Opened 4 years ago

Closed 4 years ago

#2828 closed defect (fixed)

Java configuration not functional after Tomcat 9 upgrade

Reported by: jng Owned by: jng
Priority: high Milestone: 4.0
Component: Installer Version:
Severity: blocker Keywords:
Cc: External ID:

Description

Tomcat 9 introduced some configuration changes (to address the Ghostcat vulnerability) that makes the Java MapGuide API/viewer not functional.

  • The AJP <Connector> node in server.xml is commented out. It needs to be uncommented
    • The commented node also specifies to listen on ::1. Change this to 127.0.0.1
    • The AJP connector in Tomcat 9 requires a shared secret between it and the mod_jk worker. Set this value through the secret attribute of the connector node
<Connector ... secret="mapguide4java" />
  • Add and change the following lines in worker.properties to set the shared secret
worker.worker1.host=127.0.0.1
worker.worker1.secret=mapguide4java

This is the final blocker to be cleared for the preview 2 release.

Change History (3)

comment:1 by jng, 4 years ago

The easiest way to tackle this is to check in copies of worker.properties and server.xml into Installer/Support with these changes, and overlay these files into the extracted Tomcat dir as part of the prepare action of Installer/build.bat

comment:2 by jng, 4 years ago

As of preview 2, Java support now works on Windows but is still broken on Linux (Tomcat always returns http 403 on any .jsp request). We need external assistance on knowing what proper configurations we need to apply on the Linux side for Java support to work again.

comment:3 by jng, 4 years ago

Resolution: fixed
Status: assignedclosed

The issue was 2 tomcat.conf files being created, one with the required secret and one without. The one without the secret was being used. The issue was fixed by the install script writing out the tomcat.conf with the required secret to the correct path.

Note: See TracTickets for help on using tickets.