diff options
| author | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-24 17:19:39 +0000 |
|---|---|---|
| committer | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-24 17:19:39 +0000 |
| commit | a9a1c17cedf95d4f715437acf0d1c9b92335166c (patch) | |
| tree | 2383dfdb97df473f99ee27340c2edcbd8c4bb890 | |
| parent | 5698af1a1da5cde0f22123bd159aaeb0b0689dd4 (diff) | |
| download | pki-a9a1c17cedf95d4f715437acf0d1c9b92335166c.tar.gz pki-a9a1c17cedf95d4f715437acf0d1c9b92335166c.tar.xz pki-a9a1c17cedf95d4f715437acf0d1c9b92335166c.zip | |
Bugzilla BZ 653576 - tomcat5 does not always run filters on servlets as expected
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1587 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
8 files changed, 37 insertions, 180 deletions
diff --git a/pki/base/ca/shared/webapps/ca/WEB-INF/web.xml b/pki/base/ca/shared/webapps/ca/WEB-INF/web.xml index c806f5a0..5637c007 100644 --- a/pki/base/ca/shared/webapps/ca/WEB-INF/web.xml +++ b/pki/base/ca/shared/webapps/ca/WEB-INF/web.xml @@ -4,11 +4,6 @@ <web-app> <filter> - <filter-name>PassThroughRequestFilter</filter-name> - <filter-class>com.netscape.cms.servlet.filter.PassThroughRequestFilter</filter-class> - </filter> - - <filter> <filter-name>AgentRequestFilter</filter-name> <filter-class>com.netscape.cms.servlet.filter.AgentRequestFilter</filter-class> <init-param> @@ -1940,48 +1935,28 @@ [PKI_OPEN_SEPARATE_PORTS_WEB_COMMENT] <filter-mapping> - <filter-name> PassThroughRequestFilter </filter-name> + <filter-name> AgentRequestFilter </filter-name> + <url-pattern> /agent/* </url-pattern> <url-pattern> /subsystem/* </url-pattern> <url-pattern> /ca/getCertFromRequest </url-pattern> <url-pattern> /ca/getBySerial </url-pattern> - <url-pattern> /index </url-pattern> <url-pattern> /ca/connector </url-pattern> <url-pattern> /ca/displayCertFromRequest </url-pattern> <url-pattern> /doRevoke </url-pattern> + </filter-mapping> + <filter-mapping> + <filter-name> AdminRequestFilter </filter-name> + <url-pattern> /admin/* </url-pattern> + <url-pattern> /auths </url-pattern> <url-pattern> /acl </url-pattern> - <url-pattern> /ug </url-pattern> <url-pattern> /server </url-pattern> - <url-pattern> /capolicy </url-pattern> - <url-pattern> /log </url-pattern> - <url-pattern> /ca/getAdminCertBySerial </url-pattern> <url-pattern> /caadmin </url-pattern> - <url-pattern> /registry </url-pattern> <url-pattern> /caprofile </url-pattern> <url-pattern> /jobsScheduler </url-pattern> <url-pattern> /capublisher </url-pattern> - - <url-pattern> /renewal </url-pattern> - <url-pattern> /certbasedenrollment </url-pattern> - <url-pattern> /enrollment </url-pattern> - <url-pattern> /ocsp </url-pattern> - <url-pattern> /profileSubmit </url-pattern> - - <url-pattern> /services </url-pattern> - - <url-pattern> /start </url-pattern> - <url-pattern> /cgi-bin/pkiclient.exe </url-pattern> - </filter-mapping> - - <filter-mapping> - <filter-name> AgentRequestFilter </filter-name> - <url-pattern> /agent/* </url-pattern> - </filter-mapping> - - <filter-mapping> - <filter-name> AdminRequestFilter </filter-name> - <url-pattern> /admin/* </url-pattern> - <url-pattern> /auths </url-pattern> + <url-pattern> /log </url-pattern> + <url-pattern> /ug </url-pattern> </filter-mapping> <filter-mapping> @@ -1992,6 +1967,12 @@ <filter-mapping> <filter-name> EERequestFilter </filter-name> <url-pattern> /ee/* </url-pattern> + <url-pattern> /renewal </url-pattern> + <url-pattern> /certbasedenrollment </url-pattern> + <url-pattern> /ocsp </url-pattern> + <url-pattern> /enrollment </url-pattern> + <url-pattern> /profileSubmit </url-pattern> + <url-pattern> /cgi-bin/pkiclient.exe </url-pattern> </filter-mapping> [PKI_CLOSE_SEPARATE_PORTS_WEB_COMMENT] diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminAuthenticatePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminAuthenticatePanel.java index 4077559e..876cd2a0 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminAuthenticatePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminAuthenticatePanel.java @@ -190,7 +190,7 @@ public class AdminAuthenticatePanel extends WizardPanelBase { } try { - httpsport = config.getInteger("preop.master.httpsport"); + httpsport = config.getInteger("preop.master.httpsadminport"); } catch (Exception e) { CMS.debug("AdminAuthenticatePanel update: "+e.toString()); context.put("errorString", "Missing port for master"); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java index da9c6ddc..6421e37c 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java @@ -261,7 +261,7 @@ public class CreateSubsystemPanel extends WizardPanelBase { ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); if (cstype.equals("ca")) { - updateCertChain( config, "clone", host, https_ee_port, + updateCertChainUsingSecureEEPort( config, "clone", host, https_ee_port, true, context, certApprovalCallback ); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java index 190fa1ba..53b172cf 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java @@ -349,9 +349,9 @@ public class RestoreKeyCertPanel extends WizardPanelBase { int master_port = -1; try { sd_hostname = config.getString("securitydomain.host", ""); - sd_port = config.getInteger("securitydomain.httpseeport", -1); + sd_port = config.getInteger("securitydomain.httpsadminport", -1); master_hostname = config.getString("preop.master.hostname", ""); - master_port = config.getInteger("preop.master.httpsport", -1); + master_port = config.getInteger("preop.master.httpsadminport", -1); String content = ""; if (cstype.equals("ca") || cstype.equals("kra")) { diff --git a/pki/base/common/src/com/netscape/cms/servlet/filter/PassThroughRequestFilter.java b/pki/base/common/src/com/netscape/cms/servlet/filter/PassThroughRequestFilter.java deleted file mode 100644 index 32a3725f..00000000 --- a/pki/base/common/src/com/netscape/cms/servlet/filter/PassThroughRequestFilter.java +++ /dev/null @@ -1,80 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2009 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.filter; - -import javax.servlet.http.*; -import javax.servlet.*; -import com.netscape.certsrv.apps.*; - -public class PassThroughRequestFilter implements Filter -{ - /* Create a new PassThroughRequestFilter */ - public PassThroughRequestFilter() {} - - public void init( FilterConfig filterConfig ) - throws ServletException - { - } - - public void doFilter( ServletRequest request, - ServletResponse response, - FilterChain chain ) - throws java.io.IOException, - ServletException - { - // Simply pass-through this request without filtering it . . . - // - // NOTE: This "do-nothing" filter is ONLY provided since - // individual servlets can not be "excluded" from within - // the <url-pattern></url-pattern> parameters, thus - // disallowing the use of a '*' wildcard parameter - // on certain filters. - // - // Therefore, since servlets MUST be specified individually - // by such filters, this pass-through filter was created to - // contain those servlets which would otherwise simply be - // "excluded". Although this could also be accomplished - // by merely performing "exclusion by lack of inclusion", - // the existance of a pass-through filter allows the - // EXPLICIT identification of servlets which MUST NOT - // have any filters run against them. - // - - String filterName = getClass().getName(); - - String servlet = null; - String msg = null; - // CMS.debug("Entering the Passthrough filter"); - - if( request instanceof HttpServletRequest ) { - HttpServletRequest req = ( HttpServletRequest ) request; - - servlet = req.getServletPath(); - msg = "Excluding filtering on servlet called '" + servlet + "'!"; - CMS.debug( filterName + ": " + msg ); - } - - // CMS.debug("Exiting the passthrough filter"); - chain.doFilter( request, response ); - } - - public void destroy() - { - } -} - diff --git a/pki/base/kra/shared/webapps/kra/WEB-INF/web.xml b/pki/base/kra/shared/webapps/kra/WEB-INF/web.xml index 1c17c1e6..e50308dd 100644 --- a/pki/base/kra/shared/webapps/kra/WEB-INF/web.xml +++ b/pki/base/kra/shared/webapps/kra/WEB-INF/web.xml @@ -4,11 +4,6 @@ <web-app> <filter> - <filter-name>PassThroughRequestFilter</filter-name> - <filter-class>com.netscape.cms.servlet.filter.PassThroughRequestFilter</filter-class> - </filter> - - <filter> <filter-name>AgentRequestFilter</filter-name> <filter-class>com.netscape.cms.servlet.filter.AgentRequestFilter</filter-class> <init-param> @@ -804,24 +799,6 @@ [PKI_OPEN_SEPARATE_PORTS_WEB_COMMENT] <filter-mapping> - <filter-name> PassThroughRequestFilter </filter-name> - <url-pattern> /index </url-pattern> - - <url-pattern> /server </url-pattern> - <url-pattern> /kra </url-pattern> - <url-pattern> /log </url-pattern> - <url-pattern> /ug </url-pattern> - <url-pattern> /acl </url-pattern> - <url-pattern> /jobsScheduler </url-pattern> - <url-pattern> /krapolicy </url-pattern> - - <url-pattern> /services </url-pattern> - - <url-pattern> /start </url-pattern> - <url-pattern> /dynamicVars.js </url-pattern> - </filter-mapping> - - <filter-mapping> <filter-name> AgentRequestFilter </filter-name> <url-pattern> /agent/* </url-pattern> </filter-mapping> @@ -830,6 +807,12 @@ <filter-name> AdminRequestFilter </filter-name> <url-pattern> /admin/* </url-pattern> <url-pattern> /auths </url-pattern> + <url-pattern> /server </url-pattern> + <url-pattern> /log </url-pattern> + <url-pattern> /ug </url-pattern> + <url-pattern> /acl </url-pattern> + <url-pattern> /jobsScheduler </url-pattern> + <url-pattern> /kra </url-pattern> </filter-mapping> <filter-mapping> diff --git a/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml b/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml index 162a0b8d..6a507dfd 100644 --- a/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml +++ b/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml @@ -8,11 +8,6 @@ <web-app> <filter> - <filter-name>PassThroughRequestFilter</filter-name> - <filter-class>com.netscape.cms.servlet.filter.PassThroughRequestFilter</filter-class> - </filter> - - <filter> <filter-name>AgentRequestFilter</filter-name> <filter-class>com.netscape.cms.servlet.filter.AgentRequestFilter</filter-class> <init-param> @@ -496,20 +491,6 @@ [PKI_OPEN_SEPARATE_PORTS_WEB_COMMENT] <filter-mapping> - <filter-name> PassThroughRequestFilter </filter-name> - <url-pattern> /acl </url-pattern> - <url-pattern> /jobsScheduler </url-pattern> - <url-pattern> /ug </url-pattern> - <url-pattern> /server </url-pattern> - <url-pattern> /log </url-pattern> - <url-pattern> /ocsp </url-pattern> - - <url-pattern> /services </url-pattern> - - <url-pattern> /start </url-pattern> - </filter-mapping> - - <filter-mapping> <filter-name> AgentRequestFilter </filter-name> <url-pattern> /agent/* </url-pattern> </filter-mapping> @@ -518,6 +499,12 @@ <filter-name> AdminRequestFilter </filter-name> <url-pattern> /admin/* </url-pattern> <url-pattern> /auths </url-pattern> + <url-pattern> /ug </url-pattern> + <url-pattern> /log </url-pattern> + <url-pattern> /jobsScheduler </url-pattern> + <url-pattern> /acl </url-pattern> + <url-pattern> /server </url-pattern> + <url-pattern> /ocsp </url-pattern> </filter-mapping> <filter-mapping> diff --git a/pki/base/tks/shared/webapps/tks/WEB-INF/web.xml b/pki/base/tks/shared/webapps/tks/WEB-INF/web.xml index 82f5c347..405489b4 100644 --- a/pki/base/tks/shared/webapps/tks/WEB-INF/web.xml +++ b/pki/base/tks/shared/webapps/tks/WEB-INF/web.xml @@ -8,11 +8,6 @@ <web-app> <filter> - <filter-name>PassThroughRequestFilter</filter-name> - <filter-class>com.netscape.cms.servlet.filter.PassThroughRequestFilter</filter-class> - </filter> - - <filter> <filter-name>AgentRequestFilter</filter-name> <filter-class>com.netscape.cms.servlet.filter.AgentRequestFilter</filter-class> <init-param> @@ -366,31 +361,22 @@ [PKI_OPEN_SEPARATE_PORTS_WEB_COMMENT] <filter-mapping> - <filter-name> PassThroughRequestFilter </filter-name> - <url-pattern> /ug </url-pattern> - <url-pattern> /log </url-pattern> - <url-pattern> /jobsScheduler </url-pattern> - <url-pattern> /acl </url-pattern> - <url-pattern> /server </url-pattern> - - <url-pattern> /services </url-pattern> - - <url-pattern> /start </url-pattern> - </filter-mapping> - - <filter-mapping> <filter-name> AgentRequestFilter </filter-name> <url-pattern> /agent/* </url-pattern> </filter-mapping> <filter-mapping> - <filter-mapping> <filter-name> AdminRequestFilter </filter-name> <url-pattern> /admin/* </url-pattern> <url-pattern> /auths </url-pattern> + <url-pattern> /ug </url-pattern> + <url-pattern> /log </url-pattern> + <url-pattern> /jobsScheduler </url-pattern> + <url-pattern> /acl </url-pattern> + <url-pattern> /server </url-pattern> </filter-mapping> - <filter-name> EERequestFilter </filter-name> + <filter-name> EERequestFilter </filter-name> <url-pattern> /ee/* </url-pattern> </filter-mapping> [PKI_CLOSE_SEPARATE_PORTS_WEB_COMMENT] |