You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ravi Sharma <pi...@gmail.com> on 2009/04/27 19:30:25 UTC
Filtering URL via tomcat
Hi All,
Please help me for this problem, i am not able to get to the root of the
problem.
My site have few open/free pages which can be accessed by anyone/guests and
few only for registered users. So you can access those pages only by login
to the site
http://www.mysiste.com/audio/abc.html (anyone/guests can see this page)
http://www.mysiste.com/audio/app/download/abc.html (only logged in user can
see this page)
I am using tomcat 5.5 and appache httpd server 2.2.
the root of my site reside in appache httpd server
so i have folder structure like
mysite/public_html/audio
mysite/public_html/app/audio/download
in my httpd conf i have something like this
JkMount /app/audio/download/* ajp13w
..
..
..
and mysite.com is poiniting to mysite/public_html
*app* is my tomcat application context
and in tomcat web.xml one Filter is listning to url
<filter>
<filter-name>DownLoadSecurityFilter</filter-name>
<filter-class>com.app.security.SecurityFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>DownLoadSecurityFilter</filter-name>
<url-pattern>/audio/download/*</url-pattern>
</filter-mapping>
So all the pages will be served by apache httpd except the pages which are
like app/audio/download.
So now when somone try to access app/audio/download/some.html the request
passed to tomcat, in turns filter check this url and if user is not logged
in then login screen comes up.
User login and proceed and login screen automcatically forward the request
to the page which was requested app/audio/download/some.html, but here i get
this tomcat error
*Type* Status report
*message* */app/audio/download/some.html*
*description* *The requested resource (/app/audio/download/some.html) is not
available.*
these html pages are static pages and exists in apache http home dir of
websites
public_html/app/audio/download/some.html
but then i thought may be it need to exists in tomcat web apps too., so
under web-apps/app dir i created audio link to audio directory under
public_html
so now webapps dir has following link
webapps/app/audio -> /home/mysite/public_html/audio
so basically if i try to access any thing with
http://www.mysite.com/app/audio, it should be served from audio dir in
webapps which in turn audio dir from appache httpd.
But its not working. :(
I dont know whats wrong.
following is my java filter class
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
try
{
checkSecurity(request);
}
catch(UserNotLoggedIn ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
LOGINURL +"?URL=" + targetUrl);
return;
}
catch(OperationNotAllowedForUser ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
DENIENDURL );
return;
}
chain.doFilter(request, response);
doAfterProcessing(request, response);
}
private void doAfterProcessing(ServletRequest request, ServletResponse
response)
throws IOException, ServletException {
}
Thanks in advance
Ravi
Re: Filtering URL via tomcat
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ravi,
On 5/1/2009 7:36 PM, Ravi Sharma wrote:
> I wanted to server these pages only to registered user of my site so i put
> one filter in web.xml of my application
> <filter>
> <filter-name>DownLoadSecurityFilter</filter-name>
> <filter-class>com.app.security.SecurityFilter</filter-class>
> </filter>
> <filter-mapping>
> <filter-name>DownLoadSecurityFilter</filter-name>
> <url-pattern>/audio/download/*</url-pattern>
> </filter-mapping>
Looks good so far. I still think you might just want to use the built-in
authentication and authorization capabilities provided by the container.
Have you looked into using <security-constraint>?
> Now if user is logged in then i don't do any redirection to login page in
> Filter class. Class code as follows
[snip]
> try
> {
> checkSecurity(request);
> }
> catch(UserNotLoggedIn ex)
> {
> httpResponse.sendRedirect(httpRequest.getContextPath() +
> LOGINURL +"?URL=" + targetUrl);
Technically, this should be:
httpResponse.sendRedirect(httpRequest.getContextPath()
+ response.encodeRedirecURL(LOGINURL)
+ "?URL="
+ java.net.URLEncoder.encode(targetURL, "UTF-8")
);
> Problem : Now when user is logged in then user should be able to see this
> page content of
> http://www.mysite.com/app/audio/download/abc.html
>
> but on this page in browser user getting following tomcat error
>
> *Type* Status report
> *message* */app/audio/download/abc.html
> **description* *The requested resource (/app/audio/download/abc.html) is not
> available.**
Did you say that Tomcat generates pages like
/app/audio/download/foo.html for you after the webapp is deployed? I
have seen a lot of people complain that files created after webapp
deployment are not seen by the DefaultServlet, which serves static
content for you.
