You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jeffrey Janner <Je...@PolyDyne.com> on 2013/04/23 21:29:25 UTC
Question on servlet determination
Running Tomcat 6.0.36, JDK 1.6.0_43
I've an application defined with the following web.xml:
<web-app>
<security-constraint>
<web-resource-collection>
<web-resource-name>Everything</web-resource-name>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.html</url-pattern>
<url-pattern>*.js</url-pattern>
<url-pattern>/Servlet1</url-pattern>
<url-pattern>/Servlet2</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<resource-ref>
<description>Oracle Universal Connection Pool</description>
<res-ref-name>jdbc/oracleUCPPool</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<servlet>
<servlet-name>Servlet1</servlet-name>
<display-name>Servlet1</display-name>
<description>Controlling servlet for Servlet1</description>
<servlet-class>com.polydyne.servlet1</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Servlet2</servlet-name>
<display-name>Servlet2</display-name>
<description>Controlling servlet for Servlet2</description>
<servlet-class>com.polydyne.servlet2</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Servlet1</servlet-name>
<url-pattern>/Servlet1</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Servlet2</servlet-name>
<url-pattern>/Servlet2</url-pattern>
</servlet-mapping>
<error-page>
<error-code>404</error-code>
<location>/Unavailable.jsp</location>
</error-page>
</webapp>
The issue: If I connect with the URL: http://myhost/Servlet1 (or Servlet2), I get what I expect. However, if I connect http://myhost/Servlet1/ then I get a 404. Actually, I get my 404 page but not all the graphics come over.
Shouldn't the final / be stripped and I get the same behavior either way?
Also willing to entertain critiques on my security-constraint section, but not that we don't use Tomcat authentication, so I want any requests for top-level files in the Web directory to also force https.
Jeffrey Janner
Sr. Network Administrator
jeffrey.janner@polydyne.com<ma...@polydyne.com>
PolyDyne Software Inc.
Main: 512.343.9100
Direct: 512.583.8930
[cid:image002.png@01CC0FB7.4FF43CE0]
Speed, Intelligence & Savings in Sourcing
RE: Question on servlet determination
Posted by Jeffrey Janner <Je...@PolyDyne.com>.
> -----Original Message-----
> From: Neven Cvetkovic [mailto:neven.cvetkovic@gmail.com]
> Sent: Tuesday, April 23, 2013 5:29 PM
> To: Tomcat Users List
> Subject: Re: Question on servlet determination
>
> > > ________________________________
> > > From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
> > > <web-app>
> > > <security-constraint>
> > > <web-resource-collection>
> > > <web-resource-name>Everything</web-resource-name>
> > > <url-pattern>*.jsp</url-pattern>
> > > <url-pattern>*.html</url-pattern>
> > > <url-pattern>*.js</url-pattern>
> > > <url-pattern>/Servlet1</url-pattern>
> > > <url-pattern>/Servlet2</url-pattern>
> > > </web-resource-collection>
> >
>
> Jeffrey, why don't you just use "catch all" url pattern?
>
> Is there anything that you don't want to be part of the same security
> constraint? In this case security constraint just enforces SSL, but
> could do other things, check roles, etc. In that case you might want to
> split secure and non-secure resources ... (e.g. login page should not
> be secure and login action should be secure, etc...)
>
> What are you trying to achieve?
>
> Cheers!
> Neven
>
IIRC, I originally had the "/*" entry, back in Tomcat 4.x, but it wouldn't force the move to https for any files directly asked for in the top level. For example, http://myhost/login.jsp would not switch to https until after you entered your login information.
If I get some free time, I'll probably be retesting, but, yes, I'm also going to be adding a section that will be using a different auth method for a third servlet.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Question on servlet determination
Posted by Neven Cvetkovic <ne...@gmail.com>.
> > ________________________________
> > From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
> > <web-app>
> > <security-constraint>
> > <web-resource-collection>
> > <web-resource-name>Everything</web-resource-name>
> > <url-pattern>*.jsp</url-pattern>
> > <url-pattern>*.html</url-pattern>
> > <url-pattern>*.js</url-pattern>
> > <url-pattern>/Servlet1</url-pattern>
> > <url-pattern>/Servlet2</url-pattern>
> > </web-resource-collection>
>
Jeffrey, why don't you just use "catch all" url pattern?
Is there anything that you don't want to be part of the same security
constraint? In this case security constraint just enforces SSL, but could
do other things, check roles, etc. In that case you might want to split
secure and non-secure resources ... (e.g. login page should not be secure
and login action should be secure, etc...)
What are you trying to achieve?
Cheers!
Neven
>
> > Also willing to entertain critiques on my security-constraint section,
> > but not that we don't use Tomcat authentication, so I want any
> > requests for top-level files in the Web directory to also force https.
> >
>
RE: Question on servlet determination
Posted by "Propes, Barry L " <ba...@citi.com>.
Is that right? I didn't realize that.
I was about to ask if you had any reference "/" before any of the welcome files. Although I'm not sure the XML file would even allow that would it?
I don't think I've tried it. Maybe it would.
-----Original Message-----
From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
Sent: Tuesday, April 23, 2013 4:46 PM
To: 'Tomcat Users List'
Subject: RE: Question on servlet determination
> -----Original Message-----
> From: Propes, Barry L [mailto:barry.l.propes@citi.com]
> Sent: Tuesday, April 23, 2013 4:34 PM
> To: 'Tomcat Users List'
> Subject: RE: Question on servlet determination
>
> I'm tempted to say no.
>
> Because you might be adding a "/" in front of your servlet mapping.
>
> In other words, changing the path of the folder slightly, with a
> different relative path.
>
I went back and read the servlet spec for 2.5, and according to it, Tomcat should be redirecting the URI ending "/Servlet2" to "/Servlet2/" and then applying welcome files (I do have some defined, just didn't include it below). Amazingly, this appears to be what happens. However, if the ending "/" already exists, it doesn't just go looking for welcome files.
Jeff
> ________________________________
> From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
> Sent: Tuesday, April 23, 2013 2:29 PM
> To: 'Tomcat Users List'
> Subject: Question on servlet determination
>
> Running Tomcat 6.0.36, JDK 1.6.0_43
>
> I've an application defined with the following web.xml:
>
> <web-app>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Everything</web-resource-name>
> <url-pattern>*.jsp</url-pattern>
> <url-pattern>*.html</url-pattern>
> <url-pattern>*.js</url-pattern>
> <url-pattern>/Servlet1</url-pattern>
> <url-pattern>/Servlet2</url-pattern>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
> <resource-ref>
> <description>Oracle Universal Connection Pool</description>
> <res-ref-name>jdbc/oracleUCPPool</res-ref-name>
> <res-type>javax.sql.DataSource</res-type>
> <res-auth>Container</res-auth>
> </resource-ref>
> <servlet>
> <servlet-name>Servlet1</servlet-name>
> <display-name>Servlet1</display-name>
> <description>Controlling servlet for Servlet1</description>
> <servlet-class>com.polydyne.servlet1</servlet-class>
> <load-on-startup>1</load-on-startup>
> </servlet>
> <servlet>
> <servlet-name>Servlet2</servlet-name>
> <display-name>Servlet2</display-name>
> <description>Controlling servlet for Servlet2</description>
> <servlet-class>com.polydyne.servlet2</servlet-class>
> <load-on-startup>1</load-on-startup>
> </servlet>
> <servlet-mapping>
> <servlet-name>Servlet1</servlet-name>
> <url-pattern>/Servlet1</url-pattern>
> </servlet-mapping>
> <servlet-mapping>
> <servlet-name>Servlet2</servlet-name>
> <url-pattern>/Servlet2</url-pattern>
> </servlet-mapping>
> <error-page>
> <error-code>404</error-code>
> <location>/Unavailable.jsp</location>
> </error-page>
> </webapp>
>
> The issue: If I connect with the URL: http://myhost/Servlet1 (or
> Servlet2), I get what I expect. However, if I connect
> http://myhost/Servlet1/ then I get a 404. Actually, I get my 404 page
> but not all the graphics come over.
>
> Shouldn't the final / be stripped and I get the same behavior either
> way?
>
> Also willing to entertain critiques on my security-constraint section,
> but not that we don't use Tomcat authentication, so I want any
> requests for top-level files in the Web directory to also force https.
>
> Jeffrey Janner
> Sr. Network Administrator
> jeffrey.janner@polydyne.com<ma...@polydyne.com>
> PolyDyne Software Inc.
> Main: 512.343.9100
> Direct: 512.583.8930
>
> [cid:image002.png@01CC0FB7.4FF43CE0]
>
> Speed, Intelligence & Savings in Sourcing
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Question on servlet determination
Posted by Jeffrey Janner <Je...@PolyDyne.com>.
> -----Original Message-----
> From: Christopher Schultz [mailto:chris@christopherschultz.net]
> Sent: Wednesday, April 24, 2013 12:20 PM
> To: Tomcat Users List
> Subject: Re: Question on servlet determination
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Jeff,
>
> On 4/23/13 5:45 PM, Jeffrey Janner wrote:
> >> -----Original Message----- From: Propes, Barry L
> >> [mailto:barry.l.propes@citi.com] Sent: Tuesday, April 23, 2013
> >> 4:34 PM To: 'Tomcat Users List' Subject: RE: Question on servlet
> >> determination
> >>
> >> I'm tempted to say no.
