Tomcat/CM1 case sensitive URLs

Phil · January 15, 2013, 6:59pm

Tomcat/CM1 creates case sensitive URLs. How can I create URLs in Percussion that are not case sensitive or, how do I make all URLs in CM1 not case sensitive? Need to resolve ASAP. Thanks!

Nathaniel · January 15, 2013, 7:46pm

Phil,

Case sensitivity is drawn from the underlying file system. Linux servers are typically case sensitive, whereas Windows servers are not. Because CM1 publishes to a Tomcat 6 server, it is possible to use a deprecated rule to enable case insensitivity (which was removed from Tomcat 7), but it’s generally not recommended due to security concerns.

This Tomcat 6 documentation outlines how to use the caseSensitive rule:

http://tomcat.apache.org/tomcat-6.0-d…

Essentially, you will add the “caseSensitive=false” rule to your [tomcat_root]/conf/context.xml file and restart Tomcat. Let me know if you have any trouble setting this up.

Phil · January 15, 2013, 8:07pm

Hi Nathaniel, we’re running Tomcat on Windows Server 2008 R2 and are still experiencing case sensitivity. Can you be a little more specific about where to put the caseSensitive=false in the context.xml file? Just drop it anywhere between the tags or should it be encapsulated in another way? Thanks!

Nathaniel · January 15, 2013, 10:11pm

Hi Phil,

I stand corrected; it appears that Tomcat does emulate UNIX-like file system behavior even in a Windows environment.

You would add the rule directly into the existing Context element, like this:

However, please keep in mind this is not recommended in a Windows environment due to security concerns, and – as tedious as it may be – ensuring that all of your pages and folders are lowercase is the really best approach. Here is a note on the issue from the Tomcat documentation:

“This flag MUST NOT be set to false on the Windows platform (or any other OS which does not have a case sensitive filesystem), as it will disable case sensitivity checks, allowing JSP source code disclosure, among other security problems.”

Phil · January 15, 2013, 10:26pm

Unfortunately I don’t have much choice. We had a large marketing campaign mailer go out with /Url instead of /url. At the very least this will be a temporary fix through the duration of the campaign. Thanks for your help.

Nate_Chadwick · January 15, 2013, 11:20pm

One alternative you could try out if you are using Tomcat as the Web Server and want to avoid the security concern could be to add a URL Rewrite filter. And setup a re-write rule for the different case on the URL.

Check out:

URLRewrite

You would follow the steps on their web site for setting up the filter. If you did try this, you may need to set the web.xml to read-only so that it doesn’t get overwritten on the next Full publish,

-n