Bug 794462 (JBEPP-1502)

Help Desk Ticket Reference: https://c.na7.visual.force.com/apex/Case_View?id=500A00000090hr4&sfdc.override=1
Steps to Reproduce: To reproduce we will need to have the following environment:

- Apache in front of EPP 5.2 with mod_jk
- Proxy that will check for some cookie;

Then you just need to access EPP through the Apache and see the error when trying to access Export/Import gadget.
Workaround Description: Not tested workaround:

- Get the portal request;
- Create a more elaborate elaborate request;
- Set the cookies from the portal request in our new request;
- Make the request to retrieve the JSON file;
- It should pass the proxy.
project_key: JBEPP

We are having an issue with EPP 5.2 and the Export/Import gadget. We know that this portlet loads stuffs through a REST call to EPP, so we configured proxy, Apache workers, etc, the gadget was supposed to work well, but it is not. We double, triple checked all the configuration, and everything sounds fine. The exclusivity is our proxy and it is explained in next lines.

Our proxy has a requirement to check a cookie to all requests that passes through it. It is a security cookie that checks the authorization of the logged user. The gadget presents an error because it tries to make a request to retrieve JSON data but this request doesn't contain the required cookie. We found that y allowing the "dump request" in JBoss WEB, so we could see that some requests were not preserving the cookies and we also can perfectly use the gadget when we hit JBoss directly.

Digging a little bit in the code, we found the root cause of this error (from Source: .portal/webui/portal/src/main/java/org/exoplatform/portal/webui/application/GadgetUtil.java):


public static String fetchGagdetRpcMetadata(String urlStr)
   {
      String result = null;

      ExoContainer container = ExoContainerContext.getCurrentContainer();
      GadgetRegistryService gadgetService =
         (GadgetRegistryService)container.getComponentInstanceOfType(GadgetRegistryService.class);
      try
      {
         String data = "[{method:\"gadgets.metadata\", id:\"test\", params: {ids:[\""
                   + urlStr + "\"], container:\"default\", language:\""
                   + gadgetService.getLanguage() + "\", country:\"" + gadgetService.getCountry() + "\", view:\"home\"}}]";

         // Send data
         String gadgetServer = getGadgetServerUrl();
         URL url = new URL(gadgetServer + (gadgetServer.endsWith("/") ? "" : "/") + "api/rpc");
         URLConnection conn = url.openConnection();
         conn.setRequestProperty("Content-Type", "application/json");
         conn.setDoOutput(true);
         OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
         wr.write(data);
         wr.flush();
         // Get the response
         result = IOUtils.toString(conn.getInputStream(), "UTF-8");
         wr.close();
      }
      catch (IOException ioexc)
      {
         ioexc.printStackTrace();
         return "{}";
      }
      return result;
   }



As you can see it's been opened an URL, and the cookies are dropped in this request, and then we get the error because the proxy will not allow the access to the JSON, but instead it will return a page to the user enter his credentials.


This is the Bug, you need to perform a more elaborate request at this point and include the cookies already present due a previous proxy authentication.