Feeds:
Posts
Comments

Archive for the ‘Application Server’ Category

I have been working with wicket for the last one year. It is one of the best web frameworks. In our organization, we are using Oracle Application Sever (OAS) to deploy our applications. We were using OAS 9.0.4.3 and we had no issues with wicket. Recently we upgraded our OAS to 10.1.2.0.2 and then issues started to appear one after the other.

The first issue that we were facing was with securing the application. We are using Oracle LDAP as our user manager for Authorization and Oracle SSO (Single Sign On) for authentication. The authentication and authorization are working fine if the URL used to access the application is not terminated by a slash “/”. Users are asked to login and only authorized user can access the application. However authentication and authorization are bypassed when the URL used to access the application is terminated with a slash “/”. Users are not even asked to login to the system to access the application.

After debugging and investigating, we noticed that if we use wicket servlet to load our application instead of wicket filter, then the security issue is resolved. However that brought up another issue that is there even in OAS 9.0.4.

The second issue is that, when using wicket servlet, the context which is specified in the servlet mapping in web.xml is omitted by OAS. The same problem was reported in wicket forum [1] and [2]. The context was omitted while sending the response back to the client only and not while sending the request to the server. The reason for this behavior is still ambiguous but we have developed a workaround for the issue. We have implemented a filter that adds the omitted context to the response. Here is our sample filter code

package com.datel.sample.webapplication;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;

public class ContextFilter implements Filter{

	private FilterConfig config;

	//Used to store the servlet mapping URL that is defined in the web.xml
	private String servletMappingContext;

	public void destroy() {
		config = null;
		servletMappingContext = null;
	}

	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		HttpServletRequest httpRequest = (HttpServletRequest)request;
		HttpServletResponse httpResponse = (HttpServletResponse)response;

		if(servletMappingContext == null || servletMappingContext.length()==0)
		{
			//The getRequestURI returns the full context i.e. /sampleWicket/app/
			setServletMappingContext(httpRequest.getRequestURI());
		}

		myServletResponse newResponse = new myServletResponse(httpResponse);
		chain.doFilter(request, newResponse);
	}

	private void setServletMappingContext(String requestURI) {
		//1. remove last / if it exists
		if (requestURI.endsWith("/"))
			requestURI = requestURI.substring(0, requestURI.length()-1);

		//2. get only the servlet mapping defined in web.xml i.e /app
		requestURI = requestURI.substring(requestURI.lastIndexOf("/"));

		//3. remove the prefixed /
		requestURI = requestURI.substring(1);

		//4. append the / at the end
		servletMappingContext = requestURI+="/";
	}

	public void init(FilterConfig config) throws ServletException {
		this.config = config;
	}

	class myServletResponse extends HttpServletResponseWrapper
	{
		public myServletResponse(HttpServletResponse arg0) {
			super(arg0);
		}
		public void sendRedirect(String arg0) throws IOException {
			// Add the context to the query string
			super.sendRedirect(servletMappingContext+arg0);
		}
	}
}

 

In the web.xml you need to add the filter:

 
<filter>        
     <filter-name>contextFilter</filter-name>
     <filter-class>com.datel.sample.webapplication.ContextFilter</filter-class>
</filter>
<filter-mapping>        
     <filter-name>contextFilter</filter-name>       
     <url-pattern>/*</url-pattern>
</filter-mapping>  

Please note that this filter will always add the context to the query string and thus it will only work with Application servers that omit the context. It will not work with Tomcat for example. This is because in the response we don’t have handle to the full URL. We have a handle only to the query string.

Due to that we have reported the first issue, Securing Web Applications, to Oracle Support. Oracle was able to reproduce the problem and they agreed to file it as a bug and they suggested to download the latest patchset 5983622 Oracle Fusion Middleware to resolve the problem. We have done so and our application is now secured without the need to go for wicket servlet. We were using Wicket 1.3.4.

[1] http://www.nabble.com/wicket-servlet-mapping-to-subdirectory-td18012945.html#a18012945
[1] http://www.nabble.com/Wicket-cannot-work-on-OC4J-(ias-10g)–td16738242.html#a16744020

Read Full Post »

One of the days at work, we had some requirements to deploy a java web application in an OC4J container (Oracle Container for Java). We are using MyEclipse as our development tool. We had easily integrated it with Tomcat for all the previous deployments. So, we thought it is going to be a cake walk. Not a big deal. Unfortunately it took us a day to figure out how to do it. Here are the steps to integrate MyEclipse with the OC4J container:

  • Install OC4J
    • Download the oc4j container
    • Unzip it to some directory e.g. c:\oc4j
    • Set the JAVA_HOME environment variable to your java directory
    • Set the ORACLE_HOME environment variable to where you unzipped the oc4j i.e c:\oc4j
    • Start the oc4j container by running the oc4j batch file located in c:\oc4j\bin from the command prompt
      c:\oc4j\bin\oc4j -start
    • It will prompt for the admin password. Set the password. You would need to remember it for later
    • Stop the oc4j either by pressing CRTL+C or just close the window
  • Integrate OC4J with MyEclipse
    • In the menu bar of MyEclipse go to Windows → Preferences → MyEclipse → Application Servers
    • Click on Oracle AS
    • Set Oracle AS to Enable
    • Set Oracle AS Home Directory to c:\oc4j\j2ee\home
    • Provide the Administration Password that you have just configured
    • Click ok
    • Start the Oracle AS to ensure that it has been configured properly
  • Deploy your web application in OC4J

    Assuming that you already have a web project that you need to deploy, you would need to create an Enterprise Application Project. This is because you can only deploy ear files in OC4J container and not war files

    • Create new Project File → New → Project
    • MyEclipse → J2EE Projects → Enterprise Application Project
    • Add your web project as a module to the Enterprise Application Project before deployment you would need to change the server.xml that is located at c:\oc4j\j2ee\home\config.
    • <application-server application-directory="../applications"
      deployment-directory="../application-deployments"
      connector-directory="../connectors"
      application-auto-deploy-directory="../application-autodeploy"
      check-for-updates="true">
      
    • In MyEclipse, click on the Deploy button to bring up deployment dialog.
    • Choose the Enterprise Application’s project from the selection box, Click Add button, choose Oracle AS as the server, choose Packaged Archive and click Deploy.
    • If you want to change the deployment mode to Exploded Mode, shutdown the OC4J.
    • Go to deployment dialog, choose the same project in the list of deployments below the project selection box. Click on Remove. Now repeat deployment with only one exception.
    • Instead of choosing Packaged Deployment, choose Exploded Deployment option.
    • Start OC4J as usual, now it’ll have a fully hot deployable application.

Just to note that the version we are using are MyEclipse 5.1.0 and OC4J 10.1.3.3.

For more information, you can check http://www.myeclipseide.org/

Read Full Post »

Follow

Get every new post delivered to your Inbox.