[SUMMARY] Tomcat 8.5 and, servlet4preview and how I came there

Hi All,

I think I owe the community an explanation of the current situation and how I came there. It will help everybody interested to better understand the
situation. I'll try to make it as concise as possible (not my strong point).

For a custom project, and another custom feature which will perhaps be contributed, I wanted to allow a signed in user on an OFBiz instance to get
securely signed in on another OFBiz instance on another domain.

My 1st try was a failure. I made an architectural mistake due to my initial test done locally and later using the trunk demo. Then I created another
version based on the 1st one which I believe is sound and well architectured: OFBIZ-10307

Though some parts are still useful, I wanted to revert the 1st version. But then I stumbled upon an issue which took me a moment to identify.

 1. I wanted to revert a HttpServletRequestWrapper I put in the ContextFilter.
 2. But when I reverted it I got a weird error saying that the userLogin service could no longer handle an IN standard HttpServletRequest parameter
 3. I did that and found that it was due to Tomcat 8.5 using a temporary and unachieved servlet4preview (for Servlet 4.0 preview) which hides the
    standard HttpServletRequest.
 4. We have discussed that[1] and, thanks to Scott's idea, decided so far to use the type-validate child element of attribute.
 5. Eventually we want to update Tomcat 8.5 to to Tomcat 9 (where Servlet 4.0 is totally, and I suppose well implemented) to get rid of other possible
    issues due to servlet4preview.
 6. I think we don't want to revert to Tomcat 8, but that's a community decision

HTH

Jacques
[1] thread "Re: svn commit: r1827439..."

Le 27/03/2018 à 09:19, Jacques Le Roux a écrit :
> 3. I did that and found that it was due to Tomcat 8.5
TYPO: I dug that...

Jacques

Hi Jacques,

My intuitive, we should follow new Servlet features.

And off the topic, I saw websocket added to OFBiz and can be improved, besides this, we don't support Annotation of Servlet 3. I'll try to fill these gaps when I find some free time.

Kind Regards,

Shi Jinghai


-----邮件原件-----
发件人: Jacques Le Roux [mailto:[hidden email]]
发送时间: 2018年3月27日 15:19
收件人: [hidden email]
主题: [SUMMARY] Tomcat 8.5 and, servlet4preview and how I came there

Hi All,

I think I owe the community an explanation of the current situation and how I came there. It will help everybody interested to better understand the situation. I'll try to make it as concise as possible (not my strong point).

For a custom project, and another custom feature which will perhaps be contributed, I wanted to allow a signed in user on an OFBiz instance to get securely signed in on another OFBiz instance on another domain.

My 1st try was a failure. I made an architectural mistake due to my initial test done locally and later using the trunk demo. Then I created another version based on the 1st one which I believe is sound and well architectured: OFBIZ-10307

Though some parts are still useful, I wanted to revert the 1st version. But then I stumbled upon an issue which took me a moment to identify.

 1. I wanted to revert a HttpServletRequestWrapper I put in the ContextFilter.
 2. But when I reverted it I got a weird error saying that the userLogin service could no longer handle an IN standard HttpServletRequest parameter  3. I did that and found that it was due to Tomcat 8.5 using a temporary and unachieved servlet4preview (for Servlet 4.0 preview) which hides the
    standard HttpServletRequest.
 4. We have discussed that[1] and, thanks to Scott's idea, decided so far to use the type-validate child element of attribute.
 5. Eventually we want to update Tomcat 8.5 to to Tomcat 9 (where Servlet 4.0 is totally, and I suppose well implemented) to get rid of other possible
    issues due to servlet4preview.
 6. I think we don't want to revert to Tomcat 8, but that's a community decision

HTH

Jacques
[1] thread "Re: svn commit: r1827439..."

case in point to everything I mentioned in [1] Community collaboration
helps, design discussion helps.

https://lists.apache.org/thread.html/9a0ce342e108cb2327c7aa277f25f095030df3e01feb682d76af2f5b@%3Cdev.ofbiz.apache.org%3E

On Tue, Mar 27, 2018 at 10:19 AM, Jacques Le Roux
<[hidden email]> wrote: