Bug 118184

Summary: WAF Running under a context other than root
Product: [Retired] Red Hat Web Application Framework Reporter: Brett Prucha <pruchaba_bah>
Component: otherAssignee: ccm-bugs-list
Status: CLOSED EOL QA Contact: Jon Orris <jorris>
Severity: medium Docs Contact:
Priority: medium    
Version: nightly   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-03-27 16:48:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Brett Prucha 2004-03-12 21:48:45 UTC 
Description of problem:

There are a number of issues that I've found trying to run WAF under 
another context other than root.  These problems have been around for 
a while so I'm assuming you are not testing these cases at all.


The issues I have found in the nightly build so far are...

Issue 1:

SiteNodeDispatcher line 200 should be:

    prefix = requestURL.getServletPath();

When you create SiteNodeRequestContext as

        final SiteNodeRequestContext snrc = new SiteNodeRequestContext
            (req, rc, sn, prefix + sn.getURL());

SiteNodeRequestContext sets remainingUrl to InitialRequestContext 
RemainingURLPart is the URL with the context stipped out of it.  If 
you pass into SiteNodeRequestContext a prefix with the context in it 
again you end up with a pretty funky RemainingURLPart that will not 
work.


Issue 2:

login_en.xsl and user-banner.xsl need to be using ${context-prefix}


Issue 3:

CacheServlet on line 181 needs to include the context in the url
    final String url = "http://" + host +
        Web.getConfig().getDispatcherContextPath() + SERVLET_URL + 
        params;


Issue 4:

DefaultSecurityHelper line 62 needs to be:
    String url = req.getPathInfo();

req.getRequestURI(); contains the context and when you compare that 
to whats in allowedPages w/o the context you aren't going to get any 
matches.


Issue 5:

PatternStylesheetResolver should have a context pattern.  Also 
WebAppPatternGenerator will always return "ROOT" for legacy 
dispatchers but that might not always be the case.  I placed mine 
under "ccm" instead of "ROOT" so it would load under the ccm context 
and the PatternStylesheetResolver could not find the stylesheets and 
the only way around it was to hardcode in the context in stylesheet-
paths.txt
Comment 1 Brett Prucha 2004-03-17 20:43:45 UTC 
A couple more notes on this:

For Issue 3:

I would change line 181 of CacheServlet to support other schemes:

    final String url = Web.getConfig().getDefaultScheme() + "://" +
        host + Web.getConfig().getDispatcherContextPath() +
        SERVLET_URL + params;


for Issue 5:

I changed WebAppPatternGenerator.generateValues line 39 to:

    String ctx = app == null ? Web.getConfig()
        .getDispatcherContextPath() : app.getContextPath();

and the if statement that follows that to:

        if (app == null &&
            (ctx == null ||
            "".equals(ctx))) {
            return new String[] { Web.ROOT_WEBAPP };
        }


Issue 6:

Templating.transformURL should add a line after 338

    path = path.substring(Web.getConfig().
        getDispatcherContextPath().length());