Opened 4 years ago
Closed 4 years ago
#2828 closed defect (fixed)
Java configuration not functional after Tomcat 9 upgrade
Reported by: | jng | Owned by: | jng |
---|---|---|---|
Priority: | high | Milestone: | 4.0 |
Component: | Installer | Version: | |
Severity: | blocker | Keywords: | |
Cc: | External ID: |
Description
Tomcat 9 introduced some configuration changes (to address the Ghostcat vulnerability) that makes the Java MapGuide API/viewer not functional.
- The AJP
<Connector>
node inserver.xml
is commented out. It needs to be uncommented- The commented node also specifies to listen on
::1
. Change this to127.0.0.1
- The AJP connector in Tomcat 9 requires a shared secret between it and the mod_jk worker. Set this value through the
secret
attribute of the connector node
- The commented node also specifies to listen on
<Connector ... secret="mapguide4java" />
- Add and change the following lines in
worker.properties
to set the shared secret
worker.worker1.host=127.0.0.1 worker.worker1.secret=mapguide4java
This is the final blocker to be cleared for the preview 2 release.
Change History (3)
comment:1 by , 4 years ago
comment:2 by , 4 years ago
As of preview 2, Java support now works on Windows but is still broken on Linux (Tomcat always returns http 403 on any .jsp
request). We need external assistance on knowing what proper configurations we need to apply on the Linux side for Java support to work again.
comment:3 by , 4 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
The issue was 2 tomcat.conf
files being created, one with the required secret and one without. The one without the secret was being used. The issue was fixed by the install script writing out the tomcat.conf
with the required secret to the correct path.
The easiest way to tackle this is to check in copies of
worker.properties
andserver.xml
intoInstaller/Support
with these changes, and overlay these files into the extracted Tomcat dir as part of theprepare
action ofInstaller/build.bat