I have a ProxyServlet (org.mitre.dsmiley.httpproxy) in my code which does some operations and forwards certain url's ending with */xyz to a different application. I have integration tests covering my application( using JerseyTest framework) and want to make the integration-tests pass through the proxy servlet.
Currently my test case deployment configuration is as below:
ServletDeploymentContext.forServlet(new ServletContainer(internalConfigureResourceConfig(resourceConfig))).build()
Now, to test my proxy-servlet, if I change the configuration as below,
ServletDeploymentContext.forServlet(MyProxyServlet.class).build()
I am not able to add the url-pattern servlet-mapping above and the proxy-servlet is being called for all the url's. Can someone tell me how can I add the url-mapping configuration dynamically for the
ServletDeploymentContext.forServlet
I have checked all the methods but unable to do so
I have understood where I went wrong. When I add below statement,
ServletDeploymentContext.forServlet(MyProxyServlet.class).build()
I am adding MyProxyServlet as the only "default" servlet and hence even if I add servletPath() as the url-mapping it did not work as that was the only servlet present. So every request was sent to the servlet even if mapping criteria is not satisfied.
When I add another servlet with servletPath as /* then all other requests went to other servlet and the required requests came to my MyProxyServlet
Related
Case : 1 I used following .xml config in web.xml in servlets based
Still when i am trying to test it , other than get and post also allowed.
Can some suggest me the better approch for servlet based web application.
Does anyone has an idea, how to handle filters correctly within an Jersey-2.x application when using RequestDispatcher.forward()?
RequestDispatcher dispatcher=pCtx.getRequestDispatcher("/app2");
dispatcher.forward(request, response);
When I do a forward between two webapps, both using Jersey-2.5+, the webapp that is being redirected to, contains request filters. They should be invoked when doing the forward (like when requesting the app directly) but are not.
Several post do outline to use the <filter-mapping> element with the <dispatcher> tag in the web.xml, like here. But this looks to me like javax servlet filters and I am not sure how to include this, if ever possible.
Is there a way to achieve the same with Jersey-2.x filters?
UPDATE:
My ContainerRequestFilters are post-matching filters, as they are not annotated with #PreMatching
As I found out, the RequestFilters are actually invoked. I didn't recognise that by mistake. What really is not invoked, is tomcat container authentication like a realm. But this is clear to me, as we already passed tomcat layer when the request is processed by any application.
i wonder if there's a way to enable or disable servlets (or at least mappings for servlets) other than web.xml. I have multiple kinds of servers which use the same web.xml (i can't change this) so this is why another way of enabling/disabling servlets would be useful.
Thanks,
Teo
You could use #WebServlet annotation with servlet 3.0 onwards, not sure if this will work for your requirement, please comment if this isn't the way you want to
#WebServlet("/hello")
public class HelloServlet extends HttpServlet {
// code code code
}
As far as i am aware there is no such thing as programmatic disabling of servlets other that the deployment descriptor.
The way that i would approach such an issue is the following:
-I would add an if statement in each of my servlets service() method that i would like to control access to such as:
if(MyCustomSecurity.isServletAccessible(request)){
//here is your code that you have right now
}else{
//redirect request to an error page maybe
}
-Create this method isServletAccessible() in MyCustomSecurity class that would return a boolean on weather the user is allowed to acceess the servlet or not
If you are using Tomcat 7.x / Servlet 3.0 you can programmatically add a servlet filter to dynamically enable/disable access to some of your servlets without touching your web.xml file nor your application code.
I'd just create a web filter that reads some kind of configuration and passes or redirects on specific, configured paths.
Another option is to block paths on security layer e.g. Spring Security (actually it uses something like described above).
what about creating a Filter (a class that implements javax.servlet.Filter), then in a xml or properties file or even in database, you can add the servlets' names that the user can access or can't access.
I'm looking now for a couple of days for the answer to the following question:
I have a Spring 2.5 webapplication and I want to show a certain setup screen if the initialization of the spring context has failed. In this setup screen they can look why the server doesn't startup and maybe make some changes (upload new config.properties file)
But how can I implemented this on a smart way? Has Spring already something like this or do I need to extend the ContextLoader for example?
I tried something in the web.xml like this: but this doesn't seems to work:
<error-page>
<error-code>404</error-code>
<location>/public/setup.jsp</location>
</error-page>
Solution:
I start with a default web.xml and after the setup is done I replace the web.xml with the right 'application' web.xml. Because the web.xml is replaced the servers restarts. This works great. Thanks again for your answers.
Here are three ideas:
Modify the context loader to catch the exception, and add a servlet/mapping to the container the that redirects all the relevant mappings to the dynamically loaded servlet. Check out this stack overflow thread of instructions on how to create a dynamic servlet: Dynamically add a servlet to the servletConfig
Alternatively you could have a standard servlet defined that handles all requests and forwards them to the config page. You can then have a spring bean that remove thats servlet and mapping from the context when it's finished initalizing (you might want to put that code in the postInitalize hook of a spring bean.)
You could also try creating a listener that checks to see if a valid application context exists and removes a "default" mapping /servlet exits.
I don't think there are standard mechanisms for adding/removing servlets and mapping from the container. But it looks like most containers have some APIs that do this.
There is a third way, which you were hinting. Which is to assume that if a 404 error occured then servlet failed to start. If you go down that route I think you will run into the issue that 404 errors can occurs just because the user fat fingered the url.
My Spring Dispatcher servlet url-pattern is /* (as spring MVC REST suggests)
Now all the request are resolved by this Servlet. even CSS/JS/Images also get resolved and handled by servlet..
So, Spring MVC tries to find controller.. :(
How to bypass this? Is there any standard way out of this problem??
& Don't want to change url-pattern to /rest/* (so, other static resources get accessed by /css/ or /js etc.)
You can map your controllers to a smaller set of URLS (i.e. /app/*), and then rewrite the URLs that your users actually see so that they don't even know about. Have a look at the mvc-basic webapp sample, particularly web.xml and urlrewrite.xml to see how this is done.
Map the Spring dispatcher to some subsection of the URL space, and use Tuckey to rewrite URLs the user deals with.
http://www.example.org/app/controller/action -> http://www.example.org/controller/action
Just a heads-up update on this: the default rewrite configuration as defined in the Spring sample did not work out of the box for me. The rewrite rules for stylesheets, scripts, etc. were still processed to the /app/* rule, and subsequently handled by the DispatchServlet, which is not desirable.
I had to add the last="true" attribute to the styles/scripts/images rules to indicate that other rules should not apply, and I had to use the FreeMarker Spring URL macro in any CSS/JS include paths.
Just in case someone encounters the same problem.