> >>
> >> Because you might be adding a "/" in front of your servlet mapping.
> >>
> >> In other words, changing the path of the folder slightly, with a
> >> different relative path.
> >>
> >
> > I went back and read the servlet spec for 2.5, and according to it,
> > Tomcat should be redirecting the URI ending "/Servlet2" to
> > "/Servlet2/" and then applying welcome files (I do have some defined,
> > just didn't include it below). Amazingly, this appears to be what
> > happens. However, if the ending "/" already exists, it doesn't just
> > go looking for welcome files.
>
> If you have a servlet mapped to /Servlet1 (and /Servlet2), why should
> there be any redirecting at all? That should only happen if the
> DefaultServlet is handling the request and /Servlet1 refers to a
> directory (or something that looks like one).
>
> - -chris
I was specifically using the terminology in the 2.5 spec. To quote from page 72, the section on Welcome Files:
Consider a Web application where:
• The deployment descriptor lists the following welcome files.
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
• The static content in the WAR is as follows
/foo/index.html
/foo/default.jsp
/foo/orderform.html
/foo/home.gif
/catalog/default.jsp
/catalog/products/shop.jsp
/catalog/products/register.jsp
• A request URI of /foo will be redirected to a URI of /foo/.
• A request URI of /foo/ will be returned as /foo/index.html.
• A request URI of /catalog will be redirected to a URI of /catalog/.
• A request URI of /catalog/ will be returned as /catalog/default.jsp.
• A request URI of /catalog/index.html will cause a 404 not found
• A request URI of /catalog/products will be redirected to a URI of /
catalog/products/.
• A request URI of /catalog/products/ will be passed to the “default” servlet,
if any. If no “default” servlet is mapped, the request may cause a 404 not
found, may cause a directory listing including shop.jsp and register.jsp, or
may cause other behavior defined by the container. See Section SRV.11.2,
“Specification of Mappings” for the definition of “default” servlet.
But then, I could have been interpreting that incorrectly, since I think it's referring to requests into directories, not Servlets.
The more I think about it, the more I'm sure it's our code. There are no directories that match the servlet names. Tomcat is correctly matching the servlet name, and passing the rest of the request string to the servlet, null in the first case, and "/" in the second. Our code assumes a null string means put up a specific page but doesn't know what to do with a "/" (have not researched, but probable). It's not really relying on the welcome-list at all.
That makes even more sense when you understand that both servlets have the same document base (the Web directory), and both welcome files are in that directory, yet each servlet manages to put up the servlet-specific welcome file.
Does that start to make sense, Chris?
Jeff
Re: Question on servlet determination
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Jeff,
On 4/23/13 5:45 PM, Jeffrey Janner wrote:
>> -----Original Message----- From: Propes, Barry L
>> [mailto:barry.l.propes@citi.com] Sent: Tuesday, April 23, 2013
>> 4:34 PM To: 'Tomcat Users List' Subject: RE: Question on servlet
>> determination
>>
>> I'm tempted to say no.
>>
>> Because you might be adding a "/" in front of your servlet
>> mapping.
>>
>> In other words, changing the path of the folder slightly, with a
>> different relative path.
>>
>
> I went back and read the servlet spec for 2.5, and according to
> it, Tomcat should be redirecting the URI ending "/Servlet2" to
> "/Servlet2/" and then applying welcome files (I do have some
> defined, just didn't include it below). Amazingly, this appears to
> be what happens. However, if the ending "/" already exists, it
> doesn't just go looking for welcome files.
If you have a servlet mapped to /Servlet1 (and /Servlet2), why should
there be any redirecting at all? That should only happen if the
DefaultServlet is handling the request and /Servlet1 refers to a
directory (or something that looks like one).
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJReBQ/AAoJEBzwKT+lPKRYnVUP/A32hsNrCKupzCtQSHeolP9X
WsWWP7Vy1svMG/9aFPbbvMmpV4YPDp+lxUy615q2jiP7o5Ys/Ovu5SemCqoZRhYh
1Aj/vgESnUQtQDCQwny7XUMErWkWsC8C6TWpQ+SNoD+iQlNnXgArztQS2Ufl0rRX
h4FjF+/6R8+mcfPUlpOmSOwFl45DjQEocOuWdfYewtlZkzNu0dZxZ7S10RBq0ATu
loaMKC/dFvgSa/vqf5wwVW69zqlMVVh0/y7JFgN71zyv7i2VJCGqDHEPPBEFV5/O
el4b5Q3wjb6Bk99sv4sDOyC85eUcN0SaDkb9ygTkkuamI3sdZxl06ej/AJU/TIOn
5bLBn89N8DKqLu6t7qI5M4yQ+dqGx6SmqGtGgG71+MoJ+BpcmQKciJf9wC2kh6nA
JYdOXxRb7297guzZxL9gw7uz9asVV7TVWH1SHm2jzXkxaezu2OXpWX3FRocQU66q
+/PlH0gry9bjGyWfM6KKAb1rRRYKF6r5NxKMjDVKIwPIYmPpeFeSZ78koGAMhruS
k+T0N/iTQ8nLsM0qBkiMffZv8Mgr1AMygP0v7NB407S0q4HF28y5v5ZpwqnRU1Cu
fgO76UgnHYkZkegO3pQkwfzzIIO9HoPxk2pqKTzi9ttgI9QXeVvWJxcj65SSjshL
71xkuFIhbmh/9Pc5AlW4
=c7ZG
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Question on servlet determination
Posted by Jeffrey Janner <Je...@PolyDyne.com>.
> -----Original Message-----
> From: Propes, Barry L [mailto:barry.l.propes@citi.com]
> Sent: Tuesday, April 23, 2013 4:34 PM
> To: 'Tomcat Users List'
> Subject: RE: Question on servlet determination
>
> I'm tempted to say no.
>
> Because you might be adding a "/" in front of your servlet mapping.
>
> In other words, changing the path of the folder slightly, with a
> different relative path.
>
I went back and read the servlet spec for 2.5, and according to it, Tomcat should be redirecting the URI ending "/Servlet2" to "/Servlet2/" and then applying welcome files (I do have some defined, just didn't include it below). Amazingly, this appears to be what happens. However, if the ending "/" already exists, it doesn't just go looking for welcome files.
Jeff
> ________________________________
> From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
> Sent: Tuesday, April 23, 2013 2:29 PM
> To: 'Tomcat Users List'
> Subject: Question on servlet determination
>
> Running Tomcat 6.0.36, JDK 1.6.0_43
>
> I've an application defined with the following web.xml:
>
> <web-app>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Everything</web-resource-name>
> <url-pattern>*.jsp</url-pattern>
> <url-pattern>*.html</url-pattern>
> <url-pattern>*.js</url-pattern>
> <url-pattern>/Servlet1</url-pattern>
> <url-pattern>/Servlet2</url-pattern>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
> <resource-ref>
> <description>Oracle Universal Connection Pool</description>
> <res-ref-name>jdbc/oracleUCPPool</res-ref-name>
> <res-type>javax.sql.DataSource</res-type>
> <res-auth>Container</res-auth>
> </resource-ref>
> <servlet>
> <servlet-name>Servlet1</servlet-name>
> <display-name>Servlet1</display-name>
> <description>Controlling servlet for Servlet1</description>
> <servlet-class>com.polydyne.servlet1</servlet-class>
> <load-on-startup>1</load-on-startup>
> </servlet>
> <servlet>
> <servlet-name>Servlet2</servlet-name>
> <display-name>Servlet2</display-name>
> <description>Controlling servlet for Servlet2</description>
> <servlet-class>com.polydyne.servlet2</servlet-class>
> <load-on-startup>1</load-on-startup>
> </servlet>
> <servlet-mapping>
> <servlet-name>Servlet1</servlet-name>
> <url-pattern>/Servlet1</url-pattern>
> </servlet-mapping>
> <servlet-mapping>
> <servlet-name>Servlet2</servlet-name>
> <url-pattern>/Servlet2</url-pattern>
> </servlet-mapping>
> <error-page>
> <error-code>404</error-code>
> <location>/Unavailable.jsp</location>
> </error-page>
> </webapp>
>
> The issue: If I connect with the URL: http://myhost/Servlet1 (or
> Servlet2), I get what I expect. However, if I connect
> http://myhost/Servlet1/ then I get a 404. Actually, I get my 404 page
> but not all the graphics come over.
>
> Shouldn't the final / be stripped and I get the same behavior either
> way?
>
> Also willing to entertain critiques on my security-constraint section,
> but not that we don't use Tomcat authentication, so I want any requests
> for top-level files in the Web directory to also force https.
>
> Jeffrey Janner
> Sr. Network Administrator
> jeffrey.janner@polydyne.com<ma...@polydyne.com>
> PolyDyne Software Inc.
> Main: 512.343.9100
> Direct: 512.583.8930
>
> [cid:image002.png@01CC0FB7.4FF43CE0]
>
> Speed, Intelligence & Savings in Sourcing
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Question on servlet determination
Posted by "Propes, Barry L " <ba...@citi.com>.
I'm tempted to say no.
Because you might be adding a "/" in front of your servlet mapping.
In other words, changing the path of the folder slightly, with a different relative path.
________________________________
From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
Sent: Tuesday, April 23, 2013 2:29 PM
To: 'Tomcat Users List'
Subject: Question on servlet determination
Running Tomcat 6.0.36, JDK 1.6.0_43
I've an application defined with the following web.xml:
<web-app>
<security-constraint>
<web-resource-collection>
<web-resource-name>Everything</web-resource-name>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.html</url-pattern>
<url-pattern>*.js</url-pattern>
<url-pattern>/Servlet1</url-pattern>
<url-pattern>/Servlet2</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<resource-ref>
<description>Oracle Universal Connection Pool</description>
<res-ref-name>jdbc/oracleUCPPool</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<servlet>
<servlet-name>Servlet1</servlet-name>
<display-name>Servlet1</display-name>
<description>Controlling servlet for Servlet1</description>
<servlet-class>com.polydyne.servlet1</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Servlet2</servlet-name>
<display-name>Servlet2</display-name>
<description>Controlling servlet for Servlet2</description>
<servlet-class>com.polydyne.servlet2</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Servlet1</servlet-name>
<url-pattern>/Servlet1</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Servlet2</servlet-name>
<url-pattern>/Servlet2</url-pattern>
</servlet-mapping>
<error-page>
<error-code>404</error-code>
<location>/Unavailable.jsp</location>
</error-page>
</webapp>
The issue: If I connect with the URL: http://myhost/Servlet1 (or Servlet2), I get what I expect. However, if I connect http://myhost/Servlet1/ then I get a 404. Actually, I get my 404 page but not all the graphics come over.
Shouldn't the final / be stripped and I get the same behavior either way?
Also willing to entertain critiques on my security-constraint section, but not that we don't use Tomcat authentication, so I want any requests for top-level files in the Web directory to also force https.
Jeffrey Janner
Sr. Network Administrator
jeffrey.janner@polydyne.com<ma...@polydyne.com>
PolyDyne Software Inc.
Main: 512.343.9100
Direct: 512.583.8930
[cid:image002.png@01CC0FB7.4FF43CE0]
Speed, Intelligence & Savings in Sourcing
RE: Question on servlet determination
Posted by "Terence M. Bandoian" <te...@tmbsw.com>.
On 4/25/2013 12:52 PM, Caldarale, Charles R wrote:
>> From: Christopher Schultz [mailto:chris@christopherschultz.net]
>> Subject: Re: Question on servlet determination
>> http://localhost:8080/examples/servlets/servlet/RequestInfoExample
>> I get the example page with pathInfo=ll
>> http://localhost:8217/examples/servlets/servlet/RequestInfoExample/
>> I also get the example page with pathInfo=
>> My question is why the top url (with no trailing /) is getting the
>> request at all, given the url-pattern in web.xml:
>> <servlet-mapping>
>> <servlet-name>RequestInfoExample</servlet-name>
>> <url-pattern>/servlets/servlet/RequestInfoExample/*</url-pattern>
>> </servlet-mapping>
> Likely because of these clauses in the spec:
>
> The container will recursively try to match the longest path-prefix.
> This is done by stepping down the path tree a directory at a time,
> using the '/' character as a path separator. The longest match
> determines the servlet selected.
>
> A string beginning with a '/' character and ending with a '/*' suffix
> is used for path mapping.
>
> (The above is from 3.0, section 12.1, rule 2, and section 12.2, first bullet.)
>
> But I haven't looked at the code to see how it's actually implemented.
>
> - Chuck
I think you're right. It looks like it boils down to an interpretation
of the rules. If you look a little further at the examples, this is an
exact match for the /baz/* mapping.
-Terence Bandoian
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Question on servlet determination
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Christopher Schultz [mailto:chris@christopherschultz.net]
> Subject: Re: Question on servlet determination
> http://localhost:8080/examples/servlets/servlet/RequestInfoExample
> I get the example page with pathInfo=null
> http://localhost:8217/examples/servlets/servlet/RequestInfoExample/
> I also get the example page with pathInfo=/
> My question is why the top url (with no trailing /) is getting the
> request at all, given the url-pattern in web.xml:
> <servlet-mapping>
> <servlet-name>RequestInfoExample</servlet-name>
> <url-pattern>/servlets/servlet/RequestInfoExample/*</url-pattern>
> </servlet-mapping>
Likely because of these clauses in the spec:
The container will recursively try to match the longest path-prefix.
This is done by stepping down the path tree a directory at a time,
using the '/' character as a path separator. The longest match
determines the servlet selected.
A string beginning with a '/' character and ending with a '/*' suffix
is used for path mapping.
(The above is from 3.0, section 12.1, rule 2, and section 12.2, first bullet.)
But I haven't looked at the code to see how it's actually implemented.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Question on servlet determination
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Konstantin,
On 4/24/13 4:46 PM, Konstantin Kolinko wrote:
> No. With the following pattern requesting the "../foo/bar" URI
> above results in 404 for me. (In current 7.0.x, should not be
> different from 7.0.39).
> <url-pattern>/servlets/servlet/RequestInfoExample</url-pattern>
>
>>> Adding an extra "/" works correctly.
>
> My "adding" here is "adding to request URI in web browser", .
> http://localhost:8080/examples/servlets/servlet/RequestInfoExample
> http://localhost:8080/examples/servlets/servlet/RequestInfoExample/
With
>
clean 7.0.39:
http://localhost:8080/examples/servlets/servlet/RequestInfoExample
I get the example page with pathInfo=null
http://localhost:8217/examples/servlets/servlet/RequestInfoExample/
I also get the example page with pathInfo=/
My question is why the top url (with no trailing /) is getting the
request at all, given the url-pattern in web.xml:
<servlet-mapping>
<servlet-name>RequestInfoExample</servlet-name>
<url-pattern>/servlets/servlet/RequestInfoExample/*</url-pattern>
</servlet-mapping>
The way I read that, the trailing "/*" is being interpreted as "*".
Am I missing something? Why does /servlets/servlet/RequestInfoExample
not require a trailing "/" to be dispatched to that servlet?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJReVzNAAoJEBzwKT+lPKRYJM4P/1ZW3zOJMm5qLXWgFCIMZLKt
4h3176dZSPtBnvup0b8IRImLTJhMpHLyFGEbAh9ZCE4AaTbb0o7EiwwpE++oIu9M
SKzaF0EdZhA9h7/3MpVw6jF5K9Jf7weBbEHC7VhDXYoBMmfH0WRQ6n+wFsT+H3+W
k0oXlvC42BRkT+bOGCm5g9gd7XIflqtZ9kCG6bpL7dlvL614b4HTWARNVpFRJrZ9
VvC/sCo2WiJd+cbG2XURRQCHhdfVeaL6ndaL6qYVvVheNFslXWw997EcKxwFpd88
UtjPvDiBNjB1l9TqFVU/Qntrv0j+NMVlQzIh13lsqLgpm+MWZ2tBbP72ZzY5tSWg
QIV4+qYhL5YTrN8+Y7aLrr0qovjvXQMZCtxTxYJWJ1fuNswHeArO66vJUIvxce1O
fePVIGI3PpWjzakmBPUJKyp5yiRRlGT9Cw7cqBV9wtMufyYLMBtebVoq+nntAN9q
UfTQh13++XYjDFYqkDNdaXbbS7ebaL2a/Q2017GYLvxmrNOswUFbLDZvPuV4AJY6
5GvbNWAC8LnK0tDskp/3N4R7fqSpoi05xd72SCr45ud6Sbz893/r2W1cEPSl7Fpw
LEUw1euiWh2yzTHILOuCfDvuPa0XU4qmACh1wnJlfqAzvrlV6Od+Vixa8bO+quQx
mS4RmVAYKOfyWgYKUDBX
=qAan
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Question on servlet determination
Posted by Konstantin Kolinko <kn...@gmail.com>.
2013/4/25 Christopher Schultz <ch...@christopherschultz.net>:
>
> Konstantin,
>
> On 4/24/13 3:56 PM, Konstantin Kolinko wrote:
>> 2013/4/24 Christopher Schultz <ch...@christopherschultz.net>:
>>>
>>> On 4/23/13 11:35 PM, Caldarale, Charles R wrote:
>>>>> From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
>>>>> Subject: Question on servlet determination
>>>>
>>>>> <url-pattern>/Servlet1</url-pattern>
>>>>> <url-pattern>/Servlet2</url-pattern>
>>>>
>>>> What happens if you try this instead:
>>>>
>>>> <url-pattern>/Servlet1/*</url-pattern>
>>>> <url-pattern>/Servlet2/*</url-pattern>
>>>
>>> While that should work, the original mapping should work, too.
>>> The request for /Servlet1 (plus a slash on the end) should be
>>> sent to Servlet1 with pathInfo="/".
>>>
>>
>> No. An URL that does not end with "/*" is used for exact matching
>> only.
>>
>> /foo and /foo/* are two different mappings.
>>
>> BTW, 1. in the examples webapp of Tomcat 6 and Tomcat 7 there is
>> RequestInfoExample servlet that you can play around with. E.g.
>>
>> http://localhost:8080/examples/servlets/servlet/RequestInfoExample/foo/bar
>>
>> Adding an extra "/" works correctly.
>
> I notice that, although the <url-pattern> is
> "/servlets/servlet/RequestInfoExample/*", the trailing "/" is not
> required in order to get the request mapped properly. That's
> surprising to me given that "/foo" and "/foo/*" should be two
> different mappings.
>
> I'm specifically looking at the examples in Tomcat 7.0.39.
>
No. With the following pattern requesting the "../foo/bar" URI above
results in 404 for me.
(In current 7.0.x, should not be different from 7.0.39).
<url-pattern>/servlets/servlet/RequestInfoExample</url-pattern>
>> Adding an extra "/" works correctly.
My "adding" here is "adding to request URI in web browser",
.
http://localhost:8080/examples/servlets/servlet/RequestInfoExample
http://localhost:8080/examples/servlets/servlet/RequestInfoExample/
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Question on servlet determination
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Konstantin,
On 4/24/13 3:56 PM, Konstantin Kolinko wrote:
> 2013/4/24 Christopher Schultz <ch...@christopherschultz.net>:
>>
>> On 4/23/13 11:35 PM, Caldarale, Charles R wrote:
>>>> From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
>>>> Subject: Question on servlet determination
>>>
>>>> <url-pattern>/Servlet1</url-pattern>
>>>> <url-pattern>/Servlet2</url-pattern>
>>>
>>> What happens if you try this instead:
>>>
>>> <url-pattern>/Servlet1/*</url-pattern>
>>> <url-pattern>/Servlet2/*</url-pattern>
>>
>> While that should work, the original mapping should work, too.
>> The request for /Servlet1 (plus a slash on the end) should be
>> sent to Servlet1 with pathInfo="/".
>>
>
> No. An URL that does not end with "/*" is used for exact matching
> only.
>
> /foo and /foo/* are two different mappings.
>
> BTW, 1. in the examples webapp of Tomcat 6 and Tomcat 7 there is
> RequestInfoExample servlet that you can play around with. E.g.
>
> http://localhost:8080/examples/servlets/servlet/RequestInfoExample/foo/bar
>
> Adding an extra "/" works correctly.
I notice that, although the <url-pattern> is
"/servlets/servlet/RequestInfoExample/*", the trailing "/" is not
required in order to get the request mapped properly. That's
surprising to me given that "/foo" and "/foo/*" should be two
different mappings.
I'm specifically looking at the examples in Tomcat 7.0.39.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJReEIQAAoJEBzwKT+lPKRYtLUP/jdO4O/smOvVPL96PJdyk21T
4JPm7qFLk4dNHDnwr0NUwdeEoJBaKwmVSyTMrvLu1FbhUpaUv4jhQtgV5480k27e
fnQhF4vwuyQaR1dOWb3j69m+soqukQHaU9TEVdl70i++gPrez6vra6mlc+FqOhXV
r6/JSPucCHl8zvAeeNBqui5XY4hVgk7HeIO9ko8Jj8qjvLRpUhaaEHuqeL6lI14B
MohH8CALTyRAvTRtsxmJZr/bb7w8nd274c1UkC/X93qBSNoIponck3SVYMaGFmxQ
HzTCnfpIhX60xAOETh3ltbxzXG4/uyW/ay/WkAFst8uOvgXB5BclE4OAOHYHI13k
opCGxg4vuP8ts9OcOTJG1UGa9cMTWwtHnUbbcvY76Y674nMfC45eP1CKXdTRD0AI
sPPnARL6RRfcX7/jsVdF6I+rzKkjq+7mOQhYOJL02PgB/ccfS8ryHHxU5dWNRsmG
OBcKnSHjtgesjb8nq2d35nOKTs9YCxdOoyrS44CGTWWzbEJb5SN/6JNdTYNfV5pJ
6hsUjdylhtnUixxs08QTqonNQJWEB6RjxWFU2neGgk1ytWpBsNMEARPb4CEWs1Do
FVmBDeNsGOYVgW/DloSndUwtig8TP3z0uAsochLUx/8SJg4bkkzm9WP46Enzmog/
3dazWAjtzWd8sy+2mtmS
=c5IT
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Question on servlet determination
Posted by Konstantin Kolinko <kn...@gmail.com>.