If you need to serve files that have been created after deployment, you
might want to write your own servlet to serve them. Better yet, serve
them out of another directory because when you undeploy a webapp, Tomcat
might delete the webapp directory and also all your generated files.
You might be able to use the DefaultServlet by changing some settings on
it like whether to cache information about the directories is has
scanned before.
I believe your filter is functioning correctly. Tomcat, in this case, is
what is the problem for you.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkn/RDEACgkQ9CaO5/Lv0PAsCACeO3fLNjoHYEdUWmA65pGGZxrG
ZN8AoKqqDDv5FuRwP07h5G8s5oBZFEG+
=QTtT
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Filtering URL via tomcat
Posted by Ravi Sharma <pi...@gmail.com>.
Hi All,
I guess i did not explained it properly. Let me try once again in simple
way. Forget about what i wrote before.
my Webapps dir have one application called app and has following dir
structure
webapps/app/audio/download/
above dir contacins html pages which are being generated by tomcat whenever
needed.
webapps/app/audio/download/abc.html
webapps/app/audio/download/def.html
webapps/app/audio/download/xyz.html
someone can request these files with url like
http://www.mysite.com/app/audio/download/abc.html
I wanted to server these pages only to registered user of my site so i put
one filter in web.xml of my application
<filter>
<filter-name>DownLoadSecurityFilter</filter-name>
<filter-class>com.app.security.SecurityFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>DownLoadSecurityFilter</filter-name>
<url-pattern>/audio/download/*</url-pattern>
</filter-mapping>
So whenever someone try to access this url
http://www.mysite.com/app/audio/download/abc.html and if he is not logged in
Filter forwars the request to login page(this part is working fine, Filter
seems working fine).
Now if user is logged in then i dont do any redirection to login page in
Filter class. Class code as follows
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse = (HttpServletResponse)response;
doBeforeProcessing(request, response); // No code in this function
String accessedUrl = httpRequest.getRequestURI();
String targetUrl = httpRequest.getRequestURL().toString();
Throwable problem = null;
//chain.doFilter(request, response);
try
{
checkSecurity(request);
}
catch(UserNotLoggedIn ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
LOGINURL +"?URL=" + targetUrl);
return;
}
catch(OperationNotAllowedForUser ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
DENIENDURL );
return;
}
catch (ApplicationException ex)
{
}
chain.doFilter(request, response);
doAfterProcessing(request, response); // No code in this function
if (problem != null) {
if (problem instanceof ServletException) throw
(ServletException)problem;
if (problem instanceof IOException) throw (IOException)problem;
sendProcessingError(problem, response);
}
}
Problem : Now when user is logged in then user should be able to see this
page content of
http://www.mysite.com/app/audio/download/abc.html
but on this page in browser user getting following tomcat error
*Type* Status report
*message* */app/audio/download/abc.html
**description* *The requested resource (/app/audio/download/abc.html) is not
available.**
But the file do exists in this location.
Any idea why it is happening?
Ravi.
On Fri, May 1, 2009 at 5:19 PM, Christopher Schultz <
chris@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Ravi,
>
> Some things aren't adding up:
>
> > http://www.mysiste.com/audio/abc.html (anyone/guests can see this page)
> > http://www.mysiste.com/audio/app/download/abc.html (only logged in user
> can
> > see this page)
>
> ...and...
>
> > the root of my site reside in appache httpd server
> > so i have folder structure like
> > mysite/public_html/audio
> > mysite/public_html/app/audio/download
> >
> > in my httpd conf i have something like this
> > JkMount /app/audio/download/* ajp13w
>
> You have JkMounted /app/audio/download but your URLs above suggest this
> should be /audio/app/download/abc.html. That's strange.
>
> You have your webapp in a directory called "mysite" but the context name
> is "app". That's strange.
>
> On 4/27/2009 2:26 PM, Ravi Sharma wrote:
> > http://www.mysite.com/audio/abc.html is a html being served by httpd
> > correctly
> > then when i try to access
> > http://www.mysite.com/app/audio/download/abc.htmli get following error
> > on browser
> >
> > *Type* Status report
> > *message* */app/audio/download/abc.html
> > **description* *The requested resource (/app/audio/download/abc.html) is
> not
> > available.**
>
> Sounds like this is a Tomcat error. Are you attempting to serve
> /app/audio/download/abc.html from within Tomcat? If so, is that file
> (abc.html) actually deployed as part of the web application?
>
> I think it would be helpful to post more of your httpd configuration and
> the output of 'find' in your webapp's root directory.
>
> Another question: why are you implementing your own authentication and
> authorization instead of using those built-in features of Tomcat? Seems
> like re-inventing the wheel...
>
> > There are no errors in catalina.out(and this is the only file in logs dir
> of
> > Tomcat)
>
> catalina.out will not contain errors like "file not found". If you want
> to see what requests are being served, you'll want to enable the
> AccessLogValve. See
> http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html for details.
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkn7IRUACgkQ9CaO5/Lv0PALDwCgiiLbGQ3m1VbcnqUp2cWGtCZR
> 1HsAn11gsfaTF1DxL9xd3/QMRiVaqhFH
> =aPN/
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: Filtering URL via tomcat
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ravi,
Some things aren't adding up:
> http://www.mysiste.com/audio/abc.html (anyone/guests can see this page)
> http://www.mysiste.com/audio/app/download/abc.html (only logged in user can
> see this page)
...and...
> the root of my site reside in appache httpd server
> so i have folder structure like
> mysite/public_html/audio
> mysite/public_html/app/audio/download
>
> in my httpd conf i have something like this
> JkMount /app/audio/download/* ajp13w
You have JkMounted /app/audio/download but your URLs above suggest this
should be /audio/app/download/abc.html. That's strange.
You have your webapp in a directory called "mysite" but the context name
is "app". That's strange.
On 4/27/2009 2:26 PM, Ravi Sharma wrote:
> http://www.mysite.com/audio/abc.html is a html being served by httpd
> correctly
> then when i try to access
> http://www.mysite.com/app/audio/download/abc.htmli get following error
> on browser
>
> *Type* Status report
> *message* */app/audio/download/abc.html
> **description* *The requested resource (/app/audio/download/abc.html) is not
> available.**
Sounds like this is a Tomcat error. Are you attempting to serve
/app/audio/download/abc.html from within Tomcat? If so, is that file
(abc.html) actually deployed as part of the web application?
I think it would be helpful to post more of your httpd configuration and
the output of 'find' in your webapp's root directory.
Another question: why are you implementing your own authentication and
authorization instead of using those built-in features of Tomcat? Seems
like re-inventing the wheel...
> There are no errors in catalina.out(and this is the only file in logs dir of
> Tomcat)
catalina.out will not contain errors like "file not found". If you want
to see what requests are being served, you'll want to enable the
AccessLogValve. See
http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html for details.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkn7IRUACgkQ9CaO5/Lv0PALDwCgiiLbGQ3m1VbcnqUp2cWGtCZR
1HsAn11gsfaTF1DxL9xd3/QMRiVaqhFH
=aPN/
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Filtering URL via tomcat
Posted by Ravi Sharma <pi...@gmail.com>.
adding to previoius mail.
http://www.mysite.com/audio/abc.html is a html being served by httpd
correctly
then when i try to access
http://www.mysite.com/app/audio/download/abc.htmli get following error
on browser
*Type* Status report
*message* */app/audio/download/abc.html
**description* *The requested resource (/app/audio/download/abc.html) is not
available.**
the access log(mysite.com_access_log) of apache httpd says*
[27/Apr/2009:11:09:16 -0700] "GET /app/audio/download/abc.html HTTP/1.1" 404
1135 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.0.9)
Gecko/2009040821 Firefox/3.0.9 (.NET CLR 3.5.30729)"
*the error log(mysite.com_error_log) of appache httpd says nothing, no issue
there*
when i tried this url
http://www.mysite.com:9080/app/audio/download/abc.html (tomcat is running on
9080)
i got the same error on browser*
Type* Status report
*message* */app/audio/download/abc.html*
*description* *The requested resource (/app/audio/download/abc.html) is not
available.* *
*
There are no errors in catalina.out(and this is the only file in logs dir of
Tomcat)
On Mon, Apr 27, 2009 at 6:57 PM, André Warnier <aw...@ice-sa.com> wrote:
>
> Ravi,
>
> First :
> > so basically if i try to access any thing with
> > http://www.mysite.com/app/audio, it should be served from audio dir in
> > webapps which in turn audio dir from appache httpd.
> >
> > But its not working. :(
> >
> "its not working" is not something that allows anyone to help you.
> HOW is it not working ? What do you do, what do you expect, and what are
> you getting as an error ?
> That means :
> - tell us what URL you are using in the browser
> - what error do you see in the browser ?
> - what error do you see in the Apache logfile ?
> - and what error do you see in the Tomcat logfile ?
>
> Then (old African proverb) : if you want to eat an elephant, you should do
> it a little bit at a time.
>
> In other words, simplify the problem if you can.
>
> Assuming that your Tomcat listens on port 8080 for example (you can see
> that in the conf/server.xml, <Connector> tags), try the following :
> - turn off Apache httpd
> - in the browser, enter the URL
> http://www.mysiste.com:8080/app/audio/download/abc.html
> (that goes to Tomcat directly, without going through Apache).
> What happens then ?
> Don't be afraid to add some details.
>
>
>
>
> Ravi Sharma wrote:
>
>> Hi All,
>> Please help me for this problem, i am not able to get to the root of the
>> problem.
>>
>> My site have few open/free pages which can be accessed by anyone/guests
>> and
>> few only for registered users. So you can access those pages only by login
>> to the site
>>
>> http://www.mysiste.com/audio/abc.html (anyone/guests can see this page)
>> http://www.mysiste.com/audio/app/download/abc.html (only logged in user
>> can
>> see this page)
>>
>> I am using tomcat 5.5 and appache httpd server 2.2.
>>
>> the root of my site reside in appache httpd server
>> so i have folder structure like
>> mysite/public_html/audio
>> mysite/public_html/app/audio/download
>>
>> in my httpd conf i have something like this
>> JkMount /app/audio/download/* ajp13w
>> ..
>> ..
>> ..
>> and mysite.com is poiniting to mysite/public_html
>>
>>
>> *app* is my tomcat application context
>>
>> and in tomcat web.xml one Filter is listning to url
>> <filter>
>> <filter-name>DownLoadSecurityFilter</filter-name>
>> <filter-class>com.app.security.SecurityFilter</filter-class>
>> </filter>
>> <filter-mapping>
>> <filter-name>DownLoadSecurityFilter</filter-name>
>> <url-pattern>/audio/download/*</url-pattern>
>> </filter-mapping>
>>
>> So all the pages will be served by apache httpd except the pages which are
>> like app/audio/download.
>>
>> So now when somone try to access app/audio/download/some.html the request
>> passed to tomcat, in turns filter check this url and if user is not logged
>> in then login screen comes up.
>> User login and proceed and login screen automcatically forward the request
>> to the page which was requested app/audio/download/some.html, but here i
>> get
>> this tomcat error
>>
>> *Type* Status report
>>
>> *message* */app/audio/download/some.html*
>>
>> *description* *The requested resource (/app/audio/download/some.html) is
>> not
>> available.*
>>
>> these html pages are static pages and exists in apache http home dir of
>> websites
>> public_html/app/audio/download/some.html
>>
>> but then i thought may be it need to exists in tomcat web apps too., so
>> under web-apps/app dir i created audio link to audio directory under
>> public_html
>>
>> so now webapps dir has following link
>> webapps/app/audio -> /home/mysite/public_html/audio
>>
>> so basically if i try to access any thing with
>> http://www.mysite.com/app/audio, it should be served from audio dir in
>> webapps which in turn audio dir from appache httpd.
>>
>> But its not working. :(
>>
>> I dont know whats wrong.
>>
>> following is my java filter class
>>
>> public void doFilter(ServletRequest request, ServletResponse response,
>> FilterChain chain)
>> throws IOException, ServletException {
>> try
>> {
>> checkSecurity(request);
>> }
>> catch(UserNotLoggedIn ex)
>> {
>> httpResponse.sendRedirect(httpRequest.getContextPath() +
>> LOGINURL +"?URL=" + targetUrl);
>> return;
>> }
>> catch(OperationNotAllowedForUser ex)
>> {
>> httpResponse.sendRedirect(httpRequest.getContextPath() +
>> DENIENDURL );
>> return;
>> }
>> chain.doFilter(request, response);
>>
>> doAfterProcessing(request, response);
>>
>> }
>>
>>
>> private void doAfterProcessing(ServletRequest request, ServletResponse
>> response)
>> throws IOException, ServletException {
>> }
>>
>> Thanks in advance
>> Ravi
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: Filtering URL via tomcat
Posted by André Warnier <aw...@ice-sa.com>.
