wso2 · Thisara-Welmilla · Jul 16, 2024 · Jul 1, 2024 · Jul 16, 2024
diff --git a/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonSecuredHttpContext.java b/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonSecuredHttpContext.java
@@ -251,16 +251,18 @@ public boolean handleSecurity(HttpServletRequest request, HttpServletResponse re
 
         if (requestedURI.endsWith("/carbon/")) {
             if (skipLoginPage) {
-                response.sendRedirect(contextPath + indexPageURL + "?skipLoginPage=true");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath, indexPageURL +
+                        "?skipLoginPage=true", request));
             } else {
-                response.sendRedirect(contextPath + indexPageURL);
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath, indexPageURL, request));
             }
             return false;
         } else if (requestedURI.indexOf("/registry/atom") == -1 && requestedURI.endsWith("/carbon")) {
             if (skipLoginPage) {
-                response.sendRedirect(contextPath + indexPageURL + "?skipLoginPage=true");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath, indexPageURL +
+                        "?skipLoginPage=true", request));
             } else {
-                response.sendRedirect(contextPath + indexPageURL);
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath, indexPageURL, request));
             }
             return false;
         } else if (CarbonUILoginUtil.letRequestedUrlIn(requestedURI, tempUrl)) {
@@ -280,9 +282,11 @@ public boolean handleSecurity(HttpServletRequest request, HttpServletResponse re
         }
         if (request.getSession().isNew()) {
             if (skipLoginPage) {
-                response.sendRedirect(contextPath + "/carbon/admin/login_action.jsp");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath,
+                        "/carbon/admin/login_action.jsp", request));
             } else {
-                response.sendRedirect(contextPath + "/carbon/admin/login.jsp");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath, "/carbon/admin/login.jsp",
+                        request));
 
             }
             return false;

diff --git a/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUILoginUtil.java b/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUILoginUtil.java
@@ -155,15 +155,18 @@ protected static boolean saveOriginalUrl(CarbonUIAuthenticator authenticator,
 
         if (request.getAttribute(MultitenantConstants.TENANT_DOMAIN) != null) {
             if (skipLoginPage) {
-                response.sendRedirect("../admin/login_action.jsp");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(
+                        "","../admin/login_action.jsp", request));
             } else {
-                response.sendRedirect("../admin/login.jsp");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL("", "../admin/login.jsp", request));
             }
         } else {
             if (skipLoginPage) {
-                response.sendRedirect(contextPath + "/carbon/admin/login_action.jsp");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath,
+                        "/carbon/admin/login_action.jsp", request));
             } else {
-                response.sendRedirect(contextPath + "/carