GRP-5231: add rewrite valve for tomcat so / redirects to /grouper (or

whatever the UI context is)

container_files/docker-build-bin/containerDockerfileInstall.sh

@@ -75,9 +75,9 @@ returnCode=$?
 echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) rm -rf /opt/grouper/$GROUPER_VERSION, result: $returnCode"
 if [ $returnCode != 0 ]; then exit $returnCode; fi
 
-rm -rf /opt/tomcat/webapps/docs/ /opt/tomcat/webapps/host-manager/ /opt/tomcat/webapps/manager/ /opt/tomcat/logs/* /opt/tomcat/temp/* /opt/tomcat/work/* /opt/tomcat/conf/logging.properties
+rm -rf /opt/tomcat/webapps/ROOT /opt/tomcat/webapps/examples /opt/tomcat/webapps/docs/ /opt/tomcat/webapps/host-manager/ /opt/tomcat/webapps/manager/ /opt/tomcat/logs/* /opt/tomcat/temp/* /opt/tomcat/work/* /opt/tomcat/conf/logging.properties
 returnCode=$?
-echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) rm -rf /opt/tomcat/webapps/docs/ /opt/tomcat/webapps/host-manager/ /opt/tomcat/webapps/manager/ /opt/tomcat/logs/* /opt/tomcat/temp/* /opt/tomcat/work/*\ /opt/tomcat/conf/logging.properties, result: $returnCode"
+echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) rm -rf /opt/tomcat/webapps/ROOT /opt/tomcat/webapps/examples /opt/tomcat/webapps/docs/ /opt/tomcat/webapps/host-manager/ /opt/tomcat/webapps/manager/ /opt/tomcat/logs/* /opt/tomcat/temp/* /opt/tomcat/work/*\ /opt/tomcat/conf/logging.properties, result: $returnCode"
 if [ $returnCode != 0 ]; then exit $returnCode; fi
 
 cp -R /opt/container_files/grouperWebapp/* /opt/grouper/grouperWebapp

container_files/tomcat/conf/Catalina/localhost/rewrite.config.grouper

@@ -0,0 +1 @@
+RewriteRule ^/$ /__CONTEXT__/ [R]

container_files/tomcat/conf/server.xml.grouper

@@ -173,6 +173,8 @@
 
         <!--GROUPER_TOMCAT_REMOTE_IP_VALVE-->
 
+        <Valve className="org.apache.catalina.valves.rewrite.RewriteValve" />
+
         <!-- Access log processes all example.
              Documentation at: /docs/config/valve.html
              Note: The pattern used is equivalent to using pattern="common" -->

container_files/tomcat/conf/server.xml.grouper.patch

@@ -1,5 +1,5 @@
 --- server.xml.original	2023-08-21 10:59:20.000000000 -0400
-+++ server.xml.grouper	2023-12-31 16:12:56.000000000 -0500
++++ server.xml.grouper	2024-01-01 15:43:53.000000000 -0500
 @@ -66,11 +66,12 @@
           APR (HTTP/AJP) Connector: /docs/apr.html
           Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
@@ -33,13 +33,15 @@
      <!-- An Engine represents the entry point (within Catalina) that processes
           every request.  The Engine implementation for Tomcat stand alone
           analyzes the HTTP headers included with the request, and passes them
-@@ -166,13 +169,14 @@
+@@ -166,13 +169,16 @@
          <!--
          <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
          -->
 +        <!--GROUPER_TOMCAT_REMOTE_CIDR_VALVE-->
 +
 +        <!--GROUPER_TOMCAT_REMOTE_IP_VALVE-->
++
++        <Valve className="org.apache.catalina.valves.rewrite.RewriteValve" />
 
          <!-- Access log processes all example.
               Documentation at: /docs/config/valve.html

container_files/usr-local-bin/libraryPrep.sh

@@ -307,10 +307,6 @@ prep_finishBegin() {
       export GROUPER_TOMCAT_SHUTDOWN_PORT=8005
     fi
 
-    if [ -z "$GROUPER_TOMCAT_HTTPS_ALIAS" ] && [ "$GROUPER_SELF_SIGNED_CERT" = "true" ]; then 
-      echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_HTTPS_ALIAS=localhost"
-      export GROUPER_TOMCAT_HTTPS_ALIAS=localhost
-    fi    
     if [ -z "$GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY" ]; then 
       echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY=/opt/grouper/logs"
       export GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY=/opt/grouper/logs

container_files/usr-local-bin/librarySetupFilesTomcat.sh

@@ -4,6 +4,7 @@ setupFilesTomcat() {
   setupFilesTomcat_serverXml
   setupFilesTomcat_remoteCidrValve
   setupFilesTomcat_remoteIpValve
+  setupFilesTomcat_rewriteValve
   setupFilesTomcat_turnOnAjp
   setupFilesTomcat_turnOnHttp
   setupFilesTomcat_turnOnHttps
@@ -17,6 +18,31 @@ setupFilesTomcat() {
   setupFilesTomcat_sslCertsClient
 }
 
+setupFilesTomcat_rewriteValve() {
+
+  if [ ! -f /opt/tomcat/conf/Catalina/localhost/rewrite.config ]; then 
+    if [ "$GROUPER_UI" = "true" ]; then
+      mv /opt/tomcat/conf/Catalina/localhost/rewrite.config.grouper /opt/tomcat/conf/Catalina/localhost/rewrite.config
+      returnCode=$?
+      echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_rewriteValve) mv /opt/tomcat/conf/Catalina/localhost/rewrite.config.grouper /opt/tomcat/conf/Catalina/localhost/rewrite.config, result: $returnCode"
+      if [ $returnCode != 0 ]; then exit $returnCode; fi
+
+      sed -i "s|__CONTEXT__|$GROUPER_TOMCAT_CONTEXT|g" /opt/tomcat/conf/Catalina/localhost/rewrite.config 
+      returnCode=$?
+      echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_rewriteValve) sed -i \"s|__CONTEXT__|$GROUPER_TOMCAT_CONTEXT|g\" /opt/tomcat/conf/Catalina/localhost/rewrite.config, result: $returnCode"
+      if [ $returnCode != 0 ]; then exit $returnCode; fi
+
+    else
+      touch /opt/tomcat/conf/Catalina/localhost/rewrite.config
+      returnCode=$?
+      echo "grouperContainer; INFO: (librarySetupFilesTomcat.sh-setupFilesTomcat_rewriteValve) touch /opt/tomcat/conf/Catalina/localhost/rewrite.config, result: $returnCode"
+      if [ $returnCode != 0 ]; then exit $returnCode; fi
+    fi
+
+  fi
+}
+
+
 setupFilesTomcat_remoteIpValve() {
 
   if [ "$GROUPER_TOMCAT_REMOTE_IP_VALVE" = "true" ]; then 
@@ -520,6 +546,7 @@ setupFilesTomcat_unsetAll() {
   unset -f setupFilesTomcat_ports
   unset -f setupFilesTomcat_remoteCidrValve
   unset -f setupFilesTomcat_remoteIpValve
+  unset -f setupFilesTomcat_rewriteValve
   unset -f setupFilesTomcat_serverXml
   unset -f setupFilesTomcat_ssl
   unset -f setupFilesTomcat_sslCertsAnchors
@@ -541,6 +568,7 @@ setupFilesTomcat_exportAll() {
   export -f setupFilesTomcat_ports
   export -f setupFilesTomcat_remoteCidrValve
   export -f setupFilesTomcat_remoteIpValve
+  export -f setupFilesTomcat_rewriteValve
   export -f setupFilesTomcat_serverXml
   export -f setupFilesTomcat_ssl
   export -f setupFilesTomcat_sslCertsAnchors

run3.sh

@@ -8,16 +8,16 @@ docker run -d -p 8080:8080 -p 8443:8443 \
 -e GROUPER_START_DELAY_SECONDS=10 -e GROUPER_UI_GROUPER_AUTH=true \
 -e GROUPER_WS_GROUPER_AUTH=true -e GROUPER_SCIM_GROUPER_AUTH=true \
 -e GROUPER_QUICKSTART=true -e GROUPER_RUN_TOMCAT=true \
--e GROUPER_UI=true \
--e GROUPER_TOMCAT_REMOTE_IP_VALVE=true \
--e GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES=abc -e GROUPER_TOMCAT_REMOTE_IP_HEADER=xyz \
--e GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER=def -e GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES=fgh \
--e GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER=hij -e GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE=jkl \
--e GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT=123 -e GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT=234 \
+-e GROUPER_UI=false -e GROUPER_WS=true \
 -e GROUPER_LOG_TO_HOST=true -e GROUPER_TOMCAT_LOG_ACCESS=true \
 -e GROUPER_DATABASE_PASSWORD=pass -e GROUPER_DATABASE_USERNAME=postgres \
 -e GROUPERSYSTEM_QUICKSTART_PASS=pass -e GROUPER_MORPHSTRING_ENCRYPT_KEY=abc123 \
 -e GROUPER_DATABASE_URL=jdbc:postgresql://192.168.86.28:5433/postgres -e GROUPER_AUTO_DDL_UPTOVERSION='v5.*.*' \
 --name my-grouper3 my-grouper3:latest quickstart
 
 #  containerPing
+# -e GROUPER_TOMCAT_REMOTE_IP_VALVE=true \
+# -e GROUPER_TOMCAT_REMOTE_IP_INTERNAL_PROXIES=abc -e GROUPER_TOMCAT_REMOTE_IP_HEADER=xyz \
+# -e GROUPER_TOMCAT_REMOTE_IP_PROXIES_HEADER=def -e GROUPER_TOMCAT_REMOTE_IP_TRUSTED_PROXIES=fgh \
+# -e GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER=hij -e GROUPER_TOMCAT_REMOTE_IP_PROTOCOL_HEADER_HTTPS_VALUE=jkl \
+# -e GROUPER_TOMCAT_REMOTE_IP_HTTP_SERVER_PORT=123 -e GROUPER_TOMCAT_REMOTE_IP_HTTPS_SERVER_PORT=234 \