Martin,
When Chris Schultz said I was asking multiple questions, I did apologize to him.
My knowledge of all this is limited as I'm new to it, so please don't make
sarcastic comments to a newbie, we all have to start somewhere and I thought
the purpose of this user list was to help everyone out, no matter their skill
level (or lack of).
Again I apologize to anyone who thinks I'm asking too many questions.
My last email (with actual issue related info) was in reply to Chris Schultz
asking me for the information.
I really do appreciate any help anyone can give me.
Thanks
Seema
> From: mgai...@hotmail.com
> To: users@tomcat.apache.org
> Subject: RE: HttpServletRequest Tomcat 5.5.29 to 7.0.52
> Date: Tue, 18 Mar 2014 21:18:37 -0400
>
> Seema-
>
> You've asked about 10 different questions on 10 different aberrancies on your
> upgrade
> zip up the whole project up and stick it on driveway or any other free site
>
>
>
> That way anyone building/running the code on TC7.0.52 can at least observe
> same behaviour you are experiencing
> Martin --
>
>
>
>
>
>
> > From: seema...@hotmail.com
> > To: users@tomcat.apache.org
> > Subject: RE: HttpServletRequest Tomcat 5.5.29 to 7.0.52
> > Date: Tue, 18 Mar 2014 14:10:19 +0000
> >
> > Any update on this Chris Schultz or anyone else? I know the images I added
> > to the email didn't show up, so if you want me to email them directly to
> > you, I can.
> > Could really do with help on this, as it is not something I know much about.
> >
> > Thanks
> > Seema
> >
> > > From: seema...@hotmail.com
> > > To: users@tomcat.apache.org
> > > Subject: RE: HttpServletRequest Tomcat 5.5.29 to 7.0.52
> > > Date: Fri, 14 Mar 2014 15:15:04 +0000
> > >
> > >
> > >
> > > > Date: Fri, 14 Mar 2014 08:36:08 -0400
> > > > From: ch...@christopherschultz.net
> > > > To: users@tomcat.apache.org
> > > > Subject: Re: HttpServletRequest Tomcat 5.5.29 to 7.0.52
> > > >
> > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > Hash: SHA256
> > > >
> > > > Seema,
> > > >
> > > > On 3/14/14, 7:53 AM, Seema Patel wrote:
> > > > > I have upgraded my tomcat (5.5.29 to 7.0.52) and Java (1.5 to 1.7)
> > > > > for my struts servlet jsp application. I have also removed all
> > > > > JCIFS authentication from the WEB-INF/web.xml file and have tried
> > > > > to do BASIC authentication through Tomcat and the AD (it
> > > > > authenticates me, but not sure if I've missed anything out, as I've
> > > > > never done this before).
> > > >
> > > > One question at a time, please ;)
> > >
> > > Sorry for the off-loading of multiple questions :-)
> > >
> > > >
> > > > > I have a doFilter function in my code, which contains
> > > > > httpServletRequest.getServletPath() call. In the Tomcat 5.5.29 Java
> > > > > 1.5 version, this will work, as when I print
> > > > > httpServletRequest.getServletPath() i get the following:
> > > > >
> > > > > P1_00.do P5_0_0.do P5_0_1.do
> > > > >
> > > > > But in Tomcat 7.0.52 Java 1.7 I get the following from
> > > > > httpServletRequest.getServletPath() call:
> > > > >
> > > > > P1_00.do P5_0_0.do P5_0_1.do includes/tab_defaultsettings.jsp
> > > > > includes/P1_00.do
> > > >
> > > > How are you printing this? Do you just have a Filter that wraps
> > > > everything and dumps-out the ServletPath for every request? Can you
> > > > post the code for that Filter as well as the <filter> and
> > > > <filter-mapping> configuration you have in web.xml?
> > > >
> > >
> > > I'm just doing a System.out.println() in the doFilter function in the
> > > RequestFilter class to show which page it is. The doFilter function is:
> > >
> > >
> > > public void doFilter(ServletRequest request, ServletResponse response,
> > > FilterChain chain) throws IOException, ServletException {
> > > if (request instanceof HttpServletRequest) {
> > > final HttpServletRequest httpRequest = (HttpServletRequest)request;
> > > final Object userBeanObject =
> > > httpRequest.getSession().getAttribute(GenConstants.LOGGED_IN_USER_BEAN);
> > > final String pageName = httpRequest.getServletPath().replaceAll("/","");
> > > System.out.println("Request Page = " + httpRequest.getServletPath());
> > > if (unsecuredPages.contains(pageName)) {
> > > // don't need any protection
> > > chain.doFilter(request, response);
> > > } else if (!(userBeanObject instanceof UserBean)) {
> > > // no user bean in session do need one, invalidate session and redirect
> > > to login
> > > if (httpRequest.getSession(false) != null) {
> > > httpRequest.getSession().invalidate();
> > > }
> > > ((HttpServletResponse)response).sendRedirect(logonPage);
> > > } else {
> > > final UserBean user = (UserBean) userBeanObject;
> > > Map<String,LogicalOperation> permissions =
> > > (Map<String,LogicalOperation>)context.getAttribute(GenConstants.PERMISSIONS_MAP);
> > > if(permissions == null) {
> > > PermissionsUtil.setupPermissions(context);
> > > permissions =
> > > (Map<String,LogicalOperation>)context.getAttribute(GenConstants.PERMISSIONS_MAP);
> > > }
> > > final LogicalOperation requiredOp =
> > > permissions.get(pageName.replaceAll("\\.do",""));
> > > if (user.isOperationAllowed(requiredOp)) {
> > > chain.doFilter(request, response);
> > > } else {
> > > if (httpRequest.getSession(false) != null) {
> > > httpRequest.getSession().invalidate();
> > > }
> > > ((HttpServletResponse)response).sendRedirect(logonPage);
> > > }
> > > }
> > > }
> > > }
> > >
> > > To give you a better idea of what was in the web.xml, here is what's been
> > > taken out:
> > >
> > > <filter>
> > > <filter-name>NtlmHttpFilter</filter-name>
> > > <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
> > > <init-param>
> > > <param-name>jcifs.smb.client.soTimeout</param-name>
> > > <param-value>30000</param-value>
> > > </init-param>
> > >
> > > <!-- always needed for preauthentication / SMB signatures -->
> > > <init-param>
> > > <param-name>jcifs.smb.client.domain</param-name>
> > > <param-value>XXX.LOCAL</param-value>
> > > </init-param>
> > > <!-- SMB message signing requires a valid existing login -->
> > > <init-param>
> > > <param-name>jcifs.smb.client.username</param-name>
> > > <param-value>username</param-value>
> > > </init-param>
> > > <init-param>
> > > <param-name>jcifs.smb.client.password</param-name>
> > > <param-value>password</param-value>
> > > </init-param>
> > > <!-- Set the logging level -->
> > > <init-param>
> > > <param-name>jcifs.util.loglevel</param-name>
> > > <param-value>2</param-value>
> > > </init-param>
> > > <!-- allow non-IE browsers to use basic auth -->
> > > <init-param>
> > > <param-name>jcifs.http.insecureBasic</param-name>
> > > <param-value>true</param-value>
> > > </init-param>
> > > </filter>
> > >
> > > <filter-mapping>
> > > <filter-name>NtlmHttpFilter</filter-name>
> > > <url-pattern>*.do</url-pattern>
> > > </filter-mapping>
> > > <filter-mapping>
> > > <filter-name>NtlmHttpFilter</filter-name>
> > > <url-pattern>*.jsp</url-pattern>
> > > </filter-mapping>
> > >
> > > Here is what is still in the web.xml file (pre-upgrade and now):
> > >
> > > <filter>
> > > <filter-name>ADGroupFilter</filter-name>
> > > <filter-class>com.xxx.xxx.ADGroupFilter</filter-class>
> > > <init-param>
> > > <param-name>AllowedGroups</param-name>
> > > <param-value>G-xxx1,G-PORTAL-xxx2,G-PORTAL-xxx3,G-PORTAL-xxx4,G-PORTAL-xxx5,G-PORTAL-xxx6,G-PORTAL-xxx7,G-PORTAL-xxx8,G-PORTAL-xxx9,G-PORTAL-xxx10,G-PORTAL-xxx11,
> > > G-PORTAL-xxx12,G-PORTAL-xxx13,G-PORTAL-xxx14,G-PORTAL-xxx15</param-value>
> > > </init-param>
> > > </filter>
> > > <filter>
> > > <filter-name>Auth Filter</filter-name>
> > > <filter-class>com.xxx.xxx.RequestFilter</filter-class>
> > > <init-param>
> > > <param-name>LogonPage</param-name>
> > > <param-value>P1_00.do</param-value>
> > > </init-param>
> > > <init-param>
> > > <param-name>UnsecuredPages</param-name>
> > > <param-value>P1_00.do,UnauthorisedAccess.jsp</param-value> <!-- separated
> > > by commas -->
> > > </init-param>
> > > </filter>
> > > <filter>
> > > <filter-name>NoCacheFilter</filter-name>
> > > <filter-class>com.xxx.xxx.NoCacheFilter</filter-class>
> > > <!-- Added the 3 init paramaters post upgrade -->
> > > <init-param>
> > > <param-name>Cache-Control</param-name>
> > > <param-value>no-cache</param-value>
> > > </init-param>
> > > <init-param>
> > > <param-name>Cache-Control</param-name>
> > > <param-value>no-store</param-value>
> > > </init-param>
> > > <init-param>
> > > <param-name>Pragma</param-name>
> > > <param-value>no-cache</param-value>
> > > </init-param>
> > > </filter>
> > >
> > > <filter-mapping>
> > > <filter-name>NoCacheFilter</filter-name>
> > > <url-pattern>/includes/*</url-pattern>
> > > </filter-mapping>
> > > <filter-mapping>
> > > <filter-name>NoCacheFilter</filter-name>
> > > <url-pattern>/</url-pattern>
> > > </filter-mapping>
> > > <filter-mapping>
> > > <filter-name>ADGroupFilter</filter-name>
> > > <url-pattern>*.do</url-pattern>
> > > </filter-mapping>
> > > <filter-mapping>
> > > <filter-name>ADGroupFilter</filter-name>
> > > <url-pattern>*.jsp</url-pattern>
> > > </filter-mapping>
> > > <filter-mapping>
> > > <filter-name>Auth Filter</filter-name>
> > > <url-pattern>*.jsp</url-pattern>
> > > <url-pattern>*.do</url-pattern>
> > > <dispatcher>REQUEST</dispatcher>
> > > </filter-mapping>
> > >
> > >
> > > This is the code I have added to replace the JCIFS code (which I'm not
> > > sure if I've done correctly):
> > >
> > > <security-constraint>
> > > <display-name>your web app display name</display-name>
> > > <web-resource-collection>
> > > <web-resource-name>Protected Area</web-resource-name>
> > > <url-pattern>/*</url-pattern>
> > > </web-resource-collection>
> > > <auth-constraint>
> > > <!-- <role-name>source</role-name> -->
> > > <role-name>G-xxx1</role-name>
> > > <role-name>G-PORTAL-xxx2</role-name>
> > > <role-name>G-PORTAL-xxx3</role-name>
> > > <role-name>G-PORTAL-xxx4</role-name>
> > > <role-name>G-PORTAL-xxx5</role-name>
> > > <role-name>G-PORTAL-xxx6</role-name>
> > > <role-name>G-PORTAL-xxx7</role-name>
> > > <role-name>G-PORTAL-xxx8</role-name>
> > > <role-name>G-PORTAL-xxx9</role-name>
> > > <role-name>G-PORTAL-xxx10</role-name>
> > > <role-name>G-PORTAL-xxx11</role-name>
> > > <role-name>G-PORTAL-xxx12</role-name>
> > > <role-name>G-PORTAL-xxx13</role-name>
> > > <role-name>G-PORTAL-xxx14</role-name>
> > > <role-name>G-PORTAL-xxx15</role-name>
> > > </auth-constraint>
> > > </security-constraint>
> > >
> > > <login-config>
> > > <auth-method>BASIC</auth-method>
> > > <realm-name>org.apache.catalina.realm.JNDIRealm</realm-name>
> > > <!-- <realm-name>Axis Basic Authentication Area</realm-name> -->
> > > </login-config>
> > >
> > > <security-role>
> > > <role-name>G-xxx1</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx2</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx3</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx4</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx5</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx6</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx7</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx8</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx9</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx10</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx11</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx12</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx13</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx14</role-name>
> > > </security-role>
> > > <security-role>
> > > <role-name>G-PORTAL-xxx15</role-name>
> > > </security-role>
> > >
> > > Then there's some other stuff in here, such as <servlet>,
> > > <servlet-mapping>, <session-config>, <mime-mapping>, <welcome-file-list>,
> > > <context-param>, <listener>, <resource-ref>, <error-page>
> > >
> > >
> > > > > This is for the same page I'm calling. I would like to know if
> > > > > something has changed in the way Tomcat 7.0.52 handles this call
> > > > > from the way it used to in 5.5.29.
