You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Matt Peterson <ma...@une.edu.au> on 2010/06/14 00:03:55 UTC
Setting scheme on catalina Requests
Using Tc 6.0.26, Java 6 on Win XP Pro.
I am trying to develop a valve to modify requests based on a HTTP request
header as set by our SSL terminating load balancer. The valve is to watch
out for a particular header and when found, call the setSecure(true),
setScheme("https") and setServerPort(443) methods so that the receiving
servlet is aware that the request is a secure one. The setSecure() &
setServerPort() methods work as expected, but the setScheme() method does
not set the scheme. I have looked into the source for
catalina.connector.Request and have found the setScheme() method is made of
a single line: "// Not used". This would explain why the setScheme() method
is not setting the scheme as I expect it would.
So, how else could I set the scheme of the request to 'https'? There must be
a way, because the http connector is able to set it if I use the 'scheme'
attribute in the connectors XML config in server.xml. I have tried to find
the code which does this, but have not been able to find it.
Any help is ppreciated.
Cheers,
Matt.
Re: Setting scheme on catalina Requests
Posted by Mark Thomas <ma...@apache.org>.
On 14/06/2010 01:23, Matthew Peterson wrote:
> Hi Mark,
>
> I cannot find another reference to the setScheme method by searching the tomcat-users archive (http://marc.info/?l=tomcat-user&w=2&r=1&s=setScheme&q=b). Where else would I find some info on this topic?
My bad. It was Request.setRemoteAddr(String) and
Request.setRemoteHost(String) that was discussed with a side comment on
setScheme() - all on the dev list.
The short version is that these attributes were not intended to be
editable when first implemented. That has evolved over time.
Mark
>
> Cheers,
> Matt.
>
>
> -----Original Message-----
> From: Mark Thomas [mailto:markt@apache.org]
> Sent: Monday, 14 June 2010 9:58 AM
> To: Tomcat Users List
> Subject: Re: Setting scheme on catalina Requests
>
> On 13/06/2010 23:40, Matthew Peterson wrote:
>> I still don't understand why the catalina.Request object doesn't implement the convenience method setScheme(String) for this...
>
> Try searching the archives. This has bee discussed previously.
>
> Mark
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Setting scheme on catalina Requests
Posted by Matthew Peterson <ma...@une.edu.au>.
Hi Mark,
I cannot find another reference to the setScheme method by searching the tomcat-users archive (http://marc.info/?l=tomcat-user&w=2&r=1&s=setScheme&q=b). Where else would I find some info on this topic?
Cheers,
Matt.
-----Original Message-----
From: Mark Thomas [mailto:markt@apache.org]
Sent: Monday, 14 June 2010 9:58 AM
To: Tomcat Users List
Subject: Re: Setting scheme on catalina Requests
On 13/06/2010 23:40, Matthew Peterson wrote:
> I still don't understand why the catalina.Request object doesn't implement the convenience method setScheme(String) for this...
Try searching the archives. This has bee discussed previously.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Setting scheme on catalina Requests
Posted by Mark Thomas <ma...@apache.org>.
On 13/06/2010 23:40, Matthew Peterson wrote:
> I still don't understand why the catalina.Request object doesn't implement the convenience method setScheme(String) for this...
Try searching the archives. This has bee discussed previously.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Setting scheme on catalina Requests
Posted by Matthew Peterson <ma...@une.edu.au>.
Never mind. I found out how to do it. For anyone else interested, from a catalina.Request object you need to get the underlying coyote.Request object, access it's Scheme object (type MessageByte) and then set it's String value to "https".
I still don't understand why the catalina.Request object doesn't implement the convenience method setScheme(String) for this...
Cheers,
Matt.
-----Original Message-----
From: Matt Peterson [mailto:matt.peterson@une.edu.au]
Sent: Monday, 14 June 2010 8:04 AM
To: users@tomcat.apache.org
Subject: Setting scheme on catalina Requests
Using Tc 6.0.26, Java 6 on Win XP Pro.
I am trying to develop a valve to modify requests based on a HTTP request
header as set by our SSL terminating load balancer. The valve is to watch
out for a particular header and when found, call the setSecure(true),
setScheme("https") and setServerPort(443) methods so that the receiving
servlet is aware that the request is a secure one. The setSecure() &
setServerPort() methods work as expected, but the setScheme() method does
not set the scheme. I have looked into the source for
catalina.connector.Request and have found the setScheme() method is made of
a single line: "// Not used". This would explain why the setScheme() method
is not setting the scheme as I expect it would.
So, how else could I set the scheme of the request to 'https'? There must be
a way, because the http connector is able to set it if I use the 'scheme'
attribute in the connectors XML config in server.xml. I have tried to find
the code which does this, but have not been able to find it.
Any help is ppreciated.
Cheers,
Matt.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Setting scheme on catalina Requests
Posted by Matthew Peterson <ma...@une.edu.au>.
I have discovered that the RemoteIPValve which has been shipped with Tomcat since v6.0.24 also performs the tasks am trying to perform with my valve. I had overlooked it previously due to its name.
We are using v6.0.26, so I'll give it a whirl!
Cheers,
Matt.
-----Original Message-----
From: Christopher Schultz [mailto:chris@christopherschultz.net]
Sent: Tuesday, 15 June 2010 8:06 AM
To: Tomcat Users List
Subject: Re: Setting scheme on catalina Requests
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Matt,
On 6/13/2010 6:03 PM, Matt Peterson wrote:
> I am trying to develop a valve to modify requests based on a HTTP request
> header as set by our SSL terminating load balancer. The valve is to watch
> out for a particular header and when found, call the setSecure(true),
> setScheme("https") and setServerPort(443) methods so that the receiving
> servlet is aware that the request is a secure one.
Why set the server port? You may end up confusing code that performs
redirects and things like that. Can you get away with simply
setSecure()/setScheme()?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkwWp88ACgkQ9CaO5/Lv0PCE6QCePtQgxZKDiDgB7GVjRK7HiM2k
IA0An3Wnzw4RdIM1IMHw+q4WNFupseiv
=EHI5
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Setting scheme on catalina Requests
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Matt,
On 6/13/2010 6:03 PM, Matt Peterson wrote:
> I am trying to develop a valve to modify requests based on a HTTP request
> header as set by our SSL terminating load balancer. The valve is to watch
> out for a particular header and when found, call the setSecure(true),
> setScheme("https") and setServerPort(443) methods so that the receiving
> servlet is aware that the request is a secure one.
Why set the server port? You may end up confusing code that performs
redirects and things like that. Can you get away with simply
setSecure()/setScheme()?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkwWp88ACgkQ9CaO5/Lv0PCE6QCePtQgxZKDiDgB7GVjRK7HiM2k
IA0An3Wnzw4RdIM1IMHw+q4WNFupseiv
=EHI5
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org