Opened 14 months ago

Closed 6 months ago

#2828 closed defect (fixed)

Java configuration not functional after Tomcat 9 upgrade

Reported by: jng Owned by: jng
Priority: high Milestone: 4.0
Component: Installer Version:
Severity: blocker Keywords:
Cc: External ID:


Tomcat 9 introduced some configuration changes (to address the Ghostcat vulnerability) that makes the Java MapGuide API/viewer not functional.

  • The AJP <Connector> node in server.xml is commented out. It needs to be uncommented
    • The commented node also specifies to listen on ::1. Change this to
    • The AJP connector in Tomcat 9 requires a shared secret between it and the mod_jk worker. Set this value through the secret attribute of the connector node
<Connector ... secret="mapguide4java" />
  • Add and change the following lines in to set the shared secret

This is the final blocker to be cleared for the preview 2 release.

Change History (3)

comment:1 Changed 14 months ago by jng

The easiest way to tackle this is to check in copies of and server.xml into Installer/Support with these changes, and overlay these files into the extracted Tomcat dir as part of the prepare action of Installer/build.bat

comment:2 Changed 14 months ago by jng

As of preview 2, Java support now works on Windows but is still broken on Linux (Tomcat always returns http 403 on any .jsp request). We need external assistance on knowing what proper configurations we need to apply on the Linux side for Java support to work again.

comment:3 Changed 6 months ago by jng

Resolution: fixed
Status: assignedclosed

The issue was 2 tomcat.conf files being created, one with the required secret and one without. The one without the secret was being used. The issue was fixed by the install script writing out the tomcat.conf with the required secret to the correct path.

Note: See TracTickets for help on using tickets.