> From: seema...@hotmail.com > To: users@tomcat.apache.org > Subject: RE: HttpServletRequest Tomcat 5.5.29 to 7.0.52 > Date: Fri, 14 Mar 2014 15:15:04 +0000 > > > > > Date: Fri, 14 Mar 2014 08:36:08 -0400 > > From: ch...@christopherschultz.net > > To: users@tomcat.apache.org > > Subject: Re: HttpServletRequest Tomcat 5.5.29 to 7.0.52 > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA256 > > > > Seema, > > > > On 3/14/14, 7:53 AM, Seema Patel wrote: > > > I have upgraded my tomcat (5.5.29 to 7.0.52) and Java (1.5 to 1.7) > > > for my struts servlet jsp application. I have also removed all > > > JCIFS authentication from the WEB-INF/web.xml file and have tried > > > to do BASIC authentication through Tomcat and the AD (it > > > authenticates me, but not sure if I've missed anything out, as I've > > > never done this before). > > > > One question at a time, please ;) > > Sorry for the off-loading of multiple questions :-) > > > > > > I have a doFilter function in my code, which contains > > > httpServletRequest.getServletPath() call. In the Tomcat 5.5.29 Java > > > 1.5 version, this will work, as when I print > > > httpServletRequest.getServletPath() i get the following: > > > > > > P1_00.do P5_0_0.do P5_0_1.do > > > > > > But in Tomcat 7.0.52 Java 1.7 I get the following from > > > httpServletRequest.getServletPath() call: > > > > > > P1_00.do P5_0_0.do P5_0_1.do includes/tab_defaultsettings.jsp > > > includes/P1_00.do > > > > How are you printing this? Do you just have a Filter that wraps > > everything and dumps-out the ServletPath for every request? Can you > > post the code for that Filter as well as the <filter> and > > <filter-mapping> configuration you have in web.xml? > > > > I'm just doing a System.out.println() in the doFilter function in the > RequestFilter class to show which page it is. The doFilter function is: > > > public void doFilter(ServletRequest request, ServletResponse response, > FilterChain chain) throws IOException, ServletException { > if (request instanceof HttpServletRequest) { > final HttpServletRequest httpRequest = > (HttpServletRequest)request; > final Object userBeanObject = > httpRequest.getSession().getAttribute(GenConstants.LOGGED_IN_USER_BEAN); > final String pageName = > httpRequest.getServletPath().replaceAll("/",""); > System.out.println("Request Page = " + > httpRequest.getServletPath()); > if (unsecuredPages.contains(pageName)) { > // don't need any protection > chain.doFilter(request, response); > } else if (!(userBeanObject instanceof UserBean)) { > // no user bean in session do need one, invalidate session > and redirect to login > if (httpRequest.getSession(false) != null) { > httpRequest.getSession().invalidate(); > } > ((HttpServletResponse)response).sendRedirect(logonPage); > } else { > final UserBean user = (UserBean) userBeanObject; > Map<String,LogicalOperation> permissions = > (Map<String,LogicalOperation>)context.getAttribute(GenConstants.PERMISSIONS_MAP); > if(permissions == null) { > PermissionsUtil.setupPermissions(context); > permissions = > (Map<String,LogicalOperation>)context.getAttribute(GenConstants.PERMISSIONS_MAP); > } > final LogicalOperation requiredOp = > permissions.get(pageName.replaceAll("\\.do","")); > if (user.isOperationAllowed(requiredOp)) { > chain.doFilter(request, response); > } else { > if (httpRequest.getSession(false) != null) { > httpRequest.getSession().invalidate(); > } > ((HttpServletResponse)response).sendRedirect(logonPage); > } > } > } > } > > To give you a better idea of what was in the web.xml, here is what's been > taken out: > > <filter> > <filter-name>NtlmHttpFilter</filter-name> > <filter-class>jcifs.http.NtlmHttpFilter</filter-class> > <init-param> > <param-name>jcifs.smb.client.soTimeout</param-name> > <param-value>30000</param-value> > </init-param> > > <!-- always needed for preauthentication / SMB signatures --> > <init-param> > <param-name>jcifs.smb.client.domain</param-name> > <param-value>XXX.LOCAL</param-value> > </init-param> > <!-- SMB message signing requires a valid existing login --> > <init-param> > <param-name>jcifs.smb.client.username</param-name> > <param-value>username</param-value> > </init-param> > <init-param> > <param-name>jcifs.smb.client.password</param-name> > <param-value>password</param-value> > </init-param> > <!-- Set the logging level --> > <init-param> > <param-name>jcifs.util.loglevel</param-name> > <param-value>2</param-value> > </init-param> > <!-- allow non-IE browsers to use basic auth --> > <init-param> > <param-name>jcifs.http.insecureBasic</param-name> > <param-value>true</param-value> > </init-param> > </filter> > > <filter-mapping> > <filter-name>NtlmHttpFilter</filter-name> > <url-pattern>*.do</url-pattern> > </filter-mapping> > <filter-mapping> > <filter-name>NtlmHttpFilter</filter-name> > <url-pattern>*.jsp</url-pattern> > </filter-mapping> > > Here is what is still in the web.xml file (pre-upgrade and now): > > <filter> > <filter-name>ADGroupFilter</filter-name> > <filter-class>com.xxx.xxx.ADGroupFilter</filter-class> > <init-param> > <param-name>AllowedGroups</param-name> > > <param-value>G-xxx1,G-PORTAL-xxx2,G-PORTAL-xxx3,G-PORTAL-xxx4,G-PORTAL-xxx5,G-PORTAL-xxx6,G-PORTAL-xxx7,G-PORTAL-xxx8,G-PORTAL-xxx9,G-PORTAL-xxx10,G-PORTAL-xxx11, > G-PORTAL-xxx12,G-PORTAL-xxx13,G-PORTAL-xxx14,G-PORTAL-xxx15</param-value> > </init-param> > </filter> > <filter> > <filter-name>Auth Filter</filter-name> > <filter-class>com.xxx.xxx.RequestFilter</filter-class> > <init-param> > <param-name>LogonPage</param-name> > <param-value>P1_00.do</param-value> > </init-param> > <init-param> > <param-name>UnsecuredPages</param-name> > <param-value>P1_00.do,UnauthorisedAccess.jsp</param-value> <!-- > separated by commas --> > </init-param> > </filter> > <filter> > <filter-name>NoCacheFilter</filter-name> > <filter-class>com.xxx.xxx.NoCacheFilter</filter-class> > <!-- Added the 3 init paramaters post upgrade --> > <init-param> > <param-name>Cache-Control</param-name> > <param-value>no-cache</param-value> > </init-param> > <init-param> > <param-name>Cache-Control</param-name> > <param-value>no-store</param-value> > </init-param> > <init-param> > <param-name>Pragma</param-name> > <param-value>no-cache</param-value> > </init-param> > </filter> > > <filter-mapping> > <filter-name>NoCacheFilter</filter-name> > <url-pattern>/includes/*</url-pattern> > </filter-mapping> > <filter-mapping> > <filter-name>NoCacheFilter</filter-name> > <url-pattern>/</url-pattern> > </filter-mapping> > <filter-mapping> > <filter-name>ADGroupFilter</filter-name> > <url-pattern>*.do</url-pattern> > </filter-mapping> > <filter-mapping> > <filter-name>ADGroupFilter</filter-name> > <url-pattern>*.jsp</url-pattern> > </filter-mapping> > <filter-mapping> > <filter-name>Auth Filter</filter-name> > <url-pattern>*.jsp</url-pattern> > <url-pattern>*.do</url-pattern> > <dispatcher>REQUEST</dispatcher> > </filter-mapping> > > > This is the code I have added to replace the JCIFS code (which I'm not sure > if I've done correctly): > > <security-constraint> > <display-name>your web app display name</display-name> > <web-resource-collection> > <web-resource-name>Protected Area</web-resource-name> > <url-pattern>/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <!-- <role-name>source</role-name> --> > <role-name>G-xxx1</role-name> > <role-name>G-PORTAL-xxx2</role-name> > <role-name>G-PORTAL-xxx3</role-name> > <role-name>G-PORTAL-xxx4</role-name> > <role-name>G-PORTAL-xxx5</role-name> > <role-name>G-PORTAL-xxx6</role-name> > <role-name>G-PORTAL-xxx7</role-name> > <role-name>G-PORTAL-xxx8</role-name> > <role-name>G-PORTAL-xxx9</role-name> > <role-name>G-PORTAL-xxx10</role-name> > <role-name>G-PORTAL-xxx11</role-name> > <role-name>G-PORTAL-xxx12</role-name> > <role-name>G-PORTAL-xxx13</role-name> > <role-name>G-PORTAL-xxx14</role-name> > <role-name>G-PORTAL-xxx15</role-name> > </auth-constraint> > </security-constraint> > > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>org.apache.catalina.realm.JNDIRealm</realm-name> > <!