
 -- Bill
 
 -Original Message-
 From: jeusdi [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, July 22, 2008 4:28 AM
 To: users@tomcat.apache.org
 Subject: Redirection
 
 
 Hello list.
 
  Actually, when I want to access to the main page of my web
 application,
 I write ip/directory1/directory2/main_page.html
 
 I would need that when I write the url-- http://ip, directly shows the
 main_page file, in order when I publish the web application
 http://www.grupmicros.com redirects to main_page.html.
 
 Thanks for all in advanced.
 --
 View this message in context:
 http://www.nabble.com/Redirection-tp18585561p18585561.html
 Sent from the Tomcat - User mailing list archive at Nabble.com.
 
 
 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 
 
 
 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 
 
 

-- 
View this message in context: 
http://www.nabble.com/Redirection-tp18585561p18605995.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Redirection

[Caldarale, Charles R]

 From: jeusdi [mailto:[EMAIL PROTECTED]
 Subject: RE: Redirection

 Mmm, this property is usefull when I access at a concrete web
 application. I have several web application, however, when I
 want to access to http://www.grupmicros.com, I want that appears
 the welcome-file of my welcome-application.

Since you didn't bother to tell us the version of Tomcat you're using, it's not 
possible to give you a definitive answer.  However, for levels 5.0 and above, 
the default webapp must be named ROOT (case sensitive).  If you insist on 
keeping your primary webapp at /directory1/directory2 (why?), then write a 
simple HTML file at [appBase]/ROOT/index.html that does nothing but redirect to 
/directory1/directory2/main_page.html.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Redirection

[Radcliffe, William H.]

Have you tried adding


welcome-file-list
welcome-filemain_page.html/welcome-file
/welcome-file-list

to your application's web.xml file?


-- Bill

-Original Message-
From: jeusdi [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, July 22, 2008 4:28 AM
To: users@tomcat.apache.org
Subject: Redirection


Hello list.

 Actually, when I want to access to the main page of my web application,
I write ip/directory1/directory2/main_page.html

I would need that when I write the url-- http://ip, directly shows the
main_page file, in order when I publish the web application
http://www.grupmicros.com redirects to main_page.html.

Thanks for all in advanced.
--
View this message in context:
http://www.nabble.com/Redirection-tp18585561p18585561.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Redirection

[Propes, Barry L]

just do another query -- either in a second servlet to pull back to a JSP page 
or (not recommended, but I've done it) put the query in the JSP page itself.

Just write the results right there on the fly to the JSP.



-Original Message-
From: Mohammed Zabin [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 04, 2007 6:47 AM
To: Tomcat Users List
Subject: Re: Redirection


No, it's not what i wanted :)

I have a servlet page with the following address

http://localhost:8080/Exam/servlets/results

in this servlet page, results, i have a hyperlink: *Click Here To view your
Results*

This link is designated to navigate to a jsp page with the following
address:

http://localhost:80808/Exam/jsp/results.jsp

my question is, how could this hyperlink go correctly from within the
servlet page (results) to a jsp page (results.jsp)

Thank you

On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:

 Sorry, it's not spanish but french, totally unrelated languages

 as for how to create an hyperlink, just open an html book and look for tag
 a href=../a
 En l'instant précis du 04/07/07 11:58, Mohammed Zabin s'exprimait en ces
 termes:
  Thanks, seems spanish ;), I live Spain, am learning spanish language
 now,
  Gratias,
 
  EL java es Aburrido
 
 
  On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:
 
  String url =
  response.encodeURL
  (/path/to/jsp.jsp?paramX=someValueparamY=someOtherValue);
 
  En l'instant précis du 04/07/07 09:20, Mohammed Zabin s'exprimait en
 ces
  termes:
   Hi Everybody
  
   I have a servlet that renders some database related values, at the
   botton of
   the page, i want to add a hyberlink to a jsp page, and i want pass to
   this
   jsp page, and i want to pass some values from servlet to jsp???
  
   How could i do this, any help please?
  
   Jotnarta
  
 
 
  -
  To start a new topic, e-mail: users@tomcat.apache.org
  To unsubscribe, e-mail: [EMAIL PROTECTED]
  For additional commands, e-mail: [EMAIL PROTECTED]
 
 
 


 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Redirection

[Propes, Barry L]

request.setAttribute and cast the string variables that are currently set in 
the servlet.

then request.getAttribute in the JSP.

Actually thoughyou might need to make the hyperlink a form button.


-Original Message-
From: Mohammed Zabin [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 04, 2007 2:20 AM
To: Tomcat Users List
Subject: Redirection


Hi Everybody

I have a servlet that renders some database related values, at the botton of
the page, i want to add a hyberlink to a jsp page, and i want pass to this
jsp page, and i want to pass some values from servlet to jsp???

How could i do this, any help please?

Jotnarta

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Redirection

[David Delbecq]

String url =
response.encodeURL(/path/to/jsp.jsp?paramX=someValueparamY=someOtherValue);

En l'instant précis du 04/07/07 09:20, Mohammed Zabin s'exprimait en ces
termes:
 Hi Everybody

 I have a servlet that renders some database related values, at the
 botton of
 the page, i want to add a hyberlink to a jsp page, and i want pass to
 this
 jsp page, and i want to pass some values from servlet to jsp???

 How could i do this, any help please?

 Jotnarta



-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Redirection

[Mohammed Zabin]

Thanks, seems spanish ;), I live Spain, am learning spanish language now,
Gratias,

EL java es Aburrido


On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:


String url =
response.encodeURL
(/path/to/jsp.jsp?paramX=someValueparamY=someOtherValue);

En l'instant précis du 04/07/07 09:20, Mohammed Zabin s'exprimait en ces
termes:
 Hi Everybody

 I have a servlet that renders some database related values, at the
 botton of
 the page, i want to add a hyberlink to a jsp page, and i want pass to
 this
 jsp page, and i want to pass some values from servlet to jsp???

 How could i do this, any help please?

 Jotnarta



-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Redirection

[Mohammed Zabin]

Thank you again,

But I want to add a hyber link, that when clicked will transfer the user to
a jsp page, like this:

Click Here for example. how could i do this??


On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:


String url =
response.encodeURL
(/path/to/jsp.jsp?paramX=someValueparamY=someOtherValue);

En l'instant précis du 04/07/07 09:20, Mohammed Zabin s'exprimait en ces
termes:
 Hi Everybody

 I have a servlet that renders some database related values, at the
 botton of
 the page, i want to add a hyberlink to a jsp page, and i want pass to
 this
 jsp page, and i want to pass some values from servlet to jsp???

 How could i do this, any help please?

 Jotnarta



-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Redirection

[David Delbecq]

Sorry, it's not spanish but french, totally unrelated languages

as for how to create an hyperlink, just open an html book and look for tag
a href=../a
En l'instant précis du 04/07/07 11:58, Mohammed Zabin s'exprimait en ces
termes:
 Thanks, seems spanish ;), I live Spain, am learning spanish language now,
 Gratias,

 EL java es Aburrido


 On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:

 String url =
 response.encodeURL
 (/path/to/jsp.jsp?paramX=someValueparamY=someOtherValue);

 En l'instant précis du 04/07/07 09:20, Mohammed Zabin s'exprimait en ces
 termes:
  Hi Everybody
 
  I have a servlet that renders some database related values, at the
  botton of
  the page, i want to add a hyberlink to a jsp page, and i want pass to
  this
  jsp page, and i want to pass some values from servlet to jsp???
 
  How could i do this, any help please?
 
  Jotnarta
 


 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]





-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Redirection

[Mohammed Zabin]

No, it's not what i wanted :)

I have a servlet page with the following address

http://localhost:8080/Exam/servlets/results

in this servlet page, results, i have a hyperlink: *Click Here To view your
Results*

This link is designated to navigate to a jsp page with the following
address:

http://localhost:80808/Exam/jsp/results.jsp

my question is, how could this hyperlink go correctly from within the
servlet page (results) to a jsp page (results.jsp)

Thank you

On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:


Sorry, it's not spanish but french, totally unrelated languages

as for how to create an hyperlink, just open an html book and look for tag
a href=../a
En l'instant précis du 04/07/07 11:58, Mohammed Zabin s'exprimait en ces
termes:
 Thanks, seems spanish ;), I live Spain, am learning spanish language
now,
 Gratias,

 EL java es Aburrido


 On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:

 String url =
 response.encodeURL
 (/path/to/jsp.jsp?paramX=someValueparamY=someOtherValue);

 En l'instant précis du 04/07/07 09:20, Mohammed Zabin s'exprimait en
ces
 termes:
  Hi Everybody
 
  I have a servlet that renders some database related values, at the
  botton of
  the page, i want to add a hyberlink to a jsp page, and i want pass to
  this
  jsp page, and i want to pass some values from servlet to jsp???
 
  How could i do this, any help please?
 
  Jotnarta
 


 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]





-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Redirection

[Mohammed Zabin]

Yes Thank you, I found it from your first response, *response.encodeURL*,
Thank you Buddy, my greetings for Sarkoozi ;)

On 7/4/07, Mohammed Zabin [EMAIL PROTECTED] wrote:


No, it's not what i wanted :)

I have a servlet page with the following address

http://localhost:8080/Exam/servlets/results

in this servlet page, results, i have a hyperlink: *Click Here To view
your Results*

This link is designated to navigate to a jsp page with the following
address:

http://localhost:80808/Exam/jsp/results.jsp

my question is, how could this hyperlink go correctly from within the
servlet page (results) to a jsp page (results.jsp)

Thank you

 On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:

 Sorry, it's not spanish but french, totally unrelated languages

 as for how to create an hyperlink, just open an html book and look for
 tag
 a href=../a
 En l'instant précis du 04/07/07 11:58, Mohammed Zabin s'exprimait en ces
 termes:
  Thanks, seems spanish ;), I live Spain, am learning spanish language
 now,
  Gratias,
 
  EL java es Aburrido
 
 
  On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:
 
  String url =
  response.encodeURL
  (/path/to/jsp.jsp?paramX=someValueparamY=someOtherValue);
 
  En l'instant précis du 04/07/07 09:20, Mohammed Zabin s'exprimait en
 ces
  termes:
   Hi Everybody
  
   I have a servlet that renders some database related values, at the
   botton of
   the page, i want to add a hyberlink to a jsp page, and i want pass
 to
   this
   jsp page, and i want to pass some values from servlet to jsp???
  
   How could i do this, any help please?
  
   Jotnarta
  
 
 
  -
  To start a new topic, e-mail: users@tomcat.apache.org
  To unsubscribe, e-mail: [EMAIL PROTECTED]
  For additional commands, e-mail: [EMAIL PROTECTED]
 
 
 


 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

Re: Redirection

[David Delbecq]

Am not sure to understand what you want, but if you want to not have to
put an hyperlink and have servlet directly show the content of the jsp, use

getServletContext().getRequestDispatcher(path/to/your/jsp).forward(request,response);


En l'instant précis du 04/07/07 13:47, Mohammed Zabin s'exprimait en ces
termes:
 No, it's not what i wanted :)

 I have a servlet page with the following address

 http://localhost:8080/Exam/servlets/results

 in this servlet page, results, i have a hyperlink: *Click Here To view
 your
 Results*

 This link is designated to navigate to a jsp page with the following
 address:

 http://localhost:80808/Exam/jsp/results.jsp

 my question is, how could this hyperlink go correctly from within the
 servlet page (results) to a jsp page (results.jsp)

 Thank you

 On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:

 Sorry, it's not spanish but french, totally unrelated languages

 as for how to create an hyperlink, just open an html book and look
 for tag
 a href=../a
 En l'instant précis du 04/07/07 11:58, Mohammed Zabin s'exprimait en ces
 termes:
  Thanks, seems spanish ;), I live Spain, am learning spanish language
 now,
  Gratias,
 
  EL java es Aburrido
 
 
  On 7/4/07, David Delbecq [EMAIL PROTECTED] wrote:
 
  String url =
  response.encodeURL
  (/path/to/jsp.jsp?paramX=someValueparamY=someOtherValue);
 
  En l'instant précis du 04/07/07 09:20, Mohammed Zabin s'exprimait en
 ces
  termes:
   Hi Everybody
  
   I have a servlet that renders some database related values, at the
   botton of
   the page, i want to add a hyberlink to a jsp page, and i want
 pass to
   this
   jsp page, and i want to pass some values from servlet to jsp???
  
   How could i do this, any help please?
  
   Jotnarta
  
 
 
  -
  To start a new topic, e-mail: users@tomcat.apache.org
  To unsubscribe, e-mail: [EMAIL PROTECTED]
  For additional commands, e-mail: [EMAIL PROTECTED]
 
 
 


 -
 To start a new topic, e-mail: users@tomcat.apache.org
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]





-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]