You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Christopher Schultz <ch...@christopherschultz.net> on 2009/05/01 18:19:33 UTC
Re: Filtering URL via tomcat
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ravi,
Some things aren't adding up:
> http://www.mysiste.com/audio/abc.html (anyone/guests can see this page)
> http://www.mysiste.com/audio/app/download/abc.html (only logged in user can
> see this page)
...and...
> the root of my site reside in appache httpd server
> so i have folder structure like
> mysite/public_html/audio
> mysite/public_html/app/audio/download
>
> in my httpd conf i have something like this
> JkMount /app/audio/download/* ajp13w
You have JkMounted /app/audio/download but your URLs above suggest this
should be /audio/app/download/abc.html. That's strange.
You have your webapp in a directory called "mysite" but the context name
is "app". That's strange.
On 4/27/2009 2:26 PM, Ravi Sharma wrote:
> http://www.mysite.com/audio/abc.html is a html being served by httpd
> correctly
> then when i try to access
> http://www.mysite.com/app/audio/download/abc.htmli get following error
> on browser
>
> *Type* Status report
> *message* */app/audio/download/abc.html
> **description* *The requested resource (/app/audio/download/abc.html) is not
> available.**
Sounds like this is a Tomcat error. Are you attempting to serve
/app/audio/download/abc.html from within Tomcat? If so, is that file
(abc.html) actually deployed as part of the web application?
I think it would be helpful to post more of your httpd configuration and
the output of 'find' in your webapp's root directory.
Another question: why are you implementing your own authentication and
authorization instead of using those built-in features of Tomcat? Seems
like re-inventing the wheel...
> There are no errors in catalina.out(and this is the only file in logs dir of
> Tomcat)
catalina.out will not contain errors like "file not found". If you want
to see what requests are being served, you'll want to enable the
AccessLogValve. See
http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html for details.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkn7IRUACgkQ9CaO5/Lv0PALDwCgiiLbGQ3m1VbcnqUp2cWGtCZR
1HsAn11gsfaTF1DxL9xd3/QMRiVaqhFH
=aPN/
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Filtering URL via tomcat
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ravi,
On 5/1/2009 7:36 PM, Ravi Sharma wrote:
> I wanted to server these pages only to registered user of my site so i put
> one filter in web.xml of my application
> <filter>
> <filter-name>DownLoadSecurityFilter</filter-name>
> <filter-class>com.app.security.SecurityFilter</filter-class>
> </filter>
> <filter-mapping>
> <filter-name>DownLoadSecurityFilter</filter-name>
> <url-pattern>/audio/download/*</url-pattern>
> </filter-mapping>
Looks good so far. I still think you might just want to use the built-in
authentication and authorization capabilities provided by the container.
Have you looked into using <security-constraint>?
> Now if user is logged in then i don't do any redirection to login page in
> Filter class. Class code as follows
[snip]
> try
> {
> checkSecurity(request);
> }
> catch(UserNotLoggedIn ex)
> {
> httpResponse.sendRedirect(httpRequest.getContextPath() +
> LOGINURL +"?URL=" + targetUrl);
Technically, this should be:
httpResponse.sendRedirect(httpRequest.getContextPath()
+ response.encodeRedirecURL(LOGINURL)
+ "?URL="
+ java.net.URLEncoder.encode(targetURL, "UTF-8")
);
> Problem : Now when user is logged in then user should be able to see this
> page content of
> http://www.mysite.com/app/audio/download/abc.html
>
> but on this page in browser user getting following tomcat error
>
> *Type* Status report
> *message* */app/audio/download/abc.html
> **description* *The requested resource (/app/audio/download/abc.html) is not
> available.**
Did you say that Tomcat generates pages like
/app/audio/download/foo.html for you after the webapp is deployed? I
have seen a lot of people complain that files created after webapp
deployment are not seen by the DefaultServlet, which serves static
content for you.
If you need to serve files that have been created after deployment, you
might want to write your own servlet to serve them. Better yet, serve
them out of another directory because when you undeploy a webapp, Tomcat
might delete the webapp directory and also all your generated files.
You might be able to use the DefaultServlet by changing some settings on
it like whether to cache information about the directories is has
scanned before.
I believe your filter is functioning correctly. Tomcat, in this case, is
what is the problem for you.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkn/RDEACgkQ9CaO5/Lv0PAsCACeO3fLNjoHYEdUWmA65pGGZxrG
ZN8AoKqqDDv5FuRwP07h5G8s5oBZFEG+
=QTtT
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Filtering URL via tomcat
Posted by Ravi Sharma <pi...@gmail.com>.
