Opened 4 years ago
Closed 3 years ago
#2828 closed defect (fixed)
Java configuration not functional after Tomcat 9 upgrade
| Reported by: | jng | Owned by: | jng |
|---|---|---|---|
| Priority: | high | Milestone: | 4.0 |
| Component: | Installer | Version: | |
| Severity: | blocker | Keywords: | |
| Cc: | External ID: |
Description
Tomcat 9 introduced some configuration changes (to address the Ghostcat vulnerability) that makes the Java MapGuide API/viewer not functional.
- The AJP
<Connector>node inserver.xmlis commented out. It needs to be uncommented- The commented node also specifies to listen on
::1. Change this to127.0.0.1 - The AJP connector in Tomcat 9 requires a shared secret between it and the mod_jk worker. Set this value through the
secretattribute of the connector node
- The commented node also specifies to listen on
<Connector ... secret="mapguide4java" />
- Add and change the following lines in
worker.propertiesto set the shared secret
worker.worker1.host=127.0.0.1 worker.worker1.secret=mapguide4java
This is the final blocker to be cleared for the preview 2 release.
Change History (3)
comment:1 by , 4 years ago
comment:2 by , 4 years ago
As of preview 2, Java support now works on Windows but is still broken on Linux (Tomcat always returns http 403 on any .jsp request). We need external assistance on knowing what proper configurations we need to apply on the Linux side for Java support to work again.
comment:3 by , 3 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
The issue was 2 tomcat.conf files being created, one with the required secret and one without. The one without the secret was being used. The issue was fixed by the install script writing out the tomcat.conf with the required secret to the correct path.
The easiest way to tackle this is to check in copies of
worker.propertiesandserver.xmlintoInstaller/Supportwith these changes, and overlay these files into the extracted Tomcat dir as part of theprepareaction ofInstaller/build.bat