wso2 / product-apim

Welcome to the WSO2 API Manager source code! For info on working with the WSO2 API Manager repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
845 stars 785 forks source link

How to customize redirect url on 404? #7517

Closed amir-dh closed 4 years ago

amir-dh commented 4 years ago

Description:

I want on 404 error redirect to a custom page and prevent redirecting to /carbon/admin/login.jsp.

Steps to reproduce:

Affected Product Version:

I am using AM v3.0.0.

Environment details (with versions):


Optional Fields

Related Issues:

Suggested Labels:

Suggested Assignees:

isharac commented 4 years ago

Hi @amir-dh We have implemented a feature to support Custom error pages in the upcoming release 3.1.0. Please refer [1] And we will be shipping this to APIM 3.0.0 as a wum update which you can obtain with an active subscription.

[1] https://github.com/wso2/product-apim/issues/7215

amir-dh commented 4 years ago

@isharac I run the APIM-3.1.0-Beta and added below configuration in deployment.toml file.

[error_page]
code_400.location = "/devportal"
code_401.location = "/devportal"
code_403.location = "/devportal"

but when going to https://localhost:9443/devportal2 the page redirects to https://localhost:9443/carbon/admin/login.jsp and after loging in the console Management redirected to https://localhost:9443/devportal.

I want to make the user be redirected to /devportal when calling the wrong URL without that login to console management

isharac commented 4 years ago

Could you please follow the documentation[1] except step 11 in addition to the above configuration?

APIM 3.0.0 compatible documention is WIP

note: This feature is useful when there is any security concern regarding the redirections as the documentation describes but if you need the user to redirect to devportal when calling the wrong URL, the ideal way to do it is, handle it at the LB level.

[1] https://docs.wso2.com/display/ADMIN44x/Customizing+Error+Pages

amir-dh commented 4 years ago

@isharac I set all the configuration. but I want the wrong URL not redirecting to https://localhost:9443/carbon/admin/login.jsp. can you please help me do this.

isharac commented 4 years ago

@amir-dh Looks like custom error pages do not fulfill your requirement as with a wrong context it redirects to the login page. As i have suggested above can't you handle this through the LB?

amir-dh commented 4 years ago

@isharac I now redirect /carbon to /notfound with LB. but in the network section there is login.jsp file that shows the /carbon redirected to /notfound. It is also visible through other ways. I want to change this problem in code not in LB.

isharac commented 4 years ago

Hi @amir-dh I have tried the below. We can restrict access to particular servlets in a web application by adding a Remote Address Filter. Hence we can use below filter in /repository/resources/conf/templates/repository/conf/tomcat/carbon/WEB-INF/web.xml.j2 Which will restrict access to IPs other than 192.168.5.130

Remote Address Filter org.apache.catalina.filters.RemoteAddrFilter allow 192.168.5.130 Remote Address Filter /carbon/admin/login.jsp

Please try this and check whether this fulfills your requirements?

tmkasun commented 4 years ago

Closing the issue since an answer is given. Feel free to reopen the issue if you need further clarification.