Hi All,
I guess i did not explained it properly. Let me try once again in simple
way. Forget about what i wrote before.
my Webapps dir have one application called app and has following dir
structure
webapps/app/audio/download/
above dir contacins html pages which are being generated by tomcat whenever
needed.
webapps/app/audio/download/abc.html
webapps/app/audio/download/def.html
webapps/app/audio/download/xyz.html
someone can request these files with url like
http://www.mysite.com/app/audio/download/abc.html
I wanted to server these pages only to registered user of my site so i put
one filter in web.xml of my application
<filter>
<filter-name>DownLoadSecurityFilter</filter-name>
<filter-class>com.app.security.SecurityFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>DownLoadSecurityFilter</filter-name>
<url-pattern>/audio/download/*</url-pattern>
</filter-mapping>
So whenever someone try to access this url
http://www.mysite.com/app/audio/download/abc.html and if he is not logged in
Filter forwars the request to login page(this part is working fine, Filter
seems working fine).
Now if user is logged in then i dont do any redirection to login page in
Filter class. Class code as follows
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse = (HttpServletResponse)response;
doBeforeProcessing(request, response); // No code in this function
String accessedUrl = httpRequest.getRequestURI();
String targetUrl = httpRequest.getRequestURL().toString();
Throwable problem = null;
//chain.doFilter(request, response);
try
{
checkSecurity(request);
}
catch(UserNotLoggedIn ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
LOGINURL +"?URL=" + targetUrl);
return;
}
catch(OperationNotAllowedForUser ex)
{
httpResponse.sendRedirect(httpRequest.getContextPath() +
DENIENDURL );
return;
}
catch (ApplicationException ex)
{
}
chain.doFilter(request, response);
doAfterProcessing(request, response); // No code in this function
if (problem != null) {
if (problem instanceof ServletException) throw
(ServletException)problem;
if (problem instanceof IOException) throw (IOException)problem;
sendProcessingError(problem, response);
}
}
Problem : Now when user is logged in then user should be able to see this
page content of
http://www.mysite.com/app/audio/download/abc.html
but on this page in browser user getting following tomcat error
*Type* Status report
*message* */app/audio/download/abc.html
**description* *The requested resource (/app/audio/download/abc.html) is not
available.**
But the file do exists in this location.
Any idea why it is happening?
Ravi.
On Fri, May 1, 2009 at 5:19 PM, Christopher Schultz <
chris@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Ravi,
>
> Some things aren't adding up:
>
> > http://www.mysiste.com/audio/abc.html (anyone/guests can see this page)
> > http://www.mysiste.com/audio/app/download/abc.html (only logged in user
> can
> > see this page)
>
> ...and...
>
> > the root of my site reside in appache httpd server
> > so i have folder structure like
> > mysite/public_html/audio
> > mysite/public_html/app/audio/download
> >
> > in my httpd conf i have something like this
> > JkMount /app/audio/download/* ajp13w
>
> You have JkMounted /app/audio/download but your URLs above suggest this
> should be /audio/app/download/abc.html. That's strange.
>
> You have your webapp in a directory called "mysite" but the context name
> is "app". That's strange.
>
> On 4/27/2009 2:26 PM, Ravi Sharma wrote:
> > http://www.mysite.com/audio/abc.html is a html being served by httpd
> > correctly
> > then when i try to access
> > http://www.mysite.com/app/audio/download/abc.htmli get following error
> > on browser
> >
> > *Type* Status report
> > *message* */app/audio/download/abc.html
> > **description* *The requested resource (/app/audio/download/abc.html) is
> not
> > available.**
>
> Sounds like this is a Tomcat error. Are you attempting to serve
> /app/audio/download/abc.html from within Tomcat? If so, is that file
> (abc.html) actually deployed as part of the web application?
>
> I think it would be helpful to post more of your httpd configuration and
> the output of 'find' in your webapp's root directory.
>
> Another question: why are you implementing your own authentication and
> authorization instead of using those built-in features of Tomcat? Seems
> like re-inventing the wheel...
>
> > There are no errors in catalina.out(and this is the only file in logs dir
> of
> > Tomcat)
>
> catalina.out will not contain errors like "file not found". If you want
> to see what requests are being served, you'll want to enable the
> AccessLogValve. See
> http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html for details.
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkn7IRUACgkQ9CaO5/Lv0PALDwCgiiLbGQ3m1VbcnqUp2cWGtCZR
> 1HsAn11gsfaTF1DxL9xd3/QMRiVaqhFH
> =aPN/
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>