Tomcat redirect taking user outside the domain

2018-07-01 22:43:19

i have this config in my web.xml

<servlet>
    <servlet-name>welcome</servlet-name>
    <servlet-class>com.me.util.WelcomeServletPublic</servlet-class>
    <init-param>
        <param-name>redirect</param-name>
        <param-value>/login/login.action</param-value>


    </init-param>
    </servlet>
<welcome-file-list>
        <welcome-file>welcome</welcome-file>
    </welcome-file-list>

in my development environment this redirect worked just fine. now that everything is moved into my production environment, the redirect isn't working.

whats supposed to happen is when you go to https://mydomain.com it redirects you to https://mydomain.com/login/login.action

whats happing is its redirecting to https://login/login.action, its loosing the domain name

now the big thing that has me wondering where its going wrong is how my production server is configured.

at the front door, i have apache running mod_jk. there are two listeners, 80, and 443. the 80 listener is configured with mod_rewrite to take the http:// url and rewrite it to https://. the 443 listener then takes the request and dumps it down to mod_jk which redirects the request to tomcat via port 8009. tomcat is running about 6 applications, each in its own vhost.

ive never had to do a configuration quite like this and don't know where to being troubleshooting this. i know i can't take the preceeding / out of the url in the servlet because then if someone went to mydomain.com/users, it would redirect them to mydomain.com/users/login/login.action, so i really don't know where to start.

here is my apache vhost config

    <VirtualHost 10.99.10.30:80>
        ServerName boardingsurvey.mydomain.org
        ServerAlias boardingsurvey.mydomain.org

        RewriteEngine On
        RewriteCond %{HTTPS} off
        RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>

<VirtualHost 10.99.10.30:443>
        ServerName boardingsurvey.mydomain.org
        ServerAlias boardingsurvey.mydomain.org
        DocumentRoot /var/www/vhosts/bss
        <Directory "/var/www/vhosts/bss">
                AllowOverride None
                Options Indexes FollowSymLinks
                Order allow,deny
                Allow from all
        </Directory>

        JkMount /* bss

        SSLEngine on
        SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
        SSLCertificateFile /etc/apache2/ssl/ssl.crt
        SSLCertificateKeyFile /etc/apache2/ssl/ssl.key
        SSLCertificateChainFile /etc/apache2/ssl/intermediate.crt
</VirtualHost>


~

The full explanation of why this was happening is as follows.

By adding an extra '/' to the redirect, the path being used for the redirect was //login/login.action

This type of URL is often referred to as a 'protocol relative' URL although the correct name is 'network-path reference'. See RFC 3986. Section 4.2. The absolute URL used as a redirect is generated using <current-protocol>:<network-path reference> which in this case gives http://login/login.action

Network-path references are normally used to generate a redirect when you want to specify the host but don't know if the user agent is using http or https and the string passed to the redirect would be "//host:port/contextpath/servletpath/pathinfo". A strict interpretation of the Servlet specification 3.0 and earlier does not allow the use of network-path references for redirects. Servlet 3.1 will allow them and recent versions of Tomcat 7 allow them for Servlet 3.0 and earlier as well.

https://stackoverflow.com/users/1299005/mark-thomas comment above was the problem. my welcomeservlet was adding an additional / to the url and thats what was messing up my rewrite.

链接地址: http://www.djcxy.com/p/89064.html

上一篇: 使用Nginx和Tomcat支持URL中的动态路径

下一篇: Tomcat将用户重定向到域外