tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier (tomcat)>
Subject Re: encodeURL, jsessionid and mod_rewrite ?
Date Wed, 04 Oct 2017 07:53:24 GMT
On 04.10.2017 02:44, Christopher Schultz wrote:
> Hash: SHA256
> Laurant,
> On 10/3/17 5:17 PM, Laurent Perez wrote:
>> I'm using apache+mod_proxy+mod_rewrite as a tomcat frontend. A
>> "foo" war is deployed at /foo context path under tomcat. The /foo
>> path is not public, apache has a rewrite rule defined as : /bar/*
>> rewrites internally to /foo/*.
>> I'm using jstl and its <c:url value="page.jsp"> for every url in my
>> jsps to gain the ;jsessionid from encodeURL whenever jsessionid
>> cookie is not yet set (1st requests)
>> Now my question is : the <c:url> results in a
>> "/foo/page.jsp;jsessionid=..." I want the result instead as
>> /bar/pages.jsp;jsessionid=....
>> Should I go straight for a HttpServletResponseWrapper replacing
>> every /foo/ with /bar/ or is there a more elegant way ? If the
>> apache rewrite rule is modified - say, to /barv2/, is it ok to use
>> mod_headers to pass the original path instead of hardcoding /bar/
>> ?
> You are going down a path that will produce endless problems, hacks,
> and ugly solutions to those problems. It will be much easier for you
> to simply re-name your application from "foo" to "bar" and not worry
> about any of this rewriting foolishness.
> - -chris

I can only agree 100% with what Chris is saying above.
The fact that you /can/ do these things at the front-end proxy level, does not mean that 
it is a good idea to do it.  There are probably cases when you can *really* not do 
otherwise, and that's why these mechanisms are there.
But doing this, brings endless other practical inconvenients, extra work, confusion, 
documentation issues, understanding issues 6 months later, support issues, etc.
So, in a nutshell : don't do it.

P.S. The annoying bit about recommendations such as the above, is that if you follow them,

you will not even know how much work and hassle you have saved to yourself, and
1) you will not even feel thankful
2) we won't have the satisfaction of saying later : "well, we told you so"

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message