Let's say i've a lot of different of sub-domains ,
I want to redirect each request to the server so it will response with different action on each request of sub-domain
(with text or html generated on server)
I'm working with EJB 3.1 on Tomcat 7 using web.xml , and I want to use with only one webapp
Example:
http://companyName1.mycompany.com
responce to client: "hello aaa companyName1 ..."
http://companyName2.mycompany.com
responce to client: "hello bbb companyName2 ..."
http://companyName3.mycompany.com
responce to client: "hello ccc companyName3 ..."
What is correct web.xml or server.xml mapping to solve this issue ??
Thanks!!
You want server.xml, not web.xml. Add an alias for each subdomain in the appropriate Host block.
So you would have something like this:
<Host name="mycompany.com" appBase="webapps" ... >
<Alias>companyName1.mycompany.com</Alias>
<Alias>companyName2.mycompany.com</Alias>
<Alias>companyName3.mycompany.com</Alias>
...
</Host>
Then use request.getServerName() to determine the subdomain.
The previous answer regarding server.xml will definitely work, but requires a restart every time you need to add/modify it.
Another way would be to keep the standard server.xml, but use request.getServerName() to examine hostname the user used to access your server.
Related
i want to secure a personel tomcat in following way.
Basically everyone (every ip) should be able to access the webapps of this tomcat.
But some of the ip should able to access the tomcat without authentification (most of them) and some (e.g. 10.0.0.*) should only be able to access this tomcat via an authentification.
I've read much about how to solve this problem. The Tomcat Remote Access Filter and Remote Host Name isn't working in my case, cause i don't want to deny/allow the webapp for some IP Adresses.
I've tried to add these lines to context.xml with expectation, that i (localhost) can access the tomcat without authentification, but the authentification was still required:
<Context antiJARLocking="true" path="/">
<Valve className="org.apache.catalina.valves.RemoteAddrValve" invalidAuthenticationWhenDeny="true" allow="127\.0\.0\.1"/>
<Valve className="org.apache.catalina.authenticator.BasicAuthenticator" />
So im at the end of my knowlegde (maybe i dont have much :D).
Can someone give me an example or a solution to my issue? Maybe i have to edit more than this file? Or did i missinterpreted something?
Thanks!
There are two ways of using authentication in tomcat.
1. if you want that each web app is not access by every user you can implement "Realm Configuration" . with this configuration , every time when user access the deployed web app in tomcat ,
it will ask user name and password.
for more details please refer below link:
https://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html
Another scenario is if you want that specific ip user able to access tomcat the via Remote filter you can achieve this.
for more details Refer below link:
https://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#Remote_Host_Filter
As you told "The Tomcat Remote Access Filter and Remote Host Name isn't working in my case, cause i don't want to deny/allow the webapp for some IP Adresses."
In that case you can implement "Realm configuration" if you don't want to bind the web app for IPs. That's why you can try to use realm configuration with user name and password.
If you still want to use remote filter then share your procedure which you are following for understanding where you are getting failed.
Is there a way to restrict/allow access to a specific file on Tomcat only to certain IPs? If there is no direct way to do this, what would be a good workaround?
I'd really appreciate your help.
Use a filter and get the ip from the request. However in case the request comes from behind a firewall, you'll get the firewall's ip.
There is a way to do so with Tomcat ;)
Code:
<Context path="/here is youre path to the files">
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="here u put the IP addresses you want to allow" deny="here u put the IP addresses you want to deny"/>
</Context>
I highly recommend you to read the Tomcat Tips which have been published by O´reilly. Can be found here.
Number 10 on there Site is about your Question
EDIT: This has to be pasted to your Server.xml
EDIT1: OTHER Way can be found here Tomcat Valve settings
There are various ways to do it, depending on exactly what you want to do. For example:
Remote IP Valves.
Remote Address Filters
Remote Host Filters
Or if you wanted something fine-grained (e.g. pattern matching on the path part of the request URL) then you could implement your own Filter class.
Is there anything in the Servlet spec, Tomcat, or Wicket that will allow a webapp running behind mod_proxy to determine the non-proxied URL of the request?
We need to send out emails with links in them. I had been using the following bit of Wicket to construct URLs to specific pages in the app:
String relURL = RequestCycle.get().getRequest().getRelativePathPrefixToWicketHandler();
RequestUtils.toAbsolutePath(relURL);
Since the emails don't go back out through the proxy, of course the URLs don't get re-written, and end up looking like http://localhost/....