Ravi,
First :
> so basically if i try to access any thing with
> http://www.mysite.com/app/audio, it should be served from audio dir in
> webapps which in turn audio dir from appache httpd.
>
> But its not working. :(
>
"its not working" is not something that allows anyone to help you.
HOW is it not working ? What do you do, what do you expect, and what are
you getting as an error ?
That means :
- tell us what URL you are using in the browser
- what error do you see in the browser ?
- what error do you see in the Apache logfile ?
- and what error do you see in the Tomcat logfile ?
Then (old African proverb) : if you want to eat an elephant, you should
do it a little bit at a time.
In other words, simplify the problem if you can.
Assuming that your Tomcat listens on port 8080 for example (you can see
that in the conf/server.xml, <Connector> tags), try the following :
- turn off Apache httpd
- in the browser, enter the URL
http://www.mysiste.com:8080/app/audio/download/abc.html
(that goes to Tomcat directly, without going through Apache).
What happens then ?
Don't be afraid to add some details.
Ravi Sharma wrote:
> Hi All,
> Please help me for this problem, i am not able to get to the root of the
> problem.
>
> My site have few open/free pages which can be accessed by anyone/guests and
> few only for registered users. So you can access those pages only by login
> to the site
>
> http://www.mysiste.com/audio/abc.html (anyone/guests can see this page)
> http://www.mysiste.com/audio/app/download/abc.html (only logged in user can
> see this page)
>
> I am using tomcat 5.5 and appache httpd server 2.2.
>
> the root of my site reside in appache httpd server
> so i have folder structure like
> mysite/public_html/audio
> mysite/public_html/app/audio/download
>
> in my httpd conf i have something like this
> JkMount /app/audio/download/* ajp13w
> ..
> ..
> ..
> and mysite.com is poiniting to mysite/public_html
>
>
> *app* is my tomcat application context
>
> and in tomcat web.xml one Filter is listning to url
> <filter>
> <filter-name>DownLoadSecurityFilter</filter-name>
> <filter-class>com.app.security.SecurityFilter</filter-class>
> </filter>
> <filter-mapping>
> <filter-name>DownLoadSecurityFilter</filter-name>
> <url-pattern>/audio/download/*</url-pattern>
> </filter-mapping>
>
> So all the pages will be served by apache httpd except the pages which are
> like app/audio/download.
>
> So now when somone try to access app/audio/download/some.html the request
> passed to tomcat, in turns filter check this url and if user is not logged
> in then login screen comes up.
> User login and proceed and login screen automcatically forward the request
> to the page which was requested app/audio/download/some.html, but here i get
> this tomcat error
>
> *Type* Status report
>
> *message* */app/audio/download/some.html*
>
> *description* *The requested resource (/app/audio/download/some.html) is not
> available.*
>
> these html pages are static pages and exists in apache http home dir of
> websites
> public_html/app/audio/download/some.html
>
> but then i thought may be it need to exists in tomcat web apps too., so
> under web-apps/app dir i created audio link to audio directory under
> public_html
>
> so now webapps dir has following link
> webapps/app/audio -> /home/mysite/public_html/audio
>
> so basically if i try to access any thing with
> http://www.mysite.com/app/audio, it should be served from audio dir in
> webapps which in turn audio dir from appache httpd.
>
> But its not working. :(
>
> I dont know whats wrong.
>
> following is my java filter class
>
> public void doFilter(ServletRequest request, ServletResponse response,
> FilterChain chain)
> throws IOException, ServletException {
> try
> {
> checkSecurity(request);
> }
> catch(UserNotLoggedIn ex)
> {
> httpResponse.sendRedirect(httpRequest.getContextPath() +
> LOGINURL +"?URL=" + targetUrl);
> return;
> }
> catch(OperationNotAllowedForUser ex)
> {
> httpResponse.sendRedirect(httpRequest.getContextPath() +
> DENIENDURL );
> return;
> }
> chain.doFilter(request, response);
>
> doAfterProcessing(request, response);
>
> }
>
>
> private void doAfterProcessing(ServletRequest request, ServletResponse
> response)
> throws IOException, ServletException {
> }
>
> Thanks in advance
> Ravi
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org