794462 – (JBEPP-1502) Gadget Export/Import not working with Proxy that requires security Cookie

Bug 794462 (JBEPP-1502) - Gadget Export/Import not working with Proxy that requires security Cookie

Summary: Gadget Export/Import not working with Proxy that requires security Cookie

Keywords:
Status:	NEW
Alias:	JBEPP-1502
Product:	JBoss Enterprise Portal Platform 5
Classification:	JBoss
Component:	Portal
Sub Component:
Version:	5.2.0.GA
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	5.2.x
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:	http://jira.jboss.org/jira/browse/JBE...
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-02-06 11:56 UTC by William Antônio
Modified:	2020-04-27 01:31 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:	JBoss EPP 5.2 Environment with Proxy that requires a security cookie, Apache in front of EPP with mod_jk
Last Closed:
Type:	Bug

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	JBEPP-1502	0	Major	Closed	Gadget Export/Import not working with Proxy that requires security Cookie	2013-01-07 14:47:49 UTC

Description William Antônio 2012-02-06 11:56:33 UTC

Help Desk Ticket Reference: https://c.na7.visual.force.com/apex/Case_View?id=500A00000090hr4&sfdc.override=1
Steps to Reproduce: To reproduce we will need to have the following environment:

- Apache in front of EPP 5.2 with mod_jk
- Proxy that will check for some cookie;

Then you just need to access EPP through the Apache and see the error when trying to access Export/Import gadget.
Workaround Description: Not tested workaround:

- Get the portal request;
- Create a more elaborate elaborate request;
- Set the cookies from the portal request in our new request;
- Make the request to retrieve the JSON file;
- It should pass the proxy.
project_key: JBEPP

We are having an issue with EPP 5.2 and the Export/Import gadget. We know that this portlet loads stuffs through a REST call to EPP, so we configured proxy, Apache workers, etc, the gadget was supposed to work well, but it is not. We double, triple checked all the configuration, and everything sounds fine. The exclusivity is our proxy and it is explained in next lines.

Our proxy has a requirement to check a cookie to all requests that passes through it. It is a security cookie that checks the authorization of the logged user. The gadget presents an error because it tries to make a request to retrieve JSON data but this request doesn't contain the required cookie. We found that y allowing the "dump request" in JBoss WEB, so we could see that some requests were not preserving the cookies and we also can perfectly use the gadget when we hit JBoss directly.

Digging a little bit in the code, we found the root cause of this error (from Source: .portal/webui/portal/src/main/java/org/exoplatform/portal/webui/application/GadgetUtil.java):


public static String fetchGagdetRpcMetadata(String urlStr)
   {
      String result = null;

      ExoContainer container = ExoContainerContext.getCurrentContainer();
      GadgetRegistryService gadgetService =
         (GadgetRegistryService)container.getComponentInstanceOfType(GadgetRegistryService.class);
      try
      {
         String data = "[{method:\"gadgets.metadata\", id:\"test\", params: {ids:[\""
                   + urlStr + "\"], container:\"default\", language:\""
                   + gadgetService.getLanguage() + "\", country:\"" + gadgetService.getCountry() + "\", view:\"home\"}}]";

         // Send data
         String gadgetServer = getGadgetServerUrl();
         URL url = new URL(gadgetServer + (gadgetServer.endsWith("/") ? "" : "/") + "api/rpc");
         URLConnection conn = url.openConnection();
         conn.setRequestProperty("Content-Type", "application/json");
         conn.setDoOutput(true);
         OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
         wr.write(data);
         wr.flush();
         // Get the response
         result = IOUtils.toString(conn.getInputStream(), "UTF-8");
         wr.close();
      }
      catch (IOException ioexc)
      {
         ioexc.printStackTrace();
         return "{}";
      }
      return result;
   }



As you can see it's been opened an URL, and the cookies are dropped in this request, and then we get the error because the proxy will not allow the access to the JSON, but instead it will return a page to the user enter his credentials.


This is the Bug, you need to perform a more elaborate request at this point and include the cookies already present due a previous proxy authentication.

Comment 4 William Antônio 2012-02-17 21:30:53 UTC

After fix this request, we found other issue to retrieve the Application.gadget.xml from url /rest/jcr/repository/portal-system/production/app:gadgets/app:SiteExportImport/app:data/app:resources/Application.gadget.xml

About the issue:

Customer has a proxy in his environment with EPP that requires authentication. This proxy will look for a cookie in all request that pass through it. If the request doesn't have the cookies, the request will be denied.

The problem is that when you access Export/Import gadget, it will try to load some files making an HTTP request. For example:

/rest/jcr/repository/portal-system/production/app:gadgets/app:SiteExportImport/app:data/app:resources/Application.gadget.xml

/eXoGadgetServer/gadgets/js/rpc.js

/eXoGadgetServer/gadgets/api/rpc

But these requests are not including the Cookie required to pass the proxy.

Is there a way to intercept all these requests that EPP do to include the Cookie? What is the best way to do that?

Note You need to log in before you can comment on or make changes to this bug.