request context path grails spring security

0
votes

Basic question is do we need to run our war as ROOT.war to get the context path correct with spring security?

Background:

We have a grails application that is using spring security plugin. It is proxied by nginx and the war is NOT running as ROOT.war in tomcat.

Web site: https://www.example.com
Login: https://www.example.com/login

War name is foo.war and nginx is proxying requests to http://tomcat:8080/foo

Spring security is using: ${request.contextPath}

Do we install the app as a ROOT.war or is there a context path variable in grails spring security that we can modify?

The spring security auth cookies are being set with /foo in the path ... and our session management in not working correctly.

1
tomcatgrailsnginxspring-security
In my experiences, the contextPath works just fine. I also have this set in config.groovy: grails.app.context = '/foo' - James Kleeh
You have that working with a web app where the users on '/' and the war would be foo.war? - chrislovecnm
I've never had much luck with cases where the front and back end context paths are different. If you need to run multiple ROOT webapps in the same tomcat you can do that with virtual hosting at the tomcat side, just make sure the front end server passes through the right Host header. - Ian Roberts

1 Answers

1
votes

@Ian-Roberts is correct.

You cannot just use grails.app.context = '/foo' or grails.app.context = '/'. I appears that Tomcat is messing with the applications context, ergo you have to run it as ROOT.war.

Instructions:

  • You do need grails.app.context = '/' in Config.groovy in order to do grails run-app
  • grails war ROOT.war
  • copy your war file into ROOT.war in your tomcat webapps folder.
  • create a ROOT.xml file

ROOT.xml in $TOMCAT_CONF/Catalina/localhost 

<Context path="" antiResourceLocking="false" privileged="true" >
                  <Resource name="jdbc/****x" 
              auth="Container" 
              type="javax.sql.DataSource"
              maxActive="300" 
             edited :)
              />
           <Resource name="jdbc/***" 
              auth="Container" 
             edited :)
            />
</Context>

Because I was getting URL Mapping Errors. Oh and do not try to run the war outside of the AppBase, because tomcat will not expand it and all hell will break out :)