I'm using WebLogic 11g server, OIM (Oracle identity Manager), and I created a new web application on Wicket 6 as a module. When I execute my application in WebLogic server http://192.168.112.31:7001/WicketReport I receive a 403 Error.
My web.xml file is:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<display-name>Wicket Web Application</display-name>
<filter>
<filter-name>Application</filter-name>
<filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class>
<init-param>
<param-name>applicationClassName</param-name>
<param-value>kz.ecc.wicketreport.pages.Application</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Application</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file/>
</welcome-file-list>
</web-app>
I couldn't find any tutorial or instructions that describe how to do this. Please show me what I need to do or some steps to achieve it.
UPDATE
I tried to add:
<login-config>
<auth-method>CLIENT-CERT,BASIC</auth-method>
<realm-name>myRealm</realm-name>
</login-config>
after </welcome-file-list> in my web.xml but I still receive the 403 Error.
Related
i am a complete beginner in java world, i want to start building an JAX-RS endpoint so i am using Intellij with glassfish/tomcat application servers.
after i run my server, i tried all the urls like
http://localhost:8080/Demo-1.0-SNAPSHOT/api/hello-world
http://localhost:8080/Demo-1.0-SNAPSHOT/hello-world
and it didn't work.also i tried with tomcat, same problem. it would be nice if someone help me unblock this problem.
here is my project and its configuration :
https://i.imgur.com/oG0TqXG.png
https://i.imgur.com/qiOOunQ.png
I think you need a web.xml under src/main/webapp:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0">
<session-config>
<session-timeout>
15
</session-timeout>
</session-config>
</web-app>
And you can put the beans.xml in the same Folder.
I have a problem with Apache-Tomcat Servlet-mapping through url-pattern.
It has been working just fine till last year.
Very recently I tried to login and all of sudden 404 Not Found error showed up.
I still see all other pages fine. I don't know what has changed on server-side because I am borrowing a linux-server from vultr.
Since I haven't touched anything in my coding and everything looks fine to me, I have no clue.
It seems easy to solve for experts. Can anyone help me with this?
- Error Message
Not Found
The requested URL /login.do was not found on this server.
Apache/2.4.12 (Ubuntu) Server at xx.xx.xx.xx Port 80
Here xx is the ip address of my server
- tomcat/conf/server.xml
...
<Context path="" docBase="/.../tomcat/webapps/.../WebContent" reloadable="true"></Context>
...
- tomcat/conf/web.xml
...
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
<init-param>
<param-name>listings</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
...
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
...
- myapp/WEB-INF/web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>myapp</display-name>
...
<servlet>
<servlet-name>URIController</servlet-name>
<servlet-class>myapp.mvc.control.URIController</servlet-class>
<init-param>
<param-name>config</param-name>
<param-value>
/WEB-INF/commandHandler.properties
</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>URIController</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>
...
- myapp/WEB-INF/commandHandler.properties
/login.do=myapp.mvc.command.Login
When I try to login, it says "The requested URL /login.do was not found on this server."
It has been working fine like this: when hitting "login" button, it passes the content in commandHandler.properties to the control class (myapp.mvc.control.URIController) and this class get the name of the login class (myapp.mvc.command.Login) in order to dispatch the request to the login class.
If this problem has something to do with Apache, I have no idea (no idea even what to show here) because it was done by a paid expert like 5 years ago.
Thanks a lot in advance !!
That is an httpd error message, not an Apache Tomcat one. It looks like something (can't tell what from the information provided) has broken the reverse proxy from httpd to Tomcat. You need to talk to whoever set up the reverse proxy for you.
I'm running Tomcat 8.0.21 with java 1.8.0_40
I'm trying to create a costum error page, which should be displayed when I redeploy my application and the servlet is not reachable.
The obvious solution adding:
<error-page>
<error-code>404</error-code>
<location>/ErrorHandler/404.html</location>
</error-page>
to the <tomcatDir>/conf/web.xml won't work here since tomcat always seems to look for the error page in the same servlet. (so e.g. if calling <url>/idonotexist he uses the 404.html located in ROOT/ErrorHandler/404.html and not in ErrorHandler/404.html as I would have expected) If the webapp is down (stopped via the manager app, or due to maintenance) the error page is blank.
If I remove the lines from the <tomcatDir>/conf/web.xml the default tomcat 404 error message is shown though. Is there any possibility to change the default error handling of tomcat?
edit:
ErrorHandler is a deployed webapp with the following web.xml:
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>Error Application</display-name>
<description>
A webapp for error handling
</description>
<!-- servlet definition -->
<servlet>
<servlet-name>ErrorHandler</servlet-name>
<servlet-class>ErrorHandler</servlet-class>
</servlet>
<!-- servlet mappings -->
<servlet-mapping>
<servlet-name>ErrorHandler</servlet-name>
<url-pattern>/ErrorHandler</url-pattern>
</servlet-mapping>
</web-app>
If I call <tomcatUrl>/ErrorHandler/404.html in my browser I can view the error page just fine.
Using Wildfly 8.1.0.Final
I want to create a web app that requires basic authentication for access to /api/* but the rest of the application should be open. To accomplish this I have the following web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">
<security-constraint>
<web-resource-collection>
<web-resource-name>Api access</web-resource-name>
<url-pattern>/api/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>api</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>api</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Authentication requires api access</realm-name>
</login-config>
</web-app>
Testing with a browser, this works as expected.
http://localhost:8080/myapp/api
...requires authentication.
http://localhost:8080/myapp
...does not require authentication.
Here comes the tricky part:
A third party accesses /myapp and includes an authorization header in the request:
Authorization: Basic ZGlsbDpkYWxs
This is not a user registered in wildfly, but that shouldnt matter because /myapp is open, and does not require authorization. However what happens is this:
401 Unauthorized
Why? I have not told undertow to use any security constraints for /myapp, yet it defaults to the security constraints I have registered for /myapp/api
This is new behaviour that was introduced with undertow, because with Jboss AS 7.1.1.Final this did not happen.
How can I tell undertow to not use authorization for an open resource when authorization is included in the request?
I can confirm the issue with WildFly 8.1.0.Final. GlassFish 4.0 does not respond with 401 in the same scenario.
I've submitted an issue:
https://issues.jboss.org/browse/WFLY-3590
I've written a simple Front Controller for my Java EE application. This controller intercepts all the urls to redirect them to the corresponding method in the right class.
A typical url looks like this: http://domain.tld/appName/Controller/method
I'm facing 3 issues with tomcat at the moment:
If I try to access to my base url, http://domain.tld/appName/ (with or without the ending slash), my front controller isn't called and I've got a 404.
If I try to access to an url like this: domain.tld/appName/Controller/method/ (remark the ending slash) same thing than point number 1. But without the ending slash it works fine.
Finally, since all my requests are routing to my front controller I have to define all the static file to be served to the default servlet, in my web.xml. A less contraining and ugly solution would be nice.
Here is my web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<servlet>
<servlet-name>FrontController</servlet-name>
<servlet-class>controllers.FrontController</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>FrontController</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.jpg</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.png</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.css</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.js</url-pattern>
</servlet-mapping>
</web-app>
Add this to your web.xml file, before the first servlet:
<welcome-file-list>
<welcome-file>FrontController</welcome-file>
</welcome-file-list>
As said in comment, my FrontController was kinda ugly.
Rewriting it properly did the trick with the same web.xml.