From 59c72393f0f6f14636f7155bc1a80a24a34c2745 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Thu, 22 Jun 2023 17:26:57 -0500 Subject: [PATCH] Auto-initialize EST application The EST webapp has been modified to automatically initialize the EST application without an explicit dependency on RESTEasy. Since a JAX-RS application cannot have an empty path, the EST application needs to be relocated to /rest and the endpoints need to be mapped to the new location as well. https://docs.jboss.org/resteasy/docs/3.0.24.Final/userguide/html_single/#d4e143 https://stackoverflow.com/questions/10874188/jax-rs-application-on-the-root-context-how-can-it-be-done --- .../org/dogtagpki/est/ESTApplication.java | 2 +- base/est/webapps/est/WEB-INF/web.xml | 29 ++----------------- .../conf/Catalina/localhost/rewrite.config | 2 +- 3 files changed, 5 insertions(+), 28 deletions(-) diff --git a/base/est/src/main/java/org/dogtagpki/est/ESTApplication.java b/base/est/src/main/java/org/dogtagpki/est/ESTApplication.java index bfa8658fa21..989664fcd91 100644 --- a/base/est/src/main/java/org/dogtagpki/est/ESTApplication.java +++ b/base/est/src/main/java/org/dogtagpki/est/ESTApplication.java @@ -13,7 +13,7 @@ import org.dogtagpki.server.rest.PKIExceptionMapper; -@ApplicationPath("") +@ApplicationPath("/rest") public class ESTApplication extends Application { public static org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(ESTApplication.class); diff --git a/base/est/webapps/est/WEB-INF/web.xml b/base/est/webapps/est/WEB-INF/web.xml index 32ae4b6c4f0..308b99469a9 100644 --- a/base/est/webapps/est/WEB-INF/web.xml +++ b/base/est/webapps/est/WEB-INF/web.xml @@ -8,34 +8,11 @@ SPDX-License-Identifier: GPL-2.0-or-later EST service - - org.jboss.resteasy.plugins.server.servlet.ResteasyBootstrap - - - - resteasy.resource.method-interceptors - org.jboss.resteasy.core.ResourceMethodSecurityInterceptor - - - - EST - org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher - - javax.ws.rs.Application - org.dogtagpki.est.ESTApplication - - - - - EST - / - - Require TLS for all resources - /* + /rest/* GET @@ -64,7 +41,7 @@ SPDX-License-Identifier: GPL-2.0-or-later Require authenticated client for POST resources - /* + /rest/* POST @@ -79,7 +56,7 @@ SPDX-License-Identifier: GPL-2.0-or-later Reject unused methods - /* + /rest/* GET POST diff --git a/base/tomcat-9.0/conf/Catalina/localhost/rewrite.config b/base/tomcat-9.0/conf/Catalina/localhost/rewrite.config index 868e1d24133..50f5b4bbc2a 100644 --- a/base/tomcat-9.0/conf/Catalina/localhost/rewrite.config +++ b/base/tomcat-9.0/conf/Catalina/localhost/rewrite.config @@ -15,4 +15,4 @@ RewriteRule ^/acme/cert/(.*)$ /acme/rest/cert/$1 RewriteRule ^/acme/revoke-cert$ /acme/rest/revoke-cert # EST -RewriteRule ^/.well-known/est/(.*)$ /est/$1 +RewriteRule ^/.well-known/est/(.*)$ /est/rest/$1