How to rewrite URL to hidden URL with parameter - tomcat6

I want to use urlrewritefilter to have customer name and language in URL and pass them as parameter to a hidden url. So that the site will open customized. Everything which comes after the language slash should be pass to the hidden url
http://www.x.com/customer1/en/
rewrite to hidden url. customer should not see the following URL which should be called.
http://www.x.com/myapp/
and add following parameters
language=en
customerID=3
I am trying this rule but get always 404 http status error
<rule match-type="regex">
<from>^/customer1/en/([A-Za-z0-9\._/]+)$</from>
<set name="customerID">3</set>
<set name="language">en</set>
<to type="forward">/myapp/$1</to>
</rule>

I assume you have one webapp with context-root = "/" (no cross-context).
Maybe you should activate the logs if it's not done, and see if your rule is called and matched.
You can activate log for urlrewritefilter in the filter config (see http://urlrewritefilter.googlecode.com/svn/trunk/src/doc/manual/4.0/index.html#filterparams).
<filter>
<filter-name>UrlRewriteFilter</filter-name>
<filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
<!-- sets up log level (will be logged to context log)
can be: slf4j, TRACE, DEBUG, INFO (default), WARN, ERROR, FATAL,
sysout:{level} (ie, sysout:DEBUG)
if you are having trouble using normal levels use sysout:DEBUG
(default WARN) -->
<init-param>
<param-name>logLevel</param-name>
<param-value>DEBUG</param-value>
</init-param>
</filter>
You must also add the dependencies for the logging, like slf4j-api, slf4j-log4j12, log4j-1.2.

Related

ADB2C Custom policy user journey - override the content definition of each orchestration step

I have a custom policy which I am setting up which is based 2 steps in the user journey
Sign in signup unified
Self assert page.
In my RP file, I have specified ContentDefinitions for each 'type' of page so I can override these with my own. From my understanding, as the RP file is the last one point in the hierarchy, it will override always.
What I am finding is that it works for step 1, but step 2 always seems to default to the standard Microsoft page.
e.g. RP file.
<ContentDefinitions>
<!--For step 1-->
<ContentDefinition Id="api.signuporsignin">
<LoadUri>https://MYURL/custom_step1.html</LoadUri>
<RecoveryUri>~/common/default_page_error.html</RecoveryUri>
<DataUri>urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:1.2.0</DataUri>
<Metadata>
<Item Key="DisplayName">Signin</Item>
</Metadata>
</ContentDefinition>
<!--For step 2-->
<ContentDefinition Id="api.selfasserted">
<LoadUri>https://MYURL/custom_step2.html</LoadUri>
<RecoveryUri>~/common/default_page_error.html</RecoveryUri>
<DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0</DataUri>
<Metadata>
<Item Key="DisplayName">Collect information from user page</Item>
</Metadata>
</ContentDefinition>
</ContentDefinitions>
Ive seen on my UserJourney that Step 1 also seems to define a ContentDefinition (a default I guess?) but specifying my own one on each step didn't seem to have any effect either.
<OrchestrationStep Order="1" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
Suggestions appreciated!

DNN friendly URL module is not able to rewrite the url correctly

In DNN 8, I have 3 (three) different portals, all with the same IA (pages & content). Example: portal1.site.com, portal2.site.com, portal3.site.com.
Using SiteUrl.config, I want to re-write the URL so that a vanity URL that doesn't exist redirects to the correct page. After further investigation, I realized that siteurl.config uses URLs in relative basis. It's not able to comprehend what portal you're coming from.
<RewriterRule>
<LookFor>[^?]*/plan/speakers/.*-(.*)</LookFor>
<SendTo>~/Default.aspx?TabId=180&SpeakerId=$1</SendTo>
</RewriterRule>
<RewriterRule>
<LookFor>[^?]*/plan/speakers/.*-(.*)</LookFor>
<SendTo>~/Default.aspx?TabId=144&SpeakerId=$1</SendTo>
</RewriterRule>
<RewriterRule>
<LookFor>[^?]*/plan/speakers/.*-(.*)</LookFor>
<SendTo>~/Default.aspx?TabId=264&SpeakerId=$1</SendTo>
</RewriterRule>
If a user wants to go to portal1.site.com/plan/speakers/mike, portal2.site.com/plan/speakers/mike, or portal3.site.com/plan/speakers/mike, they all redirect to tabid 180 (which works only for the second portal).
I was able to implement a workaround.
1. you want to mask a new url using IIS rewrite in the web.config.
<rule name="Redirect to plan" enabled="true" stopProcessing="true">
<match url="^plan/speakers/([_0-9a-z-]+)-([0-9]+)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true">
<add input="{HTTP_HOST}" pattern="^(.*).domain.*" />
</conditions>
<action type="Rewrite" url="/{C:1}/{R:0}" />
</rule>
This will re-write your url to something like this: portal1/plans, portal2/plans, etc.
Then, you want to edit your siteurl.config to account for these re-writes.
<RewriterRule>
<LookFor>[^?]*/portal1/plan/speakers/.*-(.*)</LookFor>
<SendTo>~/Default.aspx?TabId=180&SpeakerId=$1</SendTo>
</RewriterRule>
<RewriterRule>
<LookFor>[^?]*/portal2/plan/speakers/.*-(.*)</LookFor>
<SendTo>~/Default.aspx?TabId=144&SpeakerId=$1</SendTo>
</RewriterRule>
<RewriterRule>
<LookFor>[^?]*/portal3/plan/speakers/.*-(.*)</LookFor>
<SendTo>~/Default.aspx?TabId=264&SpeakerId=$1</SendTo>
</RewriterRule>
P.S. Make sure too add these urls to the list of to-ignore in your advanced url settings.
I would have done this by adding Records to the TabURLS table for each page. If you modify a Page, using the page settings, you can modify the URL of the page. Try that. Look at the records in the table for that page.
select * from taburls where tabid = ##
Then change the URL back to the original URL
select * from taburls where tabid = ##
See if it adds a new record there. If so, then just copy the format of that "row" in the table for any additional records you need to create.
You might also check out this codeplex project

Logging the SOAP message through ValidationEventHandler

Here's the thing:
I am trying to set up a schema validation through cxf with a custom validation event handler.
My configuration looks something like this:
<cxf:cxfEndpoint id="personEndpoint" address="/person"
serviceClass="org.apache.servicemix.samples.wsdl_first.Person"
wsdlURL="wsdl/person.wsdl">
<cxf:properties>
<entry key="schema-validation-enabled" value="true" />
<entry key="jaxb-validation-event-handler">
<bean class="org.dpytel.servicemix.camel.MyCustomHandler" />
</entry>
</cxf:properties>
</cxf:cxfEndpoint>
This is working fine - the schema validation is checked and when errors are encountered, "MyCustomHandler" gets executed.
My problem is that I want to save the whole message that caused the validation error to a file, but inside "MyCustomHandler" I don't have this information available (only some error message and the location)
Is there some other way to validate schema with cxf and log the message if something goes wrong?
You can use CXF Fault Interceptor to access the message content while validation exception will cause a fault:
http://fusesource.com/docs/esb/4.4.1/cxf_interceptors/CXFInterceptorImplMessage.html

Spring Security 3.1 ActiveDirectoryLdapAuthenticationProvider returning partial result exception

I am trying to authenticate users to an Active Directory Instance using spring security, I am getting an Partial Results Exception. I am going around in circles trying to figure this out. Below is my config.
security-app-context
<authentication-manager erase-credentials="true">
<authentication-provider>
<user-service>
<user name="admin#damien.com" authorities="ROLE_ADMINISTRATOR" password="123admin123" />
</user-service>
</authentication-provider>
<authentication-provider ref="ldapActiveDirectoryAuthProvider"/>
</authentication-manager>
<bean id="ldapActiveDirectoryAuthProvider"
class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">
<constructor-arg value="myDomain.com" />
<constructor-arg value="ldap://ldapurl:389/" />
<property name="convertSubErrorCodesToExceptions" value="true"/>
</bean>
Error I am getting
org.springframework.dao.IncorrectResultSizeDataAccessException: Incorrect result size: expected 1, actual 0 org.springframework.security.ldap.SpringSecurityLdapTemplate.searchForSingleEntryInternal(SpringSecurityLdapTemplate.java:239)
I am struggling to find examples and the documentation indicates I am working in the right direction.
This is from the logs
SpringSecurityLdapTemplate.java 213 - Searching for entry under DN '', base = 'dc=myDomain,dc=com', filter = '(&(objectClass=user)(userPrincipalName={0}))'
and this is what I would expect that to look like on a successful attempt from some scripts that work
Searching for entry under DN 'OU=Users and Groups,DC=one,DC=two,DC=myDomain,DC=com', base = 'OU=Users and Groups,DC=one,DC=two,DC=myDomain,DC=com', filter = '(&(objectClass=user)(userPrincipalName={0}))'
Do I need to get the DN populated? How? I have looked through the ActiveDirectoryLdapAuthenticationProvider properties and don't see a way? Also the base is off but myDomain.com is the correct domain for users e.g john.doe#myDomain.com. Has anyone come across a similar problem?
To solve this I used the default LDAP provider which enables user search base to be specified, specifying the user search base and user search filter.
<ldap-authentication-provider
user-search-base="OU=Users and Groups,DC=abc,DC=myDomain,DC=com"
user-search-filter="userPrincipalName={0}" />
A user would then be logging in with john.doe#myDomain.com but the usersearch base is more specific(abc.myDomain.com). I believe AD Spring was falling down due to this.

Restricting IP addresses for Jetty and Solr

I'm setting up Solr using Jetty. I would like to restrict access to only a few IP addresses. It doesn't seem immediately obvious that this can be done using Jetty. Is it possible and if so, how?
Solr 4.2.1 uses Jetty 8.1.8. Jetty 8 (as noted by jonas789) doesn't support .htaccess. Instead, it uses IPAccessHandler, which doesn't have great documentation available. I had to play with it quite a bit to get it work, so I'm posting an updated solution here.
IPAccessHandler manages a blacklist and a whitelist, accepts arbitrary ranges of IPs, and supports attaching specific URI paths to each white/black -list entry. IPAccessHandler also subclasses HandlerWrapper, which turns out to be important.
The solr app still lives in a WebAppContext (as in Lyndsay's solution), but a WebAppContext is now governed by a ContextHandler, which resides in a ContextHandlerCollection occupying the first handler slot in the server. To stop requests from the wrong IP from getting to the app, we need to wrap it inside an IPAccessHandler somewhere along that path. IPAccessHandler behaves oddly if it's in the wrong spot: I tried inserting it before the context handlers and it gave 403 Forbidden to the wrong machines, threw NullPointerException tantrums with no additional error messages, all sorts of nonsense. I finally got it to work by wrapping the ContextHandlerCollection itself, at the server level.
Go to etc/jetty.xml and scroll to the handlers section. Then wrap the existing ContextHandlerCollection item as follows:
<!-- =========================================================== -->
<!-- Set handler Collection Structure -->
<!-- =========================================================== -->
<Set name="handler">
<New id="Handlers" class="org.eclipse.jetty.server.handler.HandlerCollection">
<Set name="handlers">
<Array type="org.eclipse.jetty.server.Handler">
<Item>
<!-- here begins the new stuff -->
<New class="org.eclipse.jetty.server.handler.IPAccessHandler">
<Call name="addWhite">
<Arg>xxx.xxx.xxx.xxx</Arg>
</Call>
<Set name="handler">
<!-- here's where you put what was there before: -->
<New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection"/>
</Set>
</New>
<!-- here ends the new stuff -->
</Item>
<Item>
<New id="DefaultHandler" class="org.eclipse.jetty.server.handler.DefaultHandler"/>
</Item>
<Item>
<New id="RequestLog" class="org.eclipse.jetty.server.handler.RequestLogHandler"/>
</Item>
</Array>
</Set>
</New>
</Set>
Resources:
http://comments.gmane.org/gmane.comp.java.jetty.support/6066
http://wiki.eclipse.org/Jetty#Configuration_Reference
http://wiki.eclipse.org/Jetty/Reference/jetty.xml_syntax
http://download.eclipse.org/jetty/stable-8/apidocs/org/eclipse/jetty/server/handler/IPAccessHandler.html
I found the solution.
Firstly, extract the contents of solr.war in the example/webapps folder.
Then create a file called .htaccess and place it in the example/webapps/solr folder (the one you just extracted) containing the following:
<Limit>
satisfy all
order deny,allow
deny from all
allow from xxx.xxx.xxx.xxx
</Limit>
In example/etc/ edit the jetty.xml file and comment out the org.mortbay.jetty.deployer.WebAppDeployer part. Then finally create a folder in example/ called contexts (if one does not yet exist) and add a file called solr.xml to it containing:
<Configure id="solr" class="org.mortbay.jetty.webapp.WebAppContext">
<Set name="resourceBase"><SystemProperty name="jetty.home" default="."/>/webapps/solr</Set>
<Set name="contextPath">/solr</Set>
<Call name="setSecurityHandler">
<Arg>
<New class="org.mortbay.jetty.security.HTAccessHandler">
<Set name="protegee">
<Ref id="solr"/>
</Set>
</New>
</Arg>
</Call>
</Configure>
Then start up your new secure solr!

Resources