118184 – WAF Running under a context other than root

Bug 118184 - WAF Running under a context other than root

Summary: WAF Running under a context other than root

Keywords:
Status:	CLOSED EOL
Alias:	None
Product:	Red Hat Web Application Framework
Classification:	Retired
Component:	other
Sub Component:
Version:	nightly
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	ccm-bugs-list
QA Contact:	Jon Orris
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-03-12 21:48 UTC by Brett Prucha
Modified:	2020-03-27 16:48 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-03-27 16:48:57 UTC
Embargoed:

Attachments	(Terms of Use)

Description Brett Prucha 2004-03-12 21:48:45 UTC

Description of problem:

There are a number of issues that I've found trying to run WAF under 
another context other than root.  These problems have been around for 
a while so I'm assuming you are not testing these cases at all.


The issues I have found in the nightly build so far are...

Issue 1:

SiteNodeDispatcher line 200 should be:

    prefix = requestURL.getServletPath();

When you create SiteNodeRequestContext as

        final SiteNodeRequestContext snrc = new SiteNodeRequestContext
            (req, rc, sn, prefix + sn.getURL());

SiteNodeRequestContext sets remainingUrl to InitialRequestContext 
RemainingURLPart is the URL with the context stipped out of it.  If 
you pass into SiteNodeRequestContext a prefix with the context in it 
again you end up with a pretty funky RemainingURLPart that will not 
work.


Issue 2:

login_en.xsl and user-banner.xsl need to be using ${context-prefix}


Issue 3:

CacheServlet on line 181 needs to include the context in the url
    final String url = "http://" + host +
        Web.getConfig().getDispatcherContextPath() + SERVLET_URL + 
        params;


Issue 4:

DefaultSecurityHelper line 62 needs to be:
    String url = req.getPathInfo();

req.getRequestURI(); contains the context and when you compare that 
to whats in allowedPages w/o the context you aren't going to get any 
matches.


Issue 5:

PatternStylesheetResolver should have a context pattern.  Also 
WebAppPatternGenerator will always return "ROOT" for legacy 
dispatchers but that might not always be the case.  I placed mine 
under "ccm" instead of "ROOT" so it would load under the ccm context 
and the PatternStylesheetResolver could not find the stylesheets and 
the only way around it was to hardcode in the context in stylesheet-
paths.txt

Comment 1 Brett Prucha 2004-03-17 20:43:45 UTC

A couple more notes on this:

For Issue 3:

I would change line 181 of CacheServlet to support other schemes:

    final String url = Web.getConfig().getDefaultScheme() + "://" +
        host + Web.getConfig().getDispatcherContextPath() +
        SERVLET_URL + params;


for Issue 5:

I changed WebAppPatternGenerator.generateValues line 39 to:

    String ctx = app == null ? Web.getConfig()
        .getDispatcherContextPath() : app.getContextPath();

and the if statement that follows that to:

        if (app == null &&
            (ctx == null ||
            "".equals(ctx))) {
            return new String[] { Web.ROOT_WEBAPP };
        }


Issue 6:

Templating.transformURL should add a line after 338

    path = path.substring(Web.getConfig().
        getDispatcherContextPath().length());

Note You need to log in before you can comment on or make changes to this bug.