Hey Paul,
Thanks for correcting my misunderstanding there. I assumed that since we had implemented the x-vdir header that it was also supported by subsequent systems. Can you elaborate on what kind of security you’re thinking of adding for it? Looking at the valve source, it looks like the authorization key is validated before processing anything else. Are you thinking character filtering maybe?
For implementation, since a Virtual Directory can be represented in a Tomcat context using the following context config:
www.lucee.org
…do you see any reason we could not add the vdirs from the x-vdir headers to the context xml file that the mod_cfml valve creates for a new context?
Or, while I’m not as familiar as you are with the child context methods, maybe we could implement those in a way that would mimic the above config? Would be something fun to play with and see, if nothing else. ;)–
Kind regards,
Jordan Michaels
Vivio Technologies
----- Original Message -----
From: “Paul Klinkenberg” <@Paul_Klinkenberg>
To: lucee@googlegroups.com
Sent: Tuesday, December 22, 2015 11:36:12 AM
Subject: Re: [Lucee] Lucee & virtual directories in IIS
Hi Jordan,
As far as I know, an as I didn’t find the word “x-vdirs” in the Lucee source code, Lucee still needs to implement a handler for an incoming x-vdirs header. Also, we still need to add security around this header.
So for the time being, adding the virtual directories as mappings in the Lucee web context is still the way to go. Again, as far as I know.
Kind regards,
Paul Klinkenberg
Op 22 dec. 2015, om 19:34 heeft Jordan Michaels <@Jordan_Michaels> het volgende geschreven:
ACF uses a custom connector and a singular J2EE context to handle requests in order to make some things - like IIS virtual directories - easier, however, these methods don’t conform to J2EE standards. Lucee has historically tried to adhere to the J2EE standards and uses standard J2EE contexts to handle different sites and web requests.
Since IIS virtual directories only exist within IIS, they have to be “translated” to a standardized Tomcat contexts. This can be done using the BonCode Connector - which adds the ‘x-vdir’ header to incoming web requests - and the mod_cfml tomcat valve which creates in-memory contexts for non-existent host names in an authorized request.
How did you install Lucee? If you used the Windows installer, the BonCode Connector and mod_cfml should be installed by default unless you opted not to install them.
Documentation for the BonCode connector is here (created and maintained by Bilal Soylu):
BonCode Apache Tomcat AJP 1.3 Connector (Under the “EnableHeaderDataSupport” config option)
Documentation for mod_cfml and the ‘x-vdir’ header is here (support for ‘x-vdir’ added by Paul Klinkenberg):
http://www.modcfml.org/index.cfm/documentation/modcfml-so-apache-module/an-in-depth-look-at-modcfml/
–
Kind regards,
Jordan Michaels
Vivio Technologies
----- Original Message -----
From: “Dave Quested” <@Dave_Quested>
To: “Lucee” lucee@googlegroups.com
Sent: Tuesday, December 22, 2015 1:47:35 AM
Subject: [Lucee] Lucee & virtual directories in IIS
Hi everyone
We’re looking to move from ACF to Lucee. We’ve hit a major roadblock
already unfortunately. It appears Lucee doesn’t ‘execute’ virtual
directories in IIS. ACF does this fine.
Is there a way to get Lucee to see/execute the virtual directory as ACF
does? There must be other Win/IIS converts that have achieved this in
Railo/Lucee?
Refactoring is not an option I’m afraid, just too much work, we have too
many websites using it.
Thanks in advance
Dave
You received this message because you are subscribed to the Google Groups “Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+unsubscribe@googlegroups.com.
To post to this group, send email to lucee@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/8ad9b4ed-aaf1-4a92-8ad0-06605b0b2176%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups “Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+unsubscribe@googlegroups.com.
To post to this group, send email to lucee@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/1417637034.215084.1450809247999.JavaMail.zimbra%40viviotech.net.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups “Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+unsubscribe@googlegroups.com.
To post to this group, send email to lucee@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/83627EAD-48BB-48FC-AB96-59A6FCABAFB2%40ongevraagdadvies.nl.
For more options, visit https://groups.google.com/d/optout.