Seema-
You've asked about 10 different questions on 10 different aberrancies on your
upgrade
zip up the whole project up and stick it on driveway or any other free site
That way anyone building/running the code on TC7.0.52 can at least observe
same behaviour you are experiencing
Martin --
> From: seema...@hotmail.com
> To: users@tomcat.apache.org
> Subject: RE: HttpServletRequest Tomcat 5.5.29 to 7.0.52
> Date: Tue, 18 Mar 2014 14:10:19 +0000
>
> Any update on this Chris Schultz or anyone else? I know the images I added to
> the email didn't show up, so if you want me to email them directly to you, I
> can.
> Could really do with help on this, as it is not something I know much about.
>
> Thanks
> Seema
>
> > From: seema...@hotmail.com
> > To: users@tomcat.apache.org
> > Subject: RE: HttpServletRequest Tomcat 5.5.29 to 7.0.52
> > Date: Fri, 14 Mar 2014 15:15:04 +0000
> >
> >
> >
> > > Date: Fri, 14 Mar 2014 08:36:08 -0400
> > > From: ch...@christopherschultz.net
> > > To: users@tomcat.apache.org
> > > Subject: Re: HttpServletRequest Tomcat 5.5.29 to 7.0.52
> > >
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA256
> > >
> > > Seema,
> > >
> > > On 3/14/14, 7:53 AM, Seema Patel wrote:
> > > > I have upgraded my tomcat (5.5.29 to 7.0.52) and Java (1.5 to 1.7)
> > > > for my struts servlet jsp application. I have also removed all
> > > > JCIFS authentication from the WEB-INF/web.xml file and have tried
> > > > to do BASIC authentication through Tomcat and the AD (it
> > > > authenticates me, but not sure if I've missed anything out, as I've
> > > > never done this before).
> > >
> > > One question at a time, please ;)
> >
> > Sorry for the off-loading of multiple questions :-)
> >
> > >
> > > > I have a doFilter function in my code, which contains
> > > > httpServletRequest.getServletPath() call. In the Tomcat 5.5.29 Java
> > > > 1.5 version, this will work, as when I print
> > > > httpServletRequest.getServletPath() i get the following:
> > > >
> > > > P1_00.do P5_0_0.do P5_0_1.do
> > > >
> > > > But in Tomcat 7.0.52 Java 1.7 I get the following from
> > > > httpServletRequest.getServletPath() call:
> > > >
> > > > P1_00.do P5_0_0.do P5_0_1.do includes/tab_defaultsettings.jsp
> > > > includes/P1_00.do
> > >
> > > How are you printing this? Do you just have a Filter that wraps
> > > everything and dumps-out the ServletPath for every request? Can you
> > > post the code for that Filter as well as the <filter> and
> > > <filter-mapping> configuration you have in web.xml?
> > >
> >
> > I'm just doing a System.out.println() in the doFilter function in the
> > RequestFilter class to show which page it is. The doFilter function is:
> >
> >
> > public void doFilter(ServletRequest request, ServletResponse response,
> > FilterChain chain) throws IOException, ServletException {
> > if (request instanceof HttpServletRequest) {
> > final HttpServletRequest httpRequest = (HttpServletRequest)request;
> > final Object userBeanObject =
> > httpRequest.getSession().getAttribute(GenConstants.LOGGED_IN_USER_BEAN);
> > final String pageName = httpRequest.getServletPath().replaceAll("/","");
> > System.out.println("Request Page = " + httpRequest.getServletPath());
> > if (unsecuredPages.contains(pageName)) {
> > // don't need any protection
> > chain.doFilter(request, response);
> > } else if (!(userBeanObject instanceof UserBean)) {
> > // no user bean in session do need one, invalidate session and redirect to
> > login
> > if (httpRequest.getSession(false) != null) {
> > httpRequest.getSession().invalidate();
> > }
> > ((HttpServletResponse)response).sendRedirect(logonPage);
> > } else {
> > final UserBean user = (UserBean) userBeanObject;
> > Map<String,LogicalOperation> permissions =
> > (Map<String,LogicalOperation>)context.getAttribute(GenConstants.PERMISSIONS_MAP);
> > if(permissions == null) {
> > PermissionsUtil.setupPermissions(context);
> > permissions =
> > (Map<String,LogicalOperation>)context.getAttribute(GenConstants.PERMISSIONS_MAP);
> > }
> > final LogicalOperation requiredOp =
> > permissions.get(pageName.replaceAll("\\.do",""));
> > if (user.isOperationAllowed(requiredOp)) {
> > chain.doFilter(request, response);
> > } else {
> > if (httpRequest.getSession(false) != null) {
> > httpRequest.getSession().invalidate();
> > }
> > ((HttpServletResponse)response).sendRedirect(logonPage);
> > }
> > }
> > }
> > }
> >
> > To give you a better idea of what was in the web.xml, here is what's been
> > taken out:
> >
> > <filter>
> > <filter-name>NtlmHttpFilter</filter-name>
> > <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
> > <init-param>
> > <param-name>jcifs.smb.client.soTimeout</param-name>
> > <param-value>30000</param-value>
> > </init-param>
> >
> > <!-- always needed for preauthentication / SMB signatures -->
> > <init-param>
> > <param-name>jcifs.smb.client.domain</param-name>
> > <param-value>XXX.LOCAL</param-value>
> > </init-param>
> > <!-- SMB message signing requires a valid existing login -->
> > <init-param>
> > <param-name>jcifs.smb.client.username</param-name>
> > <param-value>username</param-value>
> > </init-param>
> > <init-param>
> > <param-name>jcifs.smb.client.password</param-name>
> > <param-value>password</param-value>
> > </init-param>
> > <!-- Set the logging level -->
> > <init-param>
> > <param-name>jcifs.util.loglevel</param-name>
> > <param-value>2</param-value>
> > </init-param>
> > <!-- allow non-IE browsers to use basic auth -->
> > <init-param>
> > <param-name>jcifs.http.insecureBasic</param-name>
> > <param-value>true</param-value>
> > </init-param>
> > </filter>
> >
> > <filter-mapping>
> > <filter-name>NtlmHttpFilter</filter-name>
> > <url-pattern>*.do</url-pattern>
> > </filter-mapping>
> > <filter-mapping>
> > <filter-name>NtlmHttpFilter</filter-name>
> > <url-pattern>*.jsp</url-pattern>
> > </filter-mapping>
> >
> > Here is what is still in the web.xml file (pre-upgrade and now):
> >
> > <filter>
> > <filter-name>ADGroupFilter</filter-name>
> > <filter-class>com.xxx.xxx.ADGroupFilter</filter-class>
> > <init-param>
> > <param-name>AllowedGroups</param-name>
> > <param-value>G-xxx1,G-PORTAL-xxx2,G-PORTAL-xxx3,G-PORTAL-xxx4,G-PORTAL-xxx5,G-PORTAL-xxx6,G-PORTAL-xxx7,G-PORTAL-xxx8,G-PORTAL-xxx9,G-PORTAL-xxx10,G-PORTAL-xxx11,
> > G-PORTAL-xxx12,G-PORTAL-xxx13,G-PORTAL-xxx14,G-PORTAL-xxx15</param-value>
> > </init-param>
> > </filter>
> > <filter>
> > <filter-name>Auth Filter</filter-name>
> > <filter-class>com.xxx.xxx.RequestFilter</filter-class>
> > <init-param>
> > <param-name>LogonPage</param-name>
> > <param-value>P1_00.do</param-value>
> > </init-param>
> > <init-param>
> > <param-name>UnsecuredPages</param-name>
> > <param-value>P1_00.do,UnauthorisedAccess.jsp</param-value> <!-- separated
> > by commas -->
> > </init-param>
> > </filter>
> > <filter>
> > <filter-name>NoCacheFilter</filter-name>
> > <filter-class>com.xxx.xxx.NoCacheFilter</filter-class>
> > <!-- Added the 3 init paramaters post upgrade -->
> > <init-param>
> > <param-name>Cache-Control</param-name>
> > <param-value>no-cache</param-value>
> > </init-param>
> > <init-param>
> > <param-name>Cache-Control</param-name>
> > <param-value>no-store</param-value>
> > </init-param>
> > <init-param>
> > <param-name>Pragma</param-name>
> > <param-value>no-cache</param-value>
> > </init-param>
> > </filter>
> >
> > <filter-mapping>
> > <filter-name>NoCacheFilter</filter-name>
> > <url-pattern>/includes/*</url-pattern>
> > </filter-mapping>
> > <filter-mapping>
> > <filter-name>NoCacheFilter</filter-name>
> > <url-pattern>/</url-pattern>
> > </filter-mapping>
> > <filter-mapping>
> > <filter-name>ADGroupFilter</filter-name>
> > <url-pattern>*.do</url-pattern>
> > </filter-mapping>
> > <filter-mapping>
> > <filter-name>ADGroupFilter</filter-name>
> > <url-pattern>*.jsp</url-pattern>
> > </filter-mapping>
> > <filter-mapping>
> > <filter-name>Auth Filter</filter-name>
> > <url-pattern>*.jsp</url-pattern>
> > <url-pattern>*.do</url-pattern>
> > <dispatcher>REQUEST</dispatcher>
> > </filter-mapping>
> >
> >
> > This is the code I have added to replace the JCIFS code (which I'm not sure
> > if I've done correctly):
> >
> > <security-constraint>
> > <display-name>your web app display name</display-name>
> > <web-resource-collection>
> > <web-resource-name>Protected Area</web-resource-name>
> > <url-pattern>/*</url-pattern>
> > </web-resource-collection>
> > <auth-constraint>
> > <!-- <role-name>source</role-name> -->
> > <role-name>G-xxx1</role-name>
> > <role-name>G-PORTAL-xxx2</role-name>
> > <role-name>G-PORTAL-xxx3</role-name>
> > <role-name>G-PORTAL-xxx4</role-name>
> > <role-name>G-PORTAL-xxx5</role-name>
> > <role-name>G-PORTAL-xxx6</role-name>
> > <role-name>G-PORTAL-xxx7</role-name>
> > <role-name>G-PORTAL-xxx8</role-name>
> > <role-name>G-PORTAL-xxx9</role-name>
> > <role-name>G-PORTAL-xxx10</role-name>
> > <role-name>G-PORTAL-xxx11</role-name>
> > <role-name>G-PORTAL-xxx12</role-name>
> > <role-name>G-PORTAL-xxx13</role-name>
> > <role-name>G-PORTAL-xxx14</role-name>
> > <role-name>G-PORTAL-xxx15</role-name>
> > </auth-constraint>
> > </security-constraint>
> >
> > <login-config>
> > <auth-method>BASIC</auth-method>
> > <realm-name>org.apache.catalina.realm.JNDIRealm</realm-name>
> > <!-- <realm-name>Axis Basic Authentication Area</realm-name> -->
> > </login-config>
> >
> > <security-role>
> > <role-name>G-xxx1</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx2</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx3</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx4</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx5</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx6</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx7</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx8</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx9</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx10</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx11</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx12</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx13</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx14</role-name>
> > </security-role>
> > <security-role>
> > <role-name>G-PORTAL-xxx15</role-name>
> > </security-role>
> >
> > Then there's some other stuff in here, such as <servlet>,
> > <servlet-mapping>, <session-config>, <mime-mapping>, <welcome-file-list>,
> > <context-param>, <listener>, <resource-ref>, <error-page>
> >
> >
> > > > This is for the same page I'm calling. I would like to know if
> > > > something has changed in the way Tomcat 7.0.52 handles this call
> > > > from the way it used to in 5.5.29.
> > > >
> > > > I'm trying to eliminate either Tomcat or Java from this issue, as
> > > > nothing else has been changed besides the upgrade of these two
> > > > (except for WEB-INF/web.xml, which may also be the cause, if so,
> > > > is this something that this group could help me with?).
> > >
> > > The servlet spec has changed slightly in the intervening versions. It
> > > may depend upon your configuration that I requested above.
> > >
> > > Are you having a specific problem, or are you just wondering why you
> > > are seeing more output?
> > >
> >
> > Yes it is a specific problem, the page doesn't load all the data and
> > information. Basically the page should be a load of tabs (created by Yahoo
> > User Interface 2.6.0 - I know this is out of date, but the new version is
> > considerably different and will take a long time for me to learn and
> > re-do), then some of the tabs will have sub tabs (hence the
> > includes/tab_defaultsettings.jsp as one of the additional calls). So on the
> > upgraded version the data on the tabs don't load, it sort of pushes the
> > data up (not sure if you can see the screenshot here):
> >
> >
> >
> > whereas the pre-upgrade loads the data and sub-tabs:
> >
> >
> >
> > I hope this helps and I've not overloaded again :-)
> >
> >
> > > - -chris
> > > -----BEGIN PGP SIGNATURE-----
> > > Version: GnuPG v1
> > > Comment: GPGTools - http://gpgtools.org
> > > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> > >
> > > iQIcBAEBCAAGBQJTIve2AAoJEBzwKT+lPKRYGO8QAJBevD64cmJWvC6D9qjCXnwm
> > > qlhfOIySRsmBIz6PPXyH1k2+H3YkRJEsTAiqdsGZ+WASc8tDQvPFrC3wyZB6p3ft
> > > n2lNYYEMhBid39ahrFv+RlgKOsTd3enHiLeiVdD1wuub/P4fj3yEkR0+aM+CoSrl
> > > n06SgLAU4CN9qrYi+nTx4tvlzCElEjbWVkw/PJgKJGB9x4uM5eueZXdri8ymDiLI
> > > a/eaZA5PW4jow+xXLgoBsPSVsrggjUjPdsvz7byMF324Syin73xrjm4WNkWchLD0
> > > e8R8u6Ozew/e3uTTiyGh9WHTacNPAKb0er8jAIwYXTddqxYbnnbnFGAyc5jmLtmp
> > > QAgn2xW1SRYJiQu7cuBOCO5uJY6uOkSYpj2NKYNMuCKi8MMaKp9XYY/D/CLNjvFP
> > > YQhHySdwaPsjEprmU/IfMt+3uzRn6TFKsDBJA7LA8Jotv64kobohjkoTk6A6ihPJ
> > > mGBOPQtdUw4kYSbq0ETSqcUnW2vM5V3VaaouL5+jmKIwjtbyN48rh8OKO6qz2gaR
> > > mpLy3Zgu4KGCAEsIEuTjs0D6fHDpmSzsm03Ai1glHXrIZG6mRSU7J2z3XtlACsWO
> > > bcRzOBCLOfxCBUYUD6PKqcOW0D0sfWfoQqTxqqTbb1mJkH/9I7zRZjTH/Gl+jxQ4
> > > fh3XbIAaQ5WNR3BQHWOW
> > > =cBU1
> > > -----END PGP SIGNATURE-----
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > > For additional commands, e-mail: users-h...@tomcat.apache.org
> > >
> >
>