-- <realm-name>Axis Basic Authentication Area</realm-name> --> > </login-config> > > <security-role> > <role-name>G-xxx1</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx2</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx3</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx4</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx5</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx6</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx7</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx8</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx9</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx10</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx11</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx12</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx13</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx14</role-name> > </security-role> > <security-role> > <role-name>G-PORTAL-xxx15</role-name> > </security-role> > > Then there's some other stuff in here, such as <servlet>, <servlet-mapping>, > <session-config>, <mime-mapping>, <welcome-file-list>, <context-param>, > <listener>, <resource-ref>, <error-page> > > > > > This is for the same page I'm calling. I would like to know if > > > something has changed in the way Tomcat 7.0.52 handles this call > > > from the way it used to in 5.5.29. > > > > > > I'm trying to eliminate either Tomcat or Java from this issue, as > > > nothing else has been changed besides the upgrade of these two > > > (except for WEB-INF/web.xml, which may also be the cause, if so, > > > is this something that this group could help me with?). > > > > The servlet spec has changed slightly in the intervening versions. It > > may depend upon your configuration that I requested above. > > > > Are you having a specific problem, or are you just wondering why you > > are seeing more output? > > > > Yes it is a specific problem, the page doesn't load all the data and > information. Basically the page should be a load of tabs (created by Yahoo > User Interface 2.6.0 - I know this is out of date, but the new version is > considerably different and will take a long time for me to learn and re-do), > then some of the tabs will have sub tabs (hence the > includes/tab_defaultsettings.jsp as one of the additional calls). So on the > upgraded version the data on the tabs don't load, it sort of pushes the data > up (not sure if you can see the screenshot here): > > > > whereas the pre-upgrade loads the data and sub-tabs: > > > > I hope this helps and I've not overloaded again :-) > >
Any updates on this Chris or anyone else? > > - -chris > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1 > > Comment: GPGTools - http://gpgtools.org > > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > > > iQIcBAEBCAAGBQJTIve2AAoJEBzwKT+lPKRYGO8QAJBevD64cmJWvC6D9qjCXnwm > > qlhfOIySRsmBIz6PPXyH1k2+H3YkRJEsTAiqdsGZ+WASc8tDQvPFrC3wyZB6p3ft > > n2lNYYEMhBid39ahrFv+RlgKOsTd3enHiLeiVdD1wuub/P4fj3yEkR0+aM+CoSrl > > n06SgLAU4CN9qrYi+nTx4tvlzCElEjbWVkw/PJgKJGB9x4uM5eueZXdri8ymDiLI > > a/eaZA5PW4jow+xXLgoBsPSVsrggjUjPdsvz7byMF324Syin73xrjm4WNkWchLD0 > > e8R8u6Ozew/e3uTTiyGh9WHTacNPAKb0er8jAIwYXTddqxYbnnbnFGAyc5jmLtmp > > QAgn2xW1SRYJiQu7cuBOCO5uJY6uOkSYpj2NKYNMuCKi8MMaKp9XYY/D/CLNjvFP > > YQhHySdwaPsjEprmU/IfMt+3uzRn6TFKsDBJA7LA8Jotv64kobohjkoTk6A6ihPJ > > mGBOPQtdUw4kYSbq0ETSqcUnW2vM5V3VaaouL5+jmKIwjtbyN48rh8OKO6qz2gaR > > mpLy3Zgu4KGCAEsIEuTjs0D6fHDpmSzsm03Ai1glHXrIZG6mRSU7J2z3XtlACsWO > > bcRzOBCLOfxCBUYUD6PKqcOW0D0sfWfoQqTxqqTbb1mJkH/9I7zRZjTH/Gl+jxQ4 > > fh3XbIAaQ5WNR3BQHWOW > > =cBU1 > > -----END PGP SIGNATURE----- > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > >