Rules for Url Rewrite Filter
For those of you who use the excellent Url Rewrite Filter, a Java Web Filter which allows you to rewrite URLs before they get to your code, here are a couple of more-or-less useful rewrite rules that I’ve created.
The first rule redirects access made through a non-preferred domain or subdomain name to the preferred one. For example, if you’re using the example.com domain name for your website, you might want to redirect http://example.com/page.jsp to http://www.example.com/page.jsp.
<rule>
<name>Domain Name Check</name>
<condition name="host"
operator="notequal">www.example.com</condition>
<!–
Needed if using a version prior to 2.0-alpha:
<condition name=”host”
operator=”notequal”>www.example.com</condition>
–>
<from>(.*)</from>
<to type=”redirect”>http://www.example.com/context$1</to>
</rule>
Obviously, just replace www.example.com with the domain name that you prefer, and context with the context which your webapp is deployed at, or if using the root context, remove /context altogether.
I should mention that I didn’t write the same condition twice by mistake. There seems to be a bug in UrlRewriteFilter (version 1.2) which causes such conditions to be ignored unless written twice. If somebody hasn’t filed a report on that one already, I guess I better do it. Update: Paul Tuckey, the creator of Url Rewrite Filter, emailed me to let me know that this problem has been fixed in version 2.0-alpha.
The second rule blocks access to JSPs (or anything you want) that you don’t want to be accessible by anyone, and shows the 403: Forbidden error page which you’ve configured in your web.xml file.
<rule> <name>JSP block</name> <from>^/jsp/.*$</from> <set type="request" name="status_code">403</set> <to>/jsp/sendError.jsp</to> </rule>
Where /jsp/sendError.jsp contains the following:
<%
response.sendError(Integer.parseInt(
(String)request.getAttribute("status_code")));
%>
Note that you could use any status code you want; if you want to give the user a 404: Not Found error, just write 404 instead of 403 in the rule configuration.
Now, what’s the best RegExp to find out whether a given user-agent is from a cell phone? Hmm.
December 28th, 2007 at 12:50 pm UTC
Hi,
a very good rewrite engine for Java web applications.
In particular the feature of method invocation is recommendable for more complex url abstraction.
Regards
Alex
February 5th, 2009 at 1:56 am UTC
Hey Erik. Thanks for posting your ideas, they have been extremely helpful. I’m removing Apache and moving the rewrite rules to UrlRewriteFilter. Your idea is perfect for disabling the TRACE HTTP method on a specific port number, as this directives do:
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
This is the rule that I created
disable trace for port {@ssl_port@}
^.*$
9083
TRACE
403
/SendError.jsp
and well, the jsp is identical to your suggestion, it works perfectly.
Finally, this is the response that I got:
HTTP/1.1 403 Forbidden
Server: WebSphere Application Server/5.1
Set-Cookie: JSESSIONID=0000ySP8BRM8Cdsom5UGPesXIM0:-1;Path=/
Cache-Control: no-cache=”set-cookie,set-cookie2″
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Connection: close
It was smart. You’re great. Cheers from San Francisco, CA.
Gerardo
February 5th, 2009 at 1:58 am UTC
Ups, I see that HTML was removed… sorry.
February 5th, 2009 at 8:51 am UTC
Thanks for your comment! (Hmm, perhaps I ought to reconfigure WordPress to allow at least some HTML in comments. As I recall it should be possible somehow.)
I’d assume that the lines in your UrlRewriteFilter configuration represent, in order: name, from, condition, condition, set, to. Anyone reading should probably be able to take it from there.
Oh, and UrlRewriteFilter is a great project and I’m glad to see it gaining more users as well as being developed further.