Hi Chris, Thank you for the feedback.
On Sat, Jun 15, 2019 at 10:44 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Tommy, > > On 6/15/19 21:51, Tommy Pham wrote: > > Hi Mark, > > > > After some research and thought about internal application flow, I > > think the 'cleanest' is have TC's default servlet handle the *.html > > requests and use the assigned filter to restrict the access as > > desired. Is there a better approach? On that plan, I have this > > mapping for TC's default servlet and init: > > > > Filter AppFilterAccessLog's servlet mapping: Servlet name: default > > , registered class: org.apache.catalina.servlets.DefaultServlet. > > Servlet default's mapping: /img/* /css/* /WEB-INF/* > > Uh... you sure you want that? What is stopping a client from requesting > /WEB-INF/web.xml? > > > /js/* Servlet default's init parameters: listings: false debug: 0 > > > > If I use *.html instead of /WEB-INF/*, it goes into infinite loop > > redirecting / forwarding until exception is thrown (I think that > > root cause is servlets' startup ordering). Below are what my > > access log filter see for HttpServletRequest: > > > > Attributes: javax.servlet.forward.request_uri=/erm-0.0.1-SNAPSHOT/ > > javax.servlet.forward.context_path=/erm-0.0.1-SNAPSHOT > > javax.servlet.forward.servlet_path= > > javax.servlet.forward.path_info=/ > > > > javax.servlet.forward.mapping=org.apache.catalina.core.ApplicationMapp > ing$MappingImpl@7fc1f887 > > > > > org.apache.logging.log4j.web.Log4jServletFilter.FILTERED=true > > Class: org.apache.catalina.core.ApplicationHttpRequest > > DispatcherType: FORWARD [javax.servlet.DispatcherType] > > HttpServletMapping: Class: > > org.apache.catalina.core.ApplicationMapping$MappingImpl > > MappingMatch: PATH MatchValue: setup/step_0.html Pattern: > > /WEB-INF/* ServletName: default > > > > Below is from the actual filter assigned to TC's default servlet > > intended to restrict access: > > > > ContextPath: /erm-0.0.1-SNAPSHOT DispatcherType: FORWARD PathInfo: > > /setup/step_0.html PathTranslated: > > D:\apache-tomcat-9.0.21\webapps\erm-0.0.1-SNAPSHOT\setup\step_0.html > > > > > Method: GET > > RequestURI: /erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html > > RequestURL: > > http://localhost:8080/erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html > > ServletPath: /WEB-INF ServletContext.ServletContextName: erm > > response: org.apache.catalina.connector.ResponseFacade > > > > I think everything seems correct except the PathTranslated. It > > should be: > > > > D:\apache-tomcat-9.0.21\webapps\erm-0.0.1-SNAPSHOT\WEB-INF\setup\step_ > 0.html > > > > where the file is. I'm unable to find out why it's wrong after a > > couple hours of searching since the the browser shows an empty > > page... The string "/WEB-INF/setup/step_0.html" was passed to > > request.getRequestDispatcher(). According to the doc [1], " If the > > path begins with a "/" it is interpreted as relative to the current > > context root." everything is as it should be right, other than > > PathTranslated? Or did I misunderstood the usage of > > getRequestDispatcher().forward()? Currently, I have 4 filters in > > place and all are in passive monitoring mode. None of them have > > the code logic to perform their intended functions. 3 filters > > mapped to URL /* and one assigned to TC's default servlet. I'll > > work out their filtering order before the intended functions are > > implemented. > > Filters are applied in a predictable order. I highly recommend reading > the servlet specification to see how these things are defined to work. > It's quite readable. > > Why not allow Tomcat to serve everything in the web application (other > than /WEB-INF/* and /META-INF/*) as usual? What is it that you need to > put into there that you can't hide in some other way? > > It sounds like you are unnecessarily complicating your life. > > - -chris > I was using "/WEB-INF/*" as a test of the scaffolding for my application since previously "*.html" ended up infinite loop which, eventually, it threw an exception. Now that I've got "*.html" working, I'm still getting a blank page. The HTML files are only served as UI for the initial setup of the application. There won't