2013/4/24 Christopher Schultz <ch...@christopherschultz.net>:
>
> On 4/23/13 11:35 PM, Caldarale, Charles R wrote:
>>> From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
>>> Subject: Question on servlet determination
>>
>>> <url-pattern>/Servlet1</url-pattern>
>>> <url-pattern>/Servlet2</url-pattern>
>>
>> What happens if you try this instead:
>>
>> <url-pattern>/Servlet1/*</url-pattern>
>> <url-pattern>/Servlet2/*</url-pattern>
>
> While that should work, the original mapping should work, too. The
> request for /Servlet1 (plus a slash on the end) should be sent to
> Servlet1 with pathInfo="/".
>
No. An URL that does not end with "/*" is used for exact matching only.
/foo and /foo/* are two different mappings.
BTW,
1. in the examples webapp of Tomcat 6 and Tomcat 7 there is
RequestInfoExample servlet that you can play around with. E.g.
http://localhost:8080/examples/servlets/servlet/RequestInfoExample/foo/bar
Adding an extra "/" works correctly.
2.Handling of welcome files in Tomcat 7 depends on "strict servlet
compliance" setting (see Migration guide and system properties page in
Configuration reference).
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Question on servlet determination
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Chuck,
On 4/23/13 11:35 PM, Caldarale, Charles R wrote:
>> From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
>> Subject: Question on servlet determination
>
>> <url-pattern>/Servlet1</url-pattern>
>> <url-pattern>/Servlet2</url-pattern>
>
> What happens if you try this instead:
>
> <url-pattern>/Servlet1/*</url-pattern>
> <url-pattern>/Servlet2/*</url-pattern>
While that should work, the original mapping should work, too. The
request for /Servlet1 (plus a slash on the end) should be sent to
Servlet1 with pathInfo="/".
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJReBS1AAoJEBzwKT+lPKRYmUEQALFahIXLw0D5N4hPQ+KmWHsv
MxERJGJCMVD8QAc7EXK1FatSauRiy1cB13Ae5SVRdIvlwC1nbQLgTA9bDrVZHX/R
Ut8LvWlxPCTfihOPOQpPN4upGWOM7VyC4uDo6pXXF70TiBAvL1JuRVQvoBkF8u4X
2m0biF8qEa8gJXeWf0+m7GgbC7ytLQLQa/l5LGeBwnMq5gbvjP9QrbNr517PQhp4
dsDnP72feP0HP5nk3tVtLuPab3Gz7zwWY1kbW/8UsBNchioBIvkCDzBfK1WcJaYi
F2JdA0NsbssR02jy/i+L+RlXtvuyUR2SlfLIwIg/vaCMUA3bjLfHW0QFB7P6/Qjc
+cTgckryIDzU1tI+eyALDn5pcKoR/agl1N7EU3kAQ7L9Al+ONnTkE18lHDnoBHtc
q7LWS5GXDDqvZO/iA713d+xGYgDm+W6SYXLhErK8N7P+ze0hI2/l4gKV0aBtLT5e
gOa+tFrQEJDiHg/RE4N0l4hKhZFJ4kp+/cE/Q59ul4FFTuJhUf574sPBDq2aRcv4
q0degEfLxnfFtP1oxwjpviAfdN2ZccBpHTlwZ4CL5kQ2K7d5y7G96ldQSEeJksrS
HDDNfohwQVJN62Wo29Ld3W7zJ0v5xgLDn+E6aJq+zldBjRu8iTlnli20nWTHnVRq
apntFNgcpDZCpWXoWLuj
=GhL+
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Question on servlet determination
Posted by Jeffrey Janner <Je...@PolyDyne.com>.
> -----Original Message-----
> From: Caldarale, Charles R [mailto:Chuck.Caldarale@unisys.com]
> Sent: Tuesday, April 23, 2013 10:35 PM
> To: Tomcat Users List
> Subject: RE: Question on servlet determination
>
> > From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
> > Subject: Question on servlet determination
>
> > <url-pattern>/Servlet1</url-pattern>
> > <url-pattern>/Servlet2</url-pattern>
>
> What happens if you try this instead:
>
> <url-pattern>/Servlet1/*</url-pattern>
> <url-pattern>/Servlet2/*</url-pattern>
>
> - Chuck
>
Thanks for the hint Chuck, but no change.
I still get the 404 error page.
Jeff
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Question on servlet determination
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
> Subject: Question on servlet determination
> <url-pattern>/Servlet1</url-pattern>
> <url-pattern>/Servlet2</url-pattern>
What happens if you try this instead:
<url-pattern>/Servlet1/*</url-pattern>
<url-pattern>/Servlet2/*</url-pattern>
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org