Right now the best I can do is to hard-code the URLs to our production server, but that's setting us up for some debugging headaches when running on dev/test machines.
Using InetAddress.getLocalHost().getHostName() isn't really a solution, since that's likely to return prod1.mydomain.com or somesuch, rather than mydomain.dom, from which the request likely originated.
As answered for the question Retain original request URL on mod_proxy redirect:
If you're running Apache >= 2.0.31 then you might try to set the
ProxyPreserveHost directive as described here .
This should pass the original Host header trough mod_proxy into your
application, and normally the request URL will be rebuild there (in
your Servlet container) using the Host header, so the schema location
should be build using the host and path infos from "before" the proxy.
Is there anything in the Servlet spec, Tomcat, or Wicket that will allow a webapp running behind mod_proxy to determine the non-proxied URL of the request?
No. If the reverse proxy doesn't put the information that you require into the message headers before passing them on, there's no way to recover it.
You need to look at the Apache Httpd documentation to figure out how to get the front-end to put the information that you need into the HTTP request headers on the way through. (It can be done. I just can't recall the details.)
This is a tangled web that's woven, I suppose, but it really shouldn't be all that hard. Let me see if I can paint the picture:
I have written a web service, starting with a WSDL, which is to run in JBoss. This is all fine and dandy when I run it on my local machine and point my Netbeans "client generator" (probably just using "wsimport" or whatever behind the scenes) at it to generate a client it works as expected. All of this is working by hitting port 8080 directly and the <soap:address> element looks like so:
<soap:address location="http://localhost:8080/MyoutfitWebService/funService"/>
Now, when this puppy gets deployed, it will be getting requests from IIS forwarded through AJP to, I think, port 8009. IIS handles our client certificate validation and then is supposed to just forward the request to my web service. I can't figure out what to use in my WSDL's <soap:address> element so that I can give the WSDL URL to someone to generate their own client. If I use:
<soap:address location="https://real.server.com/MyoutfitWebService/funService"/>
when I deploy it and point to the WSDL, the <soap:address> element is wrecked and looks something like:
<soap:address location="https://127.0.0.1:8443/MyoutfitWebService/funService"/>
Can someone tell me if I need to modify something in jbossws.sar jboss-beans.xml or what?
I'm using JBoss Web Services Native 3.0.4.
Thanks for reading.
I have no idea how to handle this in IIS but i'll write some notes about Apache
I had the same problem and workarounded it using mod_ext module in apache
Your configuration will look like this
ExtFilterDefine fixservice mode=output cmd="/bin/sed s/127.0.0.1:8443/real.server.com:443/g"
<Location "/MyoutfitWebService/services/funService">
ProxyPass ajp://local.server.com:8009/MyoutfitWebService/funService
SetOutputFilter fixservice
</Location>
ProxyPass /MyoutfitWebService/funService ajp://local.server.com:8009/MyoutfitWebService/funService
So, your "correct" WSDL address will be
real.server.com/MyoutfitWebService/services/funService?wsdl
which will have correct soap:address,
real.server.com/MyoutfitWebService/funService
(I have removed https as I can put only one hyperlink here).
There may be a better way but unfortunately I have no time to do deep investigation. This solution just works (I found it couple of minutes ago and already tested)
I have a servlet hosted in the glassfish server. i want to communicate with it using telnet to understand what is going on behind the scenes when using html form get method.
What should i give in the Host field of the HTTP request?
Get /WebApplication1/NServlet HTTP/1.1
Host: localhost
If i want to send custom properties in the HTTP request as below, is it possible to extract their value using request.getAttribute() method.
Get /WebApplication1/NServlet HTTP/1.1
Host: localhost
Custom-Attribute: xyz
Another doubt is that is javax.servlet package not a part of java SE sdk. i had to install java ee to get it running.
The Host field is just the hostname part of the URL, e.g. Host: google.com for http://google.com/
Custom-Attribute: xyz would be exposed in the HttpServletRequest using getHeader(), not getAttribute().
If you want to use HTTP for your protocol (as you've suggested in your comments), check out HttpClient. As the name suggests, it's the client-side of the client/server HTTP implementation, and it should be relatively easy to determine what to set on the client side such that you see it on the server.
There's a great tutorial here. I would perhaps get a simple page working in the servlet first, and check it via the browser, and then implement the client side.
Based on your question, I don't there's enough information for anyone to answer you. Tomcat/Jetty/etc are basically web servers that contain servlets (and therefore JSP/JSF/Wicket etc etc) processors for dynamically generating content.
So, what is it you're trying to figure out, and why?