be any static files other than JS, CSS, and images when the application is fully configured by administrator. Here are the servlets configuration: Servlet name: default , registered class: org.apache.catalina.servlets.DefaultServlet. Servlet default's mapping: /img/* /css/* /js/* *.html Servlet default's init parameters: listings: false debug: 0 Servlet name: AppServlet , registered class: com.sointe.web.AppServlet. Servlet AppServlet's mapping: / Servlet AppServlet's init parameters: Servlet name: jsp , registered class: org.apache.jasper.servlet.JspServlet. Servlet jsp's mapping: *.jspx *.jsp Servlet jsp's init parameters: fork: false xpoweredBy: false And HttpServletRequest's info: Attributes: javax.servlet.forward.request_uri=/erm-0.0.1-SNAPSHOT/ javax.servlet.forward.context_path=/erm-0.0.1-SNAPSHOT javax.servlet.forward.servlet_path=/ javax.servlet.forward.mapping=org.apache.catalina.core.ApplicationMapping$MappingImpl@5e9215c0 org.apache.logging.log4j.web.Log4jServletFilter.FILTERED=true DispatcherType: FORWARD [javax.servlet.DispatcherType] HttpServletMapping: Class: org.apache.catalina.core.ApplicationMapping$MappingImpl MappingMatch: EXTENSION MatchValue: WEB-INF/setup/step_0 Pattern: *.html ServletName: default and the actual filter assigned to TC's default servlet to restrict access: AppFilterStaticFiles.doFilter:52 - Class: org.apache.catalina.core.ApplicationHttpRequest AppFilterStaticFiles.doFilter:53 - ServletContext Class: org.apache.catalina.core.ApplicationContextFacade AppFilterStaticFiles.doFilter:54 - ContextPath: /erm-0.0.1-SNAPSHOT AppFilterStaticFiles.doFilter:55 - DispatcherType: FORWARD AppFilterStaticFiles.doFilter:56 - Method: GET AppFilterStaticFiles.doFilter:57 - PathInfo: null AppFilterStaticFiles.doFilter:58 - PathTranslated: null AppFilterStaticFiles.doFilter:59 - getServletContext().getRealPath() of ServletPath: D:\apache-tomcat-9.0.21\webapps\erm-0.0.1-SNAPSHOT\WEB-INF\setup\step_0.html AppFilterStaticFiles.doFilter:60 - RequestURI: /erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html AppFilterStaticFiles.doFilter:61 - RequestURL: http://localhost:8080/erm-0.0.1-SNAPSHOT/WEB-INF/setup/step_0.html AppFilterStaticFiles.doFilter:62 - ServletPath: /WEB-INF/setup/step_0.html AppFilterStaticFiles.doFilter:63 - ServletContext.ServletContextName: erm AppFilterStaticFiles.doFilter:67 - response: org.apache.catalina.connector.ResponseFacade In looking at the code for ApplicationHttpRequest [1] for the getPathTranlated() @Override public String getPathTranslated() { if (getPathInfo() == null || getServletContext() == null) { return null; } return getServletContext().getRealPath(getPathInfo()); } and for the getRequestDispatcher() if (pathInfo == null) { requestPath = servletPath; } else { requestPath = servletPath + pathInfo; } Perhaps the getPathTranslated() could be ? if ( getServletContext() != null) { if (getServletPath() != null) { if (getPathInfo() != null) { return getServletContext().getRealPath(getServletPath() + getPathInfo()); } return getServletContext().getRealPath(getServletPath()); } } return null; I think that would also fix the translated path I saw earlier which resulted in a blank page for the browser. Thanks, Tommy [1] https://github.com/apache/tomcat/blob/master/java/org/apache/catalina/core/ApplicationHttpRequest.java > -----BEGIN PGP SIGNATURE----- > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl0F1yoACgkQHPApP6U8 > pFgu2g//RlYf7TmtSzoh5pUsunI5U12r/y99sgO6nGe7cDyjqKeBUJrIOWU52ay4 > hrUc/I7H2v9BT38bAB1ql4L963ssh7v11erjUtXYqENiBRNX6gF9KPzNkDYLqJqc > Va5W+a8WpTiQDu5rW1TUP3sgSxRNtjrumLQou/afP6Mggadx9uDzIlN8WnUgHihX > a2s3hsxU/uK4RYjNNXdZWB8Kyt+nb7C4PH197WV7zohvnxFLIa+JHnAXwu8BnD47 > qLjAyfOEqycpH+jCQ0VOyz863KAM623tS20a6IVCmfGQdNtW3rYCjTiUl4Ck4c1Z > vpe71rnNn+wnq3tKlv6KRvnIKkqdP/yda4c6zSqnLrQZJaHYivgU/kSGm74KgSaU > jE/PQeRgbZVdWaaWMS+vY5n8BVinad+NZlP4clblzCnjCIEHRE1vlPN4jD5FAVY9 > kF97H8r6o4wWamkHACSgiRvO6eXmL0E9I0hDOXayWLSoTeQP8kLuWbJYMcWCMy/t > p1SlbIi8MvFB5ZLZPynMxC2vhxc2ecuN4qPwQSPhZci5ejUZ5FfNQ7Pq84yWNq6/ > 6oTn9OpitGHoTQuC1EouClCS2Ky5NkwepbOrWzb7qbAA33q0UG0vE+9SZtbrqueV > mCzh49FkuKxAlajrSWOKu1fm+HpLLYHacUXVoRuHGnXzd7vsVEg= > =QyrT > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