> > > > >
> > > > > I'm trying to eliminate either Tomcat or Java from this issue, as
> > > > > nothing else has been changed besides the upgrade of these two
> > > > > (except for WEB-INF/web.xml, which may also be the cause, if so,
> > > > > is this something that this group could help me with?).
> > > >
> > > > The servlet spec has changed slightly in the intervening versions. It
> > > > may depend upon your configuration that I requested above.
> > > >
> > > > Are you having a specific problem, or are you just wondering why you
> > > > are seeing more output?
> > > >
> > >
> > > Yes it is a specific problem, the page doesn't load all the data and
> > > information. Basically the page should be a load of tabs (created by
> > > Yahoo User Interface 2.6.0 - I know this is out of date, but the new
> > > version is considerably different and will take a long time for me to
> > > learn and re-do), then some of the tabs will have sub tabs (hence the
> > > includes/tab_defaultsettings.jsp as one of the additional calls). So on
> > > the upgraded version the data on the tabs don't load, it sort of pushes
> > > the data up (not sure if you can see the screenshot here):
> > >
> > >
> > >
> > > whereas the pre-upgrade loads the data and sub-tabs:
> > >
> > >
> > >
> > > I hope this helps and I've not overloaded again :-)
> > >
> > >
> > > > - -chris
> > > > -----BEGIN PGP SIGNATURE-----
> > > > Version: GnuPG v1
> > > > Comment: GPGTools - http://gpgtools.org
> > > > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> > > >
> > > > iQIcBAEBCAAGBQJTIve2AAoJEBzwKT+lPKRYGO8QAJBevD64cmJWvC6D9qjCXnwm
> > > > qlhfOIySRsmBIz6PPXyH1k2+H3YkRJEsTAiqdsGZ+WASc8tDQvPFrC3wyZB6p3ft
> > > > n2lNYYEMhBid39ahrFv+RlgKOsTd3enHiLeiVdD1wuub/P4fj3yEkR0+aM+CoSrl
> > > > n06SgLAU4CN9qrYi+nTx4tvlzCElEjbWVkw/PJgKJGB9x4uM5eueZXdri8ymDiLI
> > > > a/eaZA5PW4jow+xXLgoBsPSVsrggjUjPdsvz7byMF324Syin73xrjm4WNkWchLD0
> > > > e8R8u6Ozew/e3uTTiyGh9WHTacNPAKb0er8jAIwYXTddqxYbnnbnFGAyc5jmLtmp
> > > > QAgn2xW1SRYJiQu7cuBOCO5uJY6uOkSYpj2NKYNMuCKi8MMaKp9XYY/D/CLNjvFP
> > > > YQhHySdwaPsjEprmU/IfMt+3uzRn6TFKsDBJA7LA8Jotv64kobohjkoTk6A6ihPJ
> > > > mGBOPQtdUw4kYSbq0ETSqcUnW2vM5V3VaaouL5+jmKIwjtbyN48rh8OKO6qz2gaR
> > > > mpLy3Zgu4KGCAEsIEuTjs0D6fHDpmSzsm03Ai1glHXrIZG6mRSU7J2z3XtlACsWO
> > > > bcRzOBCLOfxCBUYUD6PKqcOW0D0sfWfoQqTxqqTbb1mJkH/9I7zRZjTH/Gl+jxQ4
> > > > fh3XbIAaQ5WNR3BQHWOW
> > > > =cBU1
> > > > -----END PGP SIGNATURE-----
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > > > For additional commands, e-mail: users-h...@tomcat.apache.org
> > > >
> > >
> >
>
