I have a question about the urlrewritefilter and until now I could not find anything about it in the net.
I want to redirect a http POST in Tomcat7. Here is an example...
The call is a HTTP POST to an ULR like
http://localhost:8080/oldApplication/Example?a=123&b=2
This call also contains some content either as xml or json. The filter is configured well as it works and the urlrewrite.xml contains:
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 4.0//EN"
"http://www.tuckey.org/res/dtds/urlrewrite4.0.dtd">
<urlrewrite use-query-string="true">
<rule>
<condition type="method">POST</condition>
<from>^(.*)$</from>
<to type="redirect">/newApplication$1</to>
</rule>
</urlrewrite>
In the access log I can see that a call to
http://localhost:8080/oldApplication/Example?a=123&b=2
gets redirected to
http://localhost:8080/newApplication/Example?a=123&b=2
Fine until now. The problem is that the rewrite changes the method, so that the new url gets called with a HTTP GET instead of a HTTP POST. I tried to add a condition on the method but got still a HTTP GET after the rewrite.
Does anybody know how to configure the rewritefilter to avoid this?
You are using the type attribute redirect on type="redirect"
This attribute is equivalent to HttpServletResponse.sendRedirect() that actually does a new request to the destination using the GET method, so all parameters are lost along with the HTTP method.
The default value for this attribute if not informed is forward that is equivalent to HttpServletRequest.getRequestDispatcher(url).forward()
Forwarding will keep all request parameters and also the HTTP method.
So, in order to obtain the desired result you have to omit your type attribute or set it to forward.
<to>/newApplication$1</to>
or
<to type="forward">/newApplication$1</to>
Related
I have a protected page setup in AEM using the Authentication Requirement checkbox on the author. Then over in the OSGi I have config for my external Okta SAML config:
<?xml version="1.0" encoding="UTF-8"?>
<jcr:root xmlns:sling="http://sling.apache.org/jcr/sling/1.0"
xmlns:jcr="http://www.jcp.org/jcr/1.0"
jcr:primaryType="sling:OsgiConfig"
identitySyncType="default"
keyStorePassword="admin"
service.ranking="5002"
idpHttpRedirect="{Boolean}false"
createUser="{Boolean}true"
defaultRedirectUrl="/"
userIDAttribute="ssoGuid"
idpIdentifier=""
assertionConsumerServiceURL=""
defaultGroups="[everyone]"
storeSAMLResponse="{Boolean}false"
signatureMethod="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
idpCertAlias="certalias___1657659258516"
addGroupMemberships="{Boolean}true"
path="[/content/mySite]"
digestMethod="http://www.w3.org/2001/04/xmlenc#sha256"
synchronizeAttributes="[...]"
clockTolerance="60"
groupMembershipAttribute="groupMembership"
idpUrl="oktaURL"
serviceProviderEntityId="https://stage.mySite.com"
logoutUrl=""
handleLogout="{Boolean}false"
userIntermediatePath="sso"
spPrivateKeyAlias=""
useEncryption="{Boolean}false"
nameIdFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"/>
And in my okta config, I have https://stage.mySite.com/saml_login as the SSO URL and https://stage.mySite.com as the audience restriction.
When I navigate to the requested page in AEM I get redirected to Okta, I sign in and am redirected to https://stage.mySite.com/saml_login, all of this is expected, here is where it gets weird, I then get a 301 redirect to https://stage.mySite.com/saml_login.html which then gives a 404. It seems like AEM does not have a listener setup and so does the redirect.
Any thoughts on what i might have misconfigured?
In my case, it was a dispatcher config issue (or nginx, not sure where the rewrite was done).
It was setup to append '.html' if it does not exist in the requested url. I needed to make an exception for that rule.
WebSphere Liberty and Open Liberty, all version.
I want remove "Content-Language" header from Servlet/JSP response, because of browser translation function accidentally popup. It seems that Liberty adds this header on all response in default, and there is no setting option to prevent this behavior. I've tried response.setLocale(Locale.ROOT); and servlet filter that ignore setHeader/addHeader of Content-language. But I couldn't eliminate the header.
Does anyone have an idea?
There is no direct way to stop or remove the response "Content-Language" header. However, if you set response header "Content-Language" before the response is committed, the server won't change it and retain your setting.
Thanks,
As of Open Liberty 21.0.0.12 you can use the "Configurable Response Headers" support to remove any header you want. See the following blog post for additional details on how to use the feature: https://openliberty.io/blog/2021/11/26/jakarta-ee-9.1.html.
For instance you can do the following in your server.xml:
<httpEndpoint id="defaultHttpEndpoint"
httpPort="9080"
httpsPort="9443">
<headers>
<remove>Content-Language</remove>
</headers>
</httpEndpoint>
I've a servlet filter that will perform a redirect when the session has expired.
For non-ajax request, the filter execute the HttpServletResponse.sendRedirect(myUrl) to perform the redirect, which works great. But, I can't say the same with ajax type request.
For ajax request, the filter execute the HttpServletResponse.getWriter().println(partialResponseContent) to perform the redirect. It doesn't work. The screen stay the same, seems to be freeze and with all input fields inhibited. Any pointer on what I might be missing or what I can try to figure out the cause of problem?
Below is the partialResponseContent:
<?xml version="1.0" encoding="UTF-8"?><partial-response><redirect url="/MyAccount/command?cmd=twoFA&TargetUrl=/MyAccount/viewDevices.jsf"></redirect></partial-response>
I double checked it in Chrome's Developer Tools screen and sees that the content is being sent correctly (See attached image).
Wasted two days for this. But I'm glad to finally get it to work. The problem was caused by the value of the url attribute (in the redirect element) was not xml encoded. My url contains a & character. It needs to be encoded to & amp; for the redirect to work. Note: I used the org.apache.commons.lang.StringEscapeUtils.escapeXml to do the xml encoding.
Below is the before encoding:
<?xml version="1.0" encoding="UTF-8"?><partial-response><redirect url="/MyAccount/command?cmd=twoFA&TargetUrl=/MyAccount/viewDevices.jsf"></redirect></partial-response>
Below is the after encoding:
<?xml version="1.0" encoding="UTF-8"?><partial-response><redirect url="command?cmd=twoFA&TargetUrl=/MyAccount/viewDevices.jsf"></redirect></partial-response>
I want to implement the recently approved PATCH HTTP verb in a RESTful service implemented with ASP MVC 3. I have added the following settings in the web.config file.
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="PATCHVerbHandler" path="*" verb="PATCH" modules="ProtocolSupportModule" requireAccess="None" />
</handlers>
<security>
<requestFiltering>
<verbs>
<add verb="PATCH" allowed="true" />
</verbs>
</requestFiltering>
</security>
</system.webServer>
</configuration>
The action method is decorated with the AcceptVerbs("PATCH") attribute.
The service works properly with the PATCH verb. The URL gets routed to the right action method and returns the proper data.
The strange issue is if I using a different URL that does not match any routes using the PATCH verb, IIS returns "200 OK" instead of "404 Not Found". All the standard verbs (GET, PUT, DELETE, POST, HEAD, OPTIONS) do not have this problem.
Do I need to register additional handlers for the PATCH verb or is it a routing issue? Any help is appreciated.
You don't actually need a custom handler to process HTTP requests made with the PATCH verb; instead, you may want to keep decorating your actions with the AcceptVerbs("PATCH") attribute while checking that the ASP.NET ISAPI is configured to handle any verb (it is the default), including PATCH.
If you have to handle this kind of requests using a custom module, by the way, please keep in mind that it is the responsibility of the handler itself to set the status code for each request (including the ones it should handle, according to the mapping, but it can't for whatever reason) and maybe it is not setting the correct value upon finishing.
I have a Spring MVC application (version 3.0.5.RELEASE) and I have this in my mvc-config.xml:
<mvc:view-controller path="/" view-name="welcome"/>
So requests to "/" are forwarded to the welcome view welcome.jsp.
This means in my case, calling the URL http://myproject-test.mydomain.com/ will forward to the welcome.jsp. It's fine, but I have to extend it. Besides the URL http://myproject-test.mydomain.com/, I have the URL http://myproject-anothertest.mydomain.com/. With this URL, the whole application should be the same, except the welcome page.
Calling http://myproject-anothertest.mydomain.com/, I want to have the welcome-test.jsp page instead of the welcome.jsp.
So, how can I do this? I have to know from which subomain (myproject-test or myproject-anothertest) the user calls the site and then show him welcome.jsp or welcome-test.jsp.
Does anyone know how this can be done?
Thank you in advance & Best Regards, Tim.
The tag <mvc:view-controller> maps to ParameterizableViewController
You could inherit your own controller class from its parent, AbstractController, and use the request parameter in method handleRequestInternal to deduce which hostname is being used to access your page, then use the appropriate view.
HTTP request header Host contains (if using HTTP/1.1) the "virtual" server name that is being used to access your page. Older HTTP/1.0 protocol does not have the Host header, and some proxies map traffic to HTTP/1.0, in that case you will not be able to distinguish between the traffic using different names.
In JSP, you could use <%=request.getServerName()%> to access the Host header value. See doc for getServerName.