Home > Enterprise >  Tomcat request incorrectly changed to include ".jsp" within Grails application
Tomcat request incorrectly changed to include ".jsp" within Grails application

Time:11-09

We are moving a Grails 4 application from Oracle to Postgres, and from one server to another. We can run our application without issues locally (using run-app), so we don't think the Oracle -> Postgres transition is responsible for the issue we are seeing; we believe it's because of the switch from one environment to another.

We are seeing an issue where a request to "/OurApp/loginStatus/" that we would like to be handled by the Grails defaultAction. We would really like this URL to be mapped to "OurApp/loginStatus/index" which it does in other environments.

Here is a pared-down LoginStatusController:

class LoginStatusController {

    def index() {
        render([success: true] as JSON)
    }
}

Tomcat Logging

We turned on the RequestDumperFilter and this is where you see a difference between the URL and application path:

requestURI=/OurApp/loginStatus/

servletPath=/loginStatus/index.jsp

Application Logging

Adding additional spring-security logging gives us this:

Request received for '/loginStatus/index.jsp':

servletPath:/loginStatus/index.jsp

Configuration

I've gone over the server.xml, web.xml, and context.xml and I don't see anything that would explain why our new environment treats these requests differently.

We can't tell if Tomcat or Grails is at fault for the problem, or even how to debug further. The new server is only accessibly through a remote Windows OS that is lacking in tools to do any sort of remote debugging.

CodePudding user response:

The cause of the problem was a catalina option added to the tomcat.service file. The particular option was: org.apache.catalina.STRICT_SERVLET_COMPLIANCE=true

This was added along with several other options (RECYCLE_FACADES, ALLOW_BACKSPLASH, etc.) as a means to secure the server in the new environment without consideration of the impact.

Here is the official Tomcat 8 configuration documentation about this setting:

The default value of this system property is false.

If this is true the default values will be changed for:

  • org.apache.catalina.core. ApplicationContext.GET_RESOURCE_REQUIRE_SLASH
  • org.apache.catalina.core. ApplicationDispatcher.WRAP_SAME_OBJECT
  • org.apache.catalina.core. StandardHostValve.ACCESS_SESSION
  • org.apache.catalina.session. StandardSession.ACTIVITY_CHECK
  • org.apache.catalina.session. StandardSession.LAST_ACCESS_AT_START
  • org.apache.tomcat.util.http. ServerCookie.STRICT_NAMING
  • The URIEncoding attribute of any HTTP connector or AJP connector element.
  • The resourceOnlyServlets attribute of any Context element. The tldValidation attribute of any Context element.
  • The useRelativeRedirects attribute of any Context element.
  • The xmlNamespaceAware attribute of any Context element.
  • The xmlValidation attribute of any Context element.

We reverted that option only and our servlet paths were no longer changed between Tomcat and the application.

Page link:https//www.codepudding.com/Enterprise/603619.html

Prev:Print backwards all the positive even integers starting with 100 using loop
Next:SUM on multiple dynamic criteria on a separate sheet in google sheets
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding