-
1. Re: Issues with Post Parameters in Tomcat5
Here is my servlet code
public class SSOFederationServer extends HttpServlet { private static final String partner = "partner"; private static final String token = "token"; private static final String target = "target"; public void doPost(HttpServletRequest request,HttpServletResponse response) throws ServletException,IOException { System.out.println("doPost was called......"); this.doGet(request,response); } public void doGet(HttpServletRequest request,HttpServletResponse response) throws ServletException,IOException { System.out.println("doGet was called......"); System.out.println("----------------------------------"); System.out.println("Partner="+request.getParameter(SSOFederationServer.partner)); System.out.println("Token="+request.getParameter(SSOFederationServer.token)); System.out.println("Token(Cookie)="+this.getToken(request)); System.out.println("Target="+request.getParameter(SSOFederationServer.target)); System.out.println("----------------------------------"); String partner = request.getParameter(SSOFederationServer.partner); //federation server of the cross-domain site if(partner==null || partner.trim().length()==0) { //this is an RP request to process (relying party needs to process the cookie) //from a party that has already asserted the identity of the user String target = request.getParameter(SSOFederationServer.target); String token = request.getParameter(SSOFederationServer.token); //create the same cookie from the domain that the user is coming from into my domain if(token!=null && token.trim().length()>0) { Cookie rpCookie = new Cookie(SSOFederationServer.token,token); String domain = this.getDomain(target); if(domain!=null && domain.trim().length()>0) { rpCookie.setDomain(domain); } rpCookie.setPath("/"); //make this a top-level cookie response.addCookie(rpCookie); } response.sendRedirect(target); } else { //this is the asserting party, need to extract the token from this domain and forward to //the relying party federatioon server, the token will be transported to that domain String target = request.getParameter(SSOFederationServer.target); //resource in that domain being accessed String token = this.getToken(request); //create the url to re-direct to String url = partner + "?target=" + URLEncoder.encode(target); if(token!=null && token.trim().length()>0) { url += "&token=" + URLEncoder.encode(token); } response.sendRedirect(url); } } private String getDomain(String target) { String domain = null; if(target.indexOf(".com")!=-1) { domain = ".jboss.com"; } else if(target.indexOf(".org")!=-1) { domain = ".jboss.org"; } return domain; } private String getToken(HttpServletRequest request) { String token = null; Cookie[] cookies = request.getCookies(); if(cookies!=null) { for(int i=0;i<cookies.length;i++) { if(cookies.getName().equals(SSOFederationServer.token)) { token = cookies.getValue(); break; } } } return token; } }
and here is my JSP that has the form which submits form data to this servlet<%@page contentType="text/html" language="java"%> <html> <head><title>JBoss SSO Demo Application</title></head> <body> <%=(String)request.getAttribute("message")%>(<%=request.getServerName()%>)<br/> <form name="form1" ACTION="/sso-federation" METHOD="post"> <input type="hidden" name="partner" value="<%=(String)request.getAttribute("partner")%>"/><br/> <input type="hidden" name="target" value="<%=(String)request.getAttribute("target")%>"/><br/> <input type="submit"/> </form> </body> </html>
Only the doGet method of my servlet gets called. doPost never gets called even though form method is set to Post.
The parameters partner and target are always null, when form method=post. If I make method=get, it works fine.
This is happening on Tomcat5.x (Tomcat5.0.8 and Tomcat5.5.12- standalone as well as Tomcat5 bundled with JBoss-4.0.3-SP1)
Everything works fine under Tomcat4.1.31.
OS- Windows XP Professional
JDK - Tried both 1.5.0_3 and 1.4.2_8
Thanks
Sohil -
2. Re: Issues with Post Parameters in Tomcat5
The following code works on Tomcat5
<form name="crossLink1" action="http://fed.jboss.org/sso-federation/" method="post">
as opposed to<form name="crossLink1" action="http://fed.jboss.org/sso-federation" method="post">
Notice the difference between the value of action- a leading '/' is needed.
Is that a tomcat5 bug? -
3. Re: Issues with Post Parameters in Tomcat5
I've added '/' to my problem (http://jboss.org/index.html?module=bb&op=viewtopic&t=72397), but with no effect.
Any ideas? -
4. Re: Issues with Post Parameters in Tomcat5
What happens if you print out request.getMethod();
E.g.
System.out.println("Method="+request.getMethod()); -
5. Re: Issues with Post Parameters in Tomcat5
I did 3 tests:
1.)
Inside portlet code:protected void onSubmitAction(ActionRequest request, ActionResponse response) throws Exception { response.sendRedirect("/portal/auth/enportal/"); }
Results in
Username: null
Method: GET
2.)
From the form post (action="/portal/auth/enlogin/" method="post")
Username: null
Method: POST
3.)
From the form get (action="/portal/auth/enlogin/" method="get")
Username:
Method: GET
How come I get username and password inside portlet code, but when I hit jsp page they are gone? Probably loosing parameters on response.sendRedirect() isn't expected behaviour?
Rgds, Ales -
-
7. Re: Issues with Post Parameters in Tomcat5
Looks like you are using response.sendRedirect in your portlet to get to your JSP page. If thats the case, your request parameters from the previous request will be lost, since redirect makes a round trip to the browser and comes back as a brand new request.
-
8. Re: Issues with Post Parameters in Tomcat5
Jim,
I did the request.getMethod().
for my method is "GET" when processed by the servlet
for my method is "POST" when processed by the servlet,
Again, the leading '/' makes the difference -
9. Re: Issues with Post Parameters in Tomcat5
"sohil.shah@jboss.com" wrote:
since redirect makes a round trip to the browser and comes back as a brand new request.
Yep.
