I have a web application that performs ajax request to a web service on a different port (i.e. my application and the server are on different domains).I have not access to the server APIs, so I cannot use JSONP.I am resolving using the Smiley's HTTP Proxy Servlet, so my web.xml file contains this section:
<servlet>
<servlet-name>rs</servlet-name>
<servlet-class>org.mitre.dsmiley.httpproxy.ProxyServlet</servlet-class>
<init-param>
<param-name>targetUri</param-name>
<!-- my servlet is hosted at http://my_ip:my_port/webapp -->
<param-value>http://my_ip:other_port/rest-services/rs</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>rs</servlet-name>
<url-pattern>/rs/*</url-pattern>
</servlet-mapping>
Unfortunately I have to deploy the web application on different machines (development, test, production), that respond to different IP addresses.
Is there a way to make the IP address change dinamically in the web.xml file, or to retrieve the current domain somehow? Or do I have to manually change the IP address every time before compiling?
Ok, I found the solution by myself.
I just had to replace the IP with localhost:
<param-value>http://localhost:other_port/rest-services/rs</param-value>
(it seems like a stupid answer for a stupid question, but I was sure I already tried that on the past and failed. Now it seems to work.)
Related
I have a several servlets and in my case I need to implement ServletRequestListener. But, I don't want the listener to react on every request in any servlet. I would like to know if there any possibility to map a specific ServletRequestListener to a specific certain servlet. My web.xml looks like:
<servlet>
<servlet-name>CommonsServlet</servlet-name>
<servlet-class>
com.promptlink.dslib.gwt.common.server.rpc.CommonsServletImpl</servlet-class>
</servlet>
...
<listener>
<listener-class>
com.promptlink.dslib.gwt.common.server.httpListeners.ServletRequestListenerImpl
</listener-class>
</listener>
That's not possible with a ServletRequestListener. A servlet request listener listens on every servlet request. Just create a Filter instead which you can simply map directly to servlet name (no, not to its URL pattern, that's maintenance unfriendly).
<filter>
<filter-name>CommonFilter</filter-name>
<filter-class>com.example.CommonFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CommonFilter</filter-name>
<servlet-name>CommonsServlet</servlet-name>
</filter-mapping>
See also:
Our servlet filters wiki page
Why do we need a servlet name?
If you only want to react on the requests of a specific servlet then the servlet itself would be the ideal place to do this.
If you don't control the servlet code you can write a Filter and give it the same URL pattern as the servlet or directly refer to the servlet in the filter mapping.
I am migrating a Spring MVC app from JBoss 7.1.1 to Wildfly 8.1, which has required (encouraged?) me to use the new "undertow" module instead of the older "web" module. Things are coming right along, except that now requests to "/", which used to invoke the controller method annotated with #RequestMapping("/"), no longer reach the controller method. Instead, it appears that such requests are being immediately rewritten (not redirected) to "/index.html". Since I don't have (and have never needed) such a file, all requests for "/" are now generating 404 errors.
Interestingly, all of the other #RequestMapping-annotated controller methods continue to function normally.
Here is the relevant snippet from my standalone.xml file.
<subsystem xmlns="urn:jboss:domain:undertow:1.1">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" max-post-size="4194304"/>
<host name="default-host" alias="localhost">
</host>
</server>
<servlet-container name="default">
<jsp-config development="true"/>
</servlet-container>
</subsystem>
I suspect that when the subsystem definition for Wildfly's undertow module does not explicitly declare a handler, Wildfly defaults to a file handler, which may be responsible for the the URL rewrites -- but I am not certain of this.
Documentation about handlers in the Undertow project, upon which Wildfly's undertow module is based, indicate support for a "Redirect" handler. I have considered using this to work around the unexpected "/" rewriting, but it is not clear to me whether Wildfly's undertow module supports this, and if it does, how to configure it in standalone.xml. Even if I was able, however, I think it would feel like a hack, and I'd prefer to get to the root of the problem (no pun intended) instead.
There are many S.O. questions describing disappointing RequestMapping("/") behavior, and many answers suggesting using other paths (such as "", "/index", etc.), but don't forget: the existing (unchanged) code works just fine in JBoss 7.1.1. (Also, none of those questions mention Wildfly, which is probably the key consideration for this question.) Nevertheless, I experimented with the various suggestions and got nowhere. It simply seems like the URL is being rewritten before it ever reaches the dispatcher servlet.
So, in summary, my question is:
How can I get a Spring MVC app with RequestMapping("/") to run in Wildfly 8.1 as it does in JBoss 7.1.1?
In Wildfly, if your web.xml doesn't have a <welcome-file-list> element, then one is provided for you, as if you had configured it this way:
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
With this default configuration, when Wildfly receives a request for for "/", the path is automatically rewritten as index.html. This path will then not match the controller method annotated with RequestMapping("/").
JBoss 7 apparently behaves differently, perhaps only referring to the welcome file list after failing to find a matching servlet.
Whatever the cause, you can work around the new behavior by explicitly defining your own welcome file list and including, as the last <welcome-file> element, an empty welcome file:
<welcome-file></welcome-file>
This allows Wildfly to rewrite "/" as "/", in turn allowing the request for "/" to be processed by the servlet dispatcher (provided that its url-pattern is set to /). The servlet dispatcher will then invoke the controller method annotated with RequestMapping("/").
We have an existing application not using Spring MVC. We decided to keep existing features as is and add Spring MVC in for any other new features through a url like "/admin/*.
so here is the web.xml mapping:
<servlet>
<servlet-name>springRouted</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring/mvc-config.xml</param-value>
</init-param>
<load-on-startup>4</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>springRouted</servlet-name>
<url-pattern>/admin/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ExistingServlet</servlet-name>
<url-pattern>existing.do</url-pattern>
</servlet-mapping>
Here in the ExistingServlet, there is a call to request.getRequestDispatcher().forward("/admin/...jsp"), somehow Spring will detect this fowarding and report an error that not able to find mapping for "/admin/...jsp". It seems calling request.getRequestDispatcher().forward("/admin/...jsp") will make servlet container to recheck the web.xml and reroute through Spring's DispatchServlet. is it true? I thought this kind of internal forward won't be intercepted by Spring's DispatchServlet
A RequestDispatcher will be resolved against the mappings you have in your deployment descriptor (web.xml) or other Servlet configuration, basically all servlet mappings.
When you do
request.getRequestDispatcher("/admin/...jsp");
The Servlet container finds the Servlet (or other resource) meant to handle that path and wraps it in a RequestDispatcher object. When you then perform RequestDispatcher#forward(..) on the returned object, you are executing the service() method of the Servlet that was previously found.
In your example, that would be the DispatcherServlet. If your DispatcherServlet is configured to handle a request to /admin/...jsp, then it will do so. If not, it will throw its own custom exception, responding to the HTTP request with a 404.
Here are some more details on how getRequestDispatcher() works.
I cannot connect to the auto generated spring security log-in page. According to the documentation, including the following lines in your security-context.xml will have Spring generate an html log-in form and redirect the user to it when trying to connect to the specific URL:
<http auto-config="true" >
<intercept-url pattern="/management-console" access="ROLE_ADMIN"/>
</http>
<authentication-manager ... />
Here is the rest of my configuration. Web.xml:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:/context/applicationContext.xml <!-- I am importing my security-context.xml in here -->
<param-value>
</context-param>
<!-- Security Configuration -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/management-console</url-pattern>
</filter-mapping>
I have tried importing the security-context.xml directly in the web.xml, but I still see the error.
After deploying my application, I can connect to each my specified urls without issue. However, when I try to go to localhost:{port}/{appName}/management-console, the filter chain redirects me to /spring_security_login (as expected). However, I see an "HTTP Status 405 - Request method 'GET' not supported" error once I am forwarded and the following comes up on the console (spring-mvc is the name I gave to my servlet):
org.springframework.web.servlet.PageNotFound | No mapping found for HTTP request with URI [/InternalManagementViewer/spring_security_login] in DispatcherServlet with name 'spring-mvc' |
I have seen this error before when I miss declaring a POST/GET mapping in the controller. According to the documentation, I should not have to include such a method in my controller to handle the /spring_security_login mapping. From what I have read, spring is supposed to know to return the auto-generated log-in html page.
Just to see what happens, I declared a method in my controller to handle the /spring_security_login mapping. Since the function returns void (because I do not know the local view name of the generated html log-in page), it looks for the resource named "spring_security_login.jsp", which is not explicitly created in my project, and thus I get an "HTTP resource not found" error.
I'm stumped on this one and could really use a hand. Thanks a lot for taking a look.
Apply springSecurityFilterChain filter to all URLs:
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
springSecurityFilterChain is an entry point for all Spring Security features. So if this filter is not applied to some URL then you will not be able use Spring Security there (in this case handle /spring_security_login URL).
I need to disable PUT, DELETE & TRACE HTTP requests on my Application Server, Apache Tomcat 6.0.
All other sources, i have searched till now, have directed me towards the limit parameter in httpd.conf, Hence I'd put it before-hand that I am not using Apache Web Server, and requests are directly being handled by Tomcat, and so there is no httpd.conf in picture.
Please suggest how should I do it on Tomcat?
Inside your WEBINF, add you can add a security constraint:
<security-constraint>
<web-resource-collection>
<web-resource-name>Forbidden</web-resource-name>
<url-pattern>/blah/*</url-pattern>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>empty_role</role-name>
</auth-constraint>
</security-constraint>
Alternatively, you can do these two things:
In server.xml, edit the <connector> element, add an attribute: allowTrace="false". Then edit the DefaultServlet: $CATALINA_HOME/conf/web.xml
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>
org.apache.catalina.servlets.DefaultServlet
</servlet-class>
<!-- blah blah blah -->
<init-param>
<param-name>readonly</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
The answer lies in the servlet specification. In looking at the API for the servlet: http://java.sun.com/products/servlet/2.5/docs/servlet-2_5-mr2/javax/servlet/http/HttpServlet.html you'll see that different methods handle different kind of HTTP requests. Also, there is a great feature called filters that can be used to wrap some code around servlets and filters.
So the solutions are:
Modify the servlet to only support do and get; or
Create a filter to clear those other kind of requests.