Tomcat 7 - JSESSIONID cookie is not accessible from JavaScript code - session-cookies

Does anyone know what changed in the configuration between Tomcat 6 and Tomcat 7 that would cause the JSESSIONID cookie to not be accessible via JavaScript?
Using Tomcat 6:
alert(document.cookie); // JSESSIONID=8675309ABCDEF...
Using Tomcat 7:
alert(document.cookie); // nothing

Okay, I found the answer. The useHttpOnly attribute was set to false by default in Tomcat 6, and is true in Tomcat 7. This attribute is set for the <Context> container.
<Context useHttpOnly="false" [...] />
For more information about updating from Tomcat 6 to 7: Migrating from 6.0.x to 7.0.x
I'm not sure why I didn't see that in the docs before, but I've verified that setting this to false does in fact cause Tomcat 7 to revert to the Tomcat 6 behavior.

Related

Spring Security in Grails redirects to IP after login

I am running a Grails 2.4.2 app in a Tomcat 7 for ubuntu.
I have the problem that after login, page is redirected to IP.
Before login
www.app.com/login
After login
104.21.22.23/login
I tried to configure grails.serverURL but that did not make any difference. My current value for grails.serverURL is "www.app.com"
in answer, I am considering you are using grails 2.4.2
In your BuildConfig.groovy file add following:
grails.plugin.springsecurity.successHandler.alwaysUseDefault = true
grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/YOUR_APP__URL'
above will work with latest version of grails also.
You can check all options here

Grails 3 app is 404 in JBoss EAP 6

If I create a new web profile app, and generate-all, it runs fine in my local and deploys without error to JBoss. But when I try to access the app all URLs return 404. I know the app started up successfully, because it created tables in the database.
Here's what I'm doing.
grails 3.1.4> create-app demo
create-domain-class Book
create-domain-class Author
Edit domain classes
generate-all *
change tomcat dependency from compile to provided in build.gradle
change dataSource in application.yml to use my JNDI Oracle connection
Add server: contextPath: /demo to application.yml
run-app -> Works
gradle war
Deploy to JBoss EAP 6.4.0.GA
JBoss says deployment and activation of the app was successful. There are no errors of any sort in any JBoss log file. And dbCreate: update made the DDL changes to my Oracle database, so I know it got that far. But all URLs for the app return 404.
This is a known bug: Issue-9481
It has been added to grails 3.1.5 milestone.

How to enable Grails 3.x auto-reload?

I am unable to get auto-reloading working on newly created controllers. My application starts correctly but whenever i do grails create-controller <controller-name> the controller is created and i see that the new controller is compiled.
When i try to access the newly generated controller I always get a "Page not Found (404)". After restarting the Grails application, the newly created controller works correctly.
I am using Grails 3.0.1 on OSX Yosimite and Java 1.8.0_31-b13. Any clue on how to fix this?
I am starting the application using the following combinations:
grails run-app
grails -reloading run-app
grails run-app -reloading
None of these worked reloading the new created controller
Grails introduced what I'd consider a bug in version 2.4.4 and still present in at least 3.0.4, where automatic reloading doesn't work if you have space anywhere in the file's (in this case the controller's) path.
See this post for more details.
what worked for grails 2.x must be working for 3.x as well.
Try below command, setting this to false must allow reloading.
grails -Ddisable.auto.recompile=false run-app

Grails 2 forked mode doesn't deploy my app

I'm trying to use Grails new forked mode. I enabled it in BuildConfig.groovy file using
grails.project.fork.run = true
and now the tomcat server starts in "detached mode" as expected, but my application is not deployed.
I also configured an external directory where I put the war of my application, like this:
grails.project.autodeploy.dir = "../mywar"
but nothing changed.
Is there anything else I should do to configure forked mode?

Running jRuby + Rails inside of Tomcat

I am currently using a platform where multiple web applications must interact with each other in a frameset. This set of web applications and the frameset is hosted on Tomcat.
Now the application we're working on is developed with jRuby and Rails. Is there anyway I can run my development environment inside of Tomcat similar to just running the jRuby -S Rails Server command so I can effectively debug?
The only way I've found is to generate a war using warble and then modifying the exploded war which seems really hacky. Any thoughts?
EDIT: I think my best bet is to generate a war, gut it, use symbolic links and figure out what gems / libs I need to copy from the war generation process. It's the best way I can think of.
one option to explore: deploy a little servlet to Tomcat which returns
HTTP/1.1 301 Moved Permanently
Location: http://localhost:3000
So far the best solution I have found is to setup a reverse proxy with Tomcat and point it to the Rails development server. This allows it to run, as expected on the client side, while still giving me debug control.
When I get a chance to do some more testing I'll edit my answer to include additional information.
go to the webapps folder in tomcat where you have deployed the war file, then find the web.xml file inside the expanded war file
The path to this file is generally /var/lib/tomcat7/webapps/your-project-here/WEB-INF/web.xml and inside this file you should find the
Changing this is one way to go about.
<context-param>
<param-name>rails.env</param-name>
<param-value>production</param-value>
</context-param>

Resources