- http://java.sun.com/products/servlet/2.2/javadoc/javax/servlet/http/HttpServletResponse.html#sendRedirect(java.lang.String)
Any ideas on how to redirect from one web app to another, holding the old request?
Hack it with session attributes?
Or will simple RequestDispatcher do? (http://java.sun.com/products/servlet/2.2/javadoc/javax/servlet/RequestDispatcher.html)
What is the scope of RequestDispatcher? To which resources can he get access to?
If I somehow mark inside my portlet that I would like to eventually forward my request and response to portals /auth context. And then when request is back in the portal scope use RequestDispatcher rd = request.getRequestDispatcher("/auth"), will this work? -
10. Re: Issues with Post Parameters in Tomcat5
If you are trying to redirect between two completely different web applications-
best option is to read the values of parameters in web application 1, construct a URL to the webapplication 2 with these values endoded as parameters, and then redirect to this URL.
1) Session sharing will not work since they are two separate web applications and don't know about each other's session.
2) RequestDispatching will not work cause you can only dispatch to resources that are within the context of your web application only -
11. Re: Issues with Post Parameters in Tomcat5
"sohil.shah@jboss.com" wrote:
Jim,
I did the request.getMethod().
for<form method="post" action="/myservlet">
my method is "GET" when processed by the servlet
for<form method="post" action="/myservlet/">
my method is "POST" when processed by the servlet,
Again, the leading '/' makes the difference -
12. Re: Issues with Post Parameters in Tomcat5
Sohil, thanx for the explanation.
In my case it is a bit diferent, since my app is constructed of portlets which reside inside JBossPortal. So all requests are directed to JBP, who then construct portal request (very much like servlet request - infact it extends HttpServletRequest), which is populated through portlets.
Having now a clear picture how things (sendRedirect, RD, ...) are working, it will be no problem for me to write what I want. -
13. Re: Issues with Post Parameters in Tomcat5
Can you use LiveHttpHeader plugin in Mozilla/Firefox to see the HTTP headers in action? I suspect with the lack of "/" at the end, there is a temporary http/302 happening, which is screwing up the post processing.
-
14. Re: Issues with Post Parameters in Tomcat5
You are right. the 302 does happen without the leading slash
Here is the header infohttp://localhost:8080/tomcat-issue POST /tomcat-issue HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en,fr;q=0.8,de;q=0.5,ar;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://localhost:8080/tomcat-issue/ Cookie: JSESSIONID=C56C8A2078EE2AAE8C6DEB94A3F5113D Content-Type: application/x-www-form-urlencoded Content-Length: 27 username=test&password=test HTTP/1.x 302 Moved Temporarily Server: Apache-Coyote/1.1 Location: http://localhost:8080/tomcat-issue/ Transfer-Encoding: chunked Date: Wed, 23 Nov 2005 20:48:02 GMT ---------------------------------------------------------- http://localhost:8080/tomcat-issue/ GET /tomcat-issue/ HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en,fr;q=0.8,de;q=0.5,ar;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://localhost:8080/tomcat-issue/ Cookie: JSESSIONID=C56C8A2078EE2AAE8C6DEB94A3F5113D HTTP/1.x 200 OK Server: Apache-Coyote/1.1 X-Powered-By: Servlet 2.4; JBoss-4.0.3RC1 (build: CVSTag=JBoss_4_0_3_RC1 date=200506260723)/Tomcat-5.5 Content-Type: text/html;charset=ISO-8859-1 Content-Length: 268 Date: Wed, 23 Nov 2005 20:48:02 GMT ---------------------------------------------------------- http://localhost:8080/favicon.ico GET /favicon.ico HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7 Accept: image/png,*/*;q=0.5 Accept-Language: en,fr;q=0.8,de;q=0.5,ar;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: JSESSIONID=C56C8A2078EE2AAE8C6DEB94A3F5113D HTTP/1.x 200 OK Server: Apache-Coyote/1.1 X-Powered-By: Servlet 2.4; JBoss-4.0.3RC1 (build: CVSTag=JBoss_4_0_3_RC1 date=200506260723)/Tomcat-5.5 Content-Length: 0 Date: Wed, 23 Nov 2005 20:48:02 GMT ----------------------------------------------------------
Here is the header info with the '/'http://localhost:8080/tomcat-issue/ POST /tomcat-issue/ HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en,fr;q=0.8,de;q=0.5,ar;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://localhost:8080/tomcat-issue/fixed Cookie: JSESSIONID=C56C8A2078EE2AAE8C6DEB94A3F5113D Content-Type: application/x-www-form-urlencoded Content-Length: 27 username=test&password=test HTTP/1.x 200 OK Server: Apache-Coyote/1.1 X-Powered-By: Servlet 2.4; JBoss-4.0.3RC1 (build: CVSTag=JBoss_4_0_3_RC1 date=200506260723)/Tomcat-5.5 Content-Type: text/html;charset=ISO-8859-1 Content-Length: 268 Date: Wed, 23 Nov 2005 20:49:55 GMT ---------------------------------------------------------- http://localhost:8080/favicon.ico GET /favicon.ico HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7 Accept: image/png,*/*;q=0.5 Accept-Language: en,fr;q=0.8,de;q=0.5,ar;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: JSESSIONID=C56C8A2078EE2AAE8C6DEB94A3F5113D HTTP/1.x 200 OK Server: Apache-Coyote/1.1 X-Powered-By: Servlet 2.4; JBoss-4.0.3RC1 (build: CVSTag=JBoss_4_0_3_RC1 date=200506260723)/Tomcat-5.5 Content-Length: 0 Date: Wed, 23 Nov 2005 20:49:55 GMT ----------------------------------------------------------
Do you know what is causing this? Or more importantly how can I fix this?