Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Virgo » trouble with snaps filtering
trouble with snaps filtering [message #667947] Mon, 02 May 2011 22:09 Go to next message
Eric Hough is currently offline Eric Hough
Messages: 14
Registered: July 2010
Junior Member
Using Virgo 3.0.0.M03 and a freshly built copy of snaps. I'm having some trouble getting snaps to work they way I feel they should. Long post, so please bear with me! Here are the relevant configs...

Host bundle web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4"
	xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
	
	<display-name>Root Servlet</display-name>

	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/META-INF/security.xml
			/META-INF/osgi.xml
	    </param-value>
	</context-param>

       <!-- NOTE: my securityFilter config has a filter chain map with
                           <security:filter-chain pattern="/authenticate/**"	filters="none" />
            -->
	<filter>
		<filter-name>securityFilter</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>securityFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<filter>
		<filter-name>snaps-host-filter</filter-name>
		<filter-class>org.eclipse.virgo.snaps.core.SnapHostFilter</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>snaps-host-filter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<context-param>
		<param-name>contextClass</param-name>
		<param-value>org.eclipse.virgo.web.dm.ServerOsgiBundleXmlWebApplicationContext</param-value>
	</context-param>
	<listener>
		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>

	<welcome-file-list>
		<welcome-file>index.jsp</welcome-file>
	</welcome-file-list>
	
</web-app>


Relevant pieces of host template.mf
Manifest-Version: 1.0
Bundle-ManifestVersion: 2
Bundle-Name: Root Servlet
Excluded-Exports: *
Web-ContextPath: /
Import-Bundle: org.eclipse.virgo.web.dm
Import-Package: org.eclipse.virgo.snaps.core"
 ...


snap's web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4"
	xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
	
	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/META-INF/security.xml
			/META-INF/osgi.xml       
	    </param-value>
	</context-param>

	<filter>
		<filter-name>securityFilter</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>securityFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<context-param>
		<param-name>contextClass</param-name>
		<param-value>org.eclipse.virgo.web.dm.ServerOsgiBundleXmlWebApplicationContext</param-value>
	</context-param>
	<listener>
		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>

	<welcome-file-list>
		<welcome-file>index.jsp</welcome-file>
	</welcome-file-list>
	
</web-app>


relevant pieces of snap's template.mf
Manifest-Version: 1.0
Bundle-ManifestVersion: 2
Bundle-Name: Username / Password Login Servlet
Excluded-Exports: *
Import-Bundle: org.eclipse.virgo.web.dm
Import-Package: org.eclipse.virgo.snaps.core
 ...
Snap-Host: org.example.web.web-rootservlet
Snap-ContextPath: /authenticate


The snap and host find each other correctly when loaded into Virgo. Now, I would expect that when I navigate to http://localhost:8080/authenticate/ the following should occur:


  1. Host's securityFilter should examine request, match against /authenticate/** and thus apply no security filters.
  2. Host's snaps filter should run and delegate further request processing to snap at /authenticate
  3. Snap's securityFilter handles request
  4. Snap uses index.jsp of snap (as it's a welcome-file) to serve up content.


The actual sequence of events is really confusing to me. Here's the (commented) log of what happens when I make the request to http://localhost:8080/authenticate/

//First few lines are the host's security filter running. Good so far.

DEBUG org.springframework.security.web.FilterChainProxy:193 Converted URL to lowercase, from: '/authenticate/'; to: '/authenticate/' 
DEBUG org.springframework.security.web.FilterChainProxy:200 Candidate is: '/authenticate/'; pattern is /authenticate/**; matched=true 
DEBUG org.springframework.security.web.FilterChainProxy:158 /authenticate/ has an empty filter list 

//Next bunch of lines is Snap handling. Maps the request to the static resource servlet, which seems wrong to me.

INFO  org.eclipse.virgo.snaps.core.OsgiSnapRegistry:66 Snap 'org.eclipse.virgo.snaps.core.internal.webapp.WebAppSnap@72cae19' found for context path '/authenticate' 
INFO  org.eclipse.virgo.snaps.core.internal.webapp.container.StandardVirtualContainerRequestDispatcher:71 Servicing request 'null' 
INFO  org.eclipse.virgo.snaps.core.internal.webapp.url.ExtensionUrlPattern:38 Path '/authenticate/' does not match pattern 'jsp' 
INFO  org.eclipse.virgo.snaps.core.internal.webapp.url.DefaultUrlPattern:44   Path '/authenticate/' matches pattern '/' 
INFO  org.eclipse.virgo.snaps.core.internal.webapp.url.UrlPatternMatcher:75   Matched path '/authenticate/' with mapping '__resource-servlet' 
INFO  org.eclipse.virgo.snaps.core.internal.webapp.url.DefaultUrlPattern:62   Translated path '/authenticate' to '/' 
INFO  org.eclipse.virgo.snaps.core.internal.webapp.url.PathUrlPattern:38      Path '/authenticate/' matches pattern '/authenticate'
 
//Host's security filter running again for unknown reason
 
DEBUG org.springframework.security.web.FilterChainProxy:193 Converted URL to lowercase, from: '/authenticate/'; to: '/authenticate/' 
DEBUG org.springframework.security.web.FilterChainProxy:200 Candidate is: '/authenticate/'; pattern is /authenticate/**; matched=true 
DEBUG org.springframework.security.web.FilterChainProxy:158 /authenticate/ has an empty filter list

//Snaps again, this time trying to serve up a static resource from the snap at /authenticate/

INFO  org.eclipse.virgo.snaps.core.internal.webapp.StaticResourceServlet:63   Resource / found


If, however, I request http://localhost:8080/authenticate/index.jsp, then things work differently:

//Host's security filter again. Good so far.

DEBUG org.springframework.security.web.FilterChainProxy:193 Converted URL to lowercase, from: '/authenticate/index.jsp'; to: '/authenticate/index.jsp' 
DEBUG org.springframework.security.web.FilterChainProxy:200 Candidate is: '/authenticate/index.jsp'; pattern is /authenticate/**; matched=true 
DEBUG org.springframework.security.web.FilterChainProxy:158 /authenticate/index.jsp has an empty filter list 

//Snaps maps the request to jsp servlet, which is correct.

INFO org.eclipse.virgo.snaps.core.OsgiSnapRegistry:66 Snap 'org.eclipse.virgo.snaps.core.internal.webapp.WebAppSnap@72cae19' found for context path '/authenticate' 
INFO org.eclipse.virgo.snaps.core.internal.webapp.container.StandardVirtualContainerRequestDispatcher:71 Servicing request 'null' 
INFO org.eclipse.virgo.snaps.core.internal.webapp.url.ExtensionUrlPattern:36 Path '/authenticate/index.jsp' matches pattern 'jsp' 
INFO org.eclipse.virgo.snaps.core.internal.webapp.url.UrlPatternMatcher:75   Matched path '/authenticate/index.jsp' with mapping '__jsp-servlet' 
INFO org.eclipse.virgo.snaps.core.internal.webapp.url.ExtensionUrlPattern:47 Did not translate path '/authenticate/index.jsp' 
INFO org.eclipse.virgo.snaps.core.internal.webapp.url.PathUrlPattern:38      Path '/authenticate/index.jsp' matches pattern '/authenticate' 

//Host's security filter running again for unknown reason

DEBUG org.springframework.security.web.FilterChainProxy:193 Converted URL to lowercase, from: '/authenticate/index.jsp'; to: '/authenticate/index.jsp' 
DEBUG org.springframework.security.web.FilterChainProxy:200 Candidate is: '/authenticate/index.jsp'; pattern is /authenticate/**; matched=true 
DEBUG org.springframework.security.web.FilterChainProxy:158 /authenticate/index.jsp has an empty filter list


So my questions are

  1. Why is my snap's filter never handling the requests?
  2. Why is my host's securityFilter handling each request twice?
  3. What's the rationale behind snaps's default-web.xml?
  4. Is the "Servicing request 'null' " log statement normal?
  5. What am I doing wrong!?? Smile



Help?

[Updated on: Mon, 02 May 2011 22:11]

Report message to a moderator

Re: trouble with snaps filtering [message #668022 is a reply to message #667947] Tue, 03 May 2011 12:38 Go to previous messageGo to next message
Dmitry Sklyut is currently offline Dmitry Sklyut
Messages: 272
Registered: January 2010
Senior Member
Hello Eric,

There is two things wrong in config. Obviously this is lack of documentation on our side.

1. Snap should not have a root.webapp context defined. Because snap is re-using host's servlet context there will be contention for the WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE servlet context attribute key.

2. you need to configure Security filter to be scoped to your snap.

See here for hints on how to do it:
http://forum.springsource.org/showthread.php?t=78513

Hope this helps.

Regards,
Dmitry
Re: trouble with snaps filtering [message #668260 is a reply to message #668022] Wed, 04 May 2011 17:49 Go to previous messageGo to next message
Eric Hough is currently offline Eric Hough
Messages: 14
Registered: July 2010
Junior Member
Thanks, Dmitry. That pointed me in the right direction. After a full day of nearly melting my brain, it's finally working as expected! In case anyone else comes along with the same issue, here are my working configs:

host web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4"
	xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

	<display-name>Root Web Context</display-name>

	<filter>
		<filter-name>securityFilter</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>securityFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<filter>
		<filter-name>snaps-host-filter</filter-name>
		<filter-class>org.eclipse.virgo.snaps.core.SnapHostFilter</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>snaps-host-filter</filter-name>
		<url-pattern>/*</url-pattern>
		<dispatcher>REQUEST</dispatcher>
        	<dispatcher>INCLUDE</dispatcher>
        	<dispatcher>FORWARD</dispatcher>
	</filter-mapping>


	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/META-INF/security.xml
			/META-INF/osgi.xml
	    </param-value>
	</context-param>
	<context-param>
		<param-name>contextClass</param-name>
		<param-value>org.eclipse.virgo.web.dm.ServerOsgiBundleXmlWebApplicationContext</param-value>
	</context-param>
	<listener>
		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>

	<welcome-file-list>
		<welcome-file>index.jsp</welcome-file>
	</welcome-file-list>
	
</web-app>


snap web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4"
	xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

	<filter>
		<filter-name>securityFilters</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
		<init-param>
			<param-name>contextAttribute</param-name>
			<param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.authentication-snap</param-value>
		</init-param>
	</filter>
	<filter-mapping>
		<filter-name>securityFilters</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<servlet>
		<servlet-name>authentication-snap</servlet-name>
		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
		<load-on-startup>2</load-on-startup>
	    <init-param>
	        <param-name>contextClass</param-name>
	        <param-value>org.eclipse.virgo.web.dm.ServerOsgiBundleXmlWebApplicationContext</param-value>
	    </init-param>
	    <init-param>
		    <param-name>contextConfigLocation</param-name>
			<param-value>
				/META-INF/security.xml
				/META-INF/osgi.xml
		    </param-value>
	    </init-param>
	</servlet>


</web-app>

Re: trouble with snaps filtering [message #675960 is a reply to message #668260] Thu, 02 June 2011 07:11 Go to previous message
Pachara Tinamas is currently offline Pachara Tinamas
Messages: 2
Registered: June 2011
Junior Member
I have a problem with virgo snaps and spring-security
Can you share me your host web.xml, securit-context.xml and snap web.xml, securit-context.xml

My problem is when my request match security pattern, it always show

No snap for context path /websnap

but when I remove security filter, it work fine

Thank you
Previous Topic:Virgo 3.0.0.M05 available
Next Topic:Cannot add Virgo Server
Goto Forum:
  


Current Time: Wed Oct 22 12:24:23 GMT 2014

Powered by FUDForum. Page generated in 0.14857 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software