“URL was not normalized” with Spring Boot 2 and Kotlin












0















In my current project we deploy several Spring Boot 1.5.4.RELEASE microservices in Openshift with Kubernetes. We have configured an Apache Proxy Balancer:



From                            To
/msa/microname1 -> /
/msa/microname2 -> /
...


Recently we introduced Spring Boot 2 and we developed a new microservice with Kotlin. We configured the balancer the same way considering that urls like /health and /info are placed under /actuator path.
Now when we consume any endpoint of this new microservice (/health or any of our endpoints) we are having an error like this:




org.springframework.security.web.firewall.RequestRejectedException:
The request was rejected because the URL was not normalized ...




The path that we intercept in our microservice has an extra slash in the beginning: //<path_to_resource>



When I use the microservice url I get the resource without problems, but when using the proxy balancer mapping we have the issue described above.



We checked our proxy balancer and it is configured the same way than the others.
Is is any extra configuration on Spring Boot 2 we have to consider?
Can this be a problem related to Kotlin?



Update



As a tweak we have configured the DefaultHttpFirewall to allow url enconded slash, but this does not fixes the issue with the double slash. It only masks the problem.



@Bean
fun allowUrlEncodedSlash(): HttpFirewall {
var firewall: DefaultHttpFirewall = DefaultHttpFirewall()
firewall.setAllowUrlEncodedSlash(true)
return firewall
}

override fun configure(web: WebSecurity) {
web.httpFirewall(allowUrlEncodedSlash())
}









share|improve this question





























    0















    In my current project we deploy several Spring Boot 1.5.4.RELEASE microservices in Openshift with Kubernetes. We have configured an Apache Proxy Balancer:



    From                            To
    /msa/microname1 -> /
    /msa/microname2 -> /
    ...


    Recently we introduced Spring Boot 2 and we developed a new microservice with Kotlin. We configured the balancer the same way considering that urls like /health and /info are placed under /actuator path.
    Now when we consume any endpoint of this new microservice (/health or any of our endpoints) we are having an error like this:




    org.springframework.security.web.firewall.RequestRejectedException:
    The request was rejected because the URL was not normalized ...




    The path that we intercept in our microservice has an extra slash in the beginning: //<path_to_resource>



    When I use the microservice url I get the resource without problems, but when using the proxy balancer mapping we have the issue described above.



    We checked our proxy balancer and it is configured the same way than the others.
    Is is any extra configuration on Spring Boot 2 we have to consider?
    Can this be a problem related to Kotlin?



    Update



    As a tweak we have configured the DefaultHttpFirewall to allow url enconded slash, but this does not fixes the issue with the double slash. It only masks the problem.



    @Bean
    fun allowUrlEncodedSlash(): HttpFirewall {
    var firewall: DefaultHttpFirewall = DefaultHttpFirewall()
    firewall.setAllowUrlEncodedSlash(true)
    return firewall
    }

    override fun configure(web: WebSecurity) {
    web.httpFirewall(allowUrlEncodedSlash())
    }









    share|improve this question



























      0












      0








      0








      In my current project we deploy several Spring Boot 1.5.4.RELEASE microservices in Openshift with Kubernetes. We have configured an Apache Proxy Balancer:



      From                            To
      /msa/microname1 -> /
      /msa/microname2 -> /
      ...


      Recently we introduced Spring Boot 2 and we developed a new microservice with Kotlin. We configured the balancer the same way considering that urls like /health and /info are placed under /actuator path.
      Now when we consume any endpoint of this new microservice (/health or any of our endpoints) we are having an error like this:




      org.springframework.security.web.firewall.RequestRejectedException:
      The request was rejected because the URL was not normalized ...




      The path that we intercept in our microservice has an extra slash in the beginning: //<path_to_resource>



      When I use the microservice url I get the resource without problems, but when using the proxy balancer mapping we have the issue described above.



      We checked our proxy balancer and it is configured the same way than the others.
      Is is any extra configuration on Spring Boot 2 we have to consider?
      Can this be a problem related to Kotlin?



      Update



      As a tweak we have configured the DefaultHttpFirewall to allow url enconded slash, but this does not fixes the issue with the double slash. It only masks the problem.



      @Bean
      fun allowUrlEncodedSlash(): HttpFirewall {
      var firewall: DefaultHttpFirewall = DefaultHttpFirewall()
      firewall.setAllowUrlEncodedSlash(true)
      return firewall
      }

      override fun configure(web: WebSecurity) {
      web.httpFirewall(allowUrlEncodedSlash())
      }









      share|improve this question
















      In my current project we deploy several Spring Boot 1.5.4.RELEASE microservices in Openshift with Kubernetes. We have configured an Apache Proxy Balancer:



      From                            To
      /msa/microname1 -> /
      /msa/microname2 -> /
      ...


      Recently we introduced Spring Boot 2 and we developed a new microservice with Kotlin. We configured the balancer the same way considering that urls like /health and /info are placed under /actuator path.
      Now when we consume any endpoint of this new microservice (/health or any of our endpoints) we are having an error like this:




      org.springframework.security.web.firewall.RequestRejectedException:
      The request was rejected because the URL was not normalized ...




      The path that we intercept in our microservice has an extra slash in the beginning: //<path_to_resource>



      When I use the microservice url I get the resource without problems, but when using the proxy balancer mapping we have the issue described above.



      We checked our proxy balancer and it is configured the same way than the others.
      Is is any extra configuration on Spring Boot 2 we have to consider?
      Can this be a problem related to Kotlin?



      Update



      As a tweak we have configured the DefaultHttpFirewall to allow url enconded slash, but this does not fixes the issue with the double slash. It only masks the problem.



      @Bean
      fun allowUrlEncodedSlash(): HttpFirewall {
      var firewall: DefaultHttpFirewall = DefaultHttpFirewall()
      firewall.setAllowUrlEncodedSlash(true)
      return firewall
      }

      override fun configure(web: WebSecurity) {
      web.httpFirewall(allowUrlEncodedSlash())
      }






      apache spring-boot kotlin openshift spring-boot-actuator






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Oct 4 '18 at 11:03







      Spacemonkey

















      asked Oct 3 '18 at 9:17









      SpacemonkeySpacemonkey

      1,20331640




      1,20331640
























          2 Answers
          2






          active

          oldest

          votes


















          0














          Check this answer: https://stackoverflow.com/a/48644226/10451721



          It seems to be the same issue as yours but in Java instead of Kotlin.



          Spring doesn't like // in URLs by default.



          I have converted the Java in the linked answer for you:



          @Bean
          fun allowUrlEncodedSlashHttpFirewall(): HttpFirewall {
          val firewall = StrictHttpFirewall()
          firewall.setAllowUrlEncodedSlash(true)
          return firewall
          }





          share|improve this answer
























          • Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.

            – Spacemonkey
            Oct 4 '18 at 10:15



















          0














          Solved by adding context to the application in our balancer.
          Now all our endpoints have a context in our microservice, defined in application.yml.



          From                            To
          /msa/microname1 -> /
          /msa/microname2 -> /
          /msa/Kotlinname/kt -> /kt





          share|improve this answer























            Your Answer






            StackExchange.ifUsing("editor", function () {
            StackExchange.using("externalEditor", function () {
            StackExchange.using("snippets", function () {
            StackExchange.snippets.init();
            });
            });
            }, "code-snippets");

            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "1"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f52623669%2furl-was-not-normalized-with-spring-boot-2-and-kotlin%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            Check this answer: https://stackoverflow.com/a/48644226/10451721



            It seems to be the same issue as yours but in Java instead of Kotlin.



            Spring doesn't like // in URLs by default.



            I have converted the Java in the linked answer for you:



            @Bean
            fun allowUrlEncodedSlashHttpFirewall(): HttpFirewall {
            val firewall = StrictHttpFirewall()
            firewall.setAllowUrlEncodedSlash(true)
            return firewall
            }





            share|improve this answer
























            • Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.

              – Spacemonkey
              Oct 4 '18 at 10:15
















            0














            Check this answer: https://stackoverflow.com/a/48644226/10451721



            It seems to be the same issue as yours but in Java instead of Kotlin.



            Spring doesn't like // in URLs by default.



            I have converted the Java in the linked answer for you:



            @Bean
            fun allowUrlEncodedSlashHttpFirewall(): HttpFirewall {
            val firewall = StrictHttpFirewall()
            firewall.setAllowUrlEncodedSlash(true)
            return firewall
            }





            share|improve this answer
























            • Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.

              – Spacemonkey
              Oct 4 '18 at 10:15














            0












            0








            0







            Check this answer: https://stackoverflow.com/a/48644226/10451721



            It seems to be the same issue as yours but in Java instead of Kotlin.



            Spring doesn't like // in URLs by default.



            I have converted the Java in the linked answer for you:



            @Bean
            fun allowUrlEncodedSlashHttpFirewall(): HttpFirewall {
            val firewall = StrictHttpFirewall()
            firewall.setAllowUrlEncodedSlash(true)
            return firewall
            }





            share|improve this answer













            Check this answer: https://stackoverflow.com/a/48644226/10451721



            It seems to be the same issue as yours but in Java instead of Kotlin.



            Spring doesn't like // in URLs by default.



            I have converted the Java in the linked answer for you:



            @Bean
            fun allowUrlEncodedSlashHttpFirewall(): HttpFirewall {
            val firewall = StrictHttpFirewall()
            firewall.setAllowUrlEncodedSlash(true)
            return firewall
            }






            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Oct 4 '18 at 10:13









            Ed JeffreysEd Jeffreys

            13




            13













            • Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.

              – Spacemonkey
              Oct 4 '18 at 10:15



















            • Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.

              – Spacemonkey
              Oct 4 '18 at 10:15

















            Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.

            – Spacemonkey
            Oct 4 '18 at 10:15





            Yes, we did the same yesterday but we are not confortable to modify the HttpFirewall. We are still looking for the root cause beacuse we don't add any extra bar.. At least that's what I think.

            – Spacemonkey
            Oct 4 '18 at 10:15













            0














            Solved by adding context to the application in our balancer.
            Now all our endpoints have a context in our microservice, defined in application.yml.



            From                            To
            /msa/microname1 -> /
            /msa/microname2 -> /
            /msa/Kotlinname/kt -> /kt





            share|improve this answer




























              0














              Solved by adding context to the application in our balancer.
              Now all our endpoints have a context in our microservice, defined in application.yml.



              From                            To
              /msa/microname1 -> /
              /msa/microname2 -> /
              /msa/Kotlinname/kt -> /kt





              share|improve this answer


























                0












                0








                0







                Solved by adding context to the application in our balancer.
                Now all our endpoints have a context in our microservice, defined in application.yml.



                From                            To
                /msa/microname1 -> /
                /msa/microname2 -> /
                /msa/Kotlinname/kt -> /kt





                share|improve this answer













                Solved by adding context to the application in our balancer.
                Now all our endpoints have a context in our microservice, defined in application.yml.



                From                            To
                /msa/microname1 -> /
                /msa/microname2 -> /
                /msa/Kotlinname/kt -> /kt






                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Nov 27 '18 at 17:31









                SpacemonkeySpacemonkey

                1,20331640




                1,20331640






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Stack Overflow!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f52623669%2furl-was-not-normalized-with-spring-boot-2-and-kotlin%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    A CLEAN and SIMPLE way to add appendices to Table of Contents and bookmarks

                    Calculate evaluation metrics using cross_val_predict sklearn

                    Insert data from modal to MySQL (multiple modal on website)