EducationSoftwareStrategy.com
StrategyCommunity

Knowledge Base

Product

Community

Knowledge Base

TopicsBrowse ArticlesDeveloper Zone

Product

Download SoftwareProduct DocumentationSecurity Hub

Education

Tutorial VideosSolution GalleryEducation courses

Community

GuidelinesGrandmastersEvents
x_social-icon_white.svglinkedin_social-icon_white.svg
Strategy logoCommunity

© Strategy Inc. All Rights Reserved.

LegalTerms of UsePrivacy Policy
  1. Home
  3. Topics

KB259325: How to configure the imageServlet redirect URL when using HTTPS to HTTP proxy environment in MicroStrategy Web JSP

Community Admin

• Strategy

How to configure the imageServlet redirect URL when using HTTPS to HTTP proxy environment in MicroStrategy Web JSP

SYMPTOM

When executing a report services document in Strategy Web, images are not being rendered when using relative paths as follows:

  • ./images/file.png
  • images/file.png

However, images are displayed when using a relative path as follows:

  • ../images/file.png

The issue affects environments that have a proxy or load balancer setup which uses following setup:
[1] HTTPS (secure) from Client Machine
[2] Proxy / Load balancer in the middle
[3] HTTP (non-secure) for the backend Web Server communication.
eg- Client Machine --> HTTPS --> Load Balancer / Proxy --> HTTP --> Web Server

ka0PW0000001V4zYAE_0EM4400000025as.jpeg

 

CAUSE

Strategy Web JSP resolves relative paths based on the syntax used to include the image.
For example, the relative path images/file.png will resolve the HTTPS request to retrieve the image to https://MACHINE/MicroStrategy/servlet/images/file.png.
The location .../servlet/images/file.png does not exist. An incoming request to /servlet/images/file.png will be redirected to the right location which would be https://MACHINE/MicroStrategy/images/file.png.
This works correctly if the schema used for communication between end user machine, the proxy, and the backend Web Server is HTTPS (secure) consistently for all communication. Strategy Web reads the schema used for the incoming request and generates the redirect URL using the same schema, i.e. HTTPS.
If communication between the proxy and the web server uses HTTP, then the redirect URL will be:
http://MACHINE:80/MicroStrategy/images/file.png
instead of:
https://MACHINE/MicroStrategy/images/file.png
Note, the difference in the schema from 'http' to 'https'
In consequence, the client machine attempts to access the image using HTTP instead of HTTPS going through the proxy which, in most cases will have been prevented on proxy configuration.
The relative path ../images/file.png works since it resolves directly to the correct location, i.e. https://MACHINE/MicroStrategy/images/file.png without the need to re-direct since the servlet context is removed due to "../".
 

SOLUTION

There are two ways to resolve this issue:
1. Force Strategy Web to return redirect URLs for images using HTTPS schema instead of HTTP even if the incoming request uses HTTP. To do so, the following steps must be followed:
a. In Strategy, open "web.xml" from <PATH_TO_WEB_DEPLOYMENT>/WEB-INF
b. Change the mstrDocumentImages servlet from:


<servlet>
    <servlet-name>mstrDocumentImages</servlet-name>
    <servlet-class>com.Strategy.web.servlets.DocumentImageServlet</servlet-class>
</servlet>

to

<servlet>
    <servlet-name>mstrDocumentImages</servlet-name>
    <servlet-class>com.Strategy.web.servlets.DocumentImageServlet</servlet-class>
    <init-param>
        <param-name>scheme</param-name>
        <param-value>https</param-value>
   </init-param>
</servlet>

c. Restart Web Server
 
2. Implement URL re-writing on proxy / load balancer side. Incoming requests using HTTP should be rewritten to use HTTPS and the correct port. Contact the vendor of the respective proxy / load balancer server for steps to perform this configuration.

Comment

0 comments

Details

Knowledge Article

Published:

April 5, 2017

Last Updated:

April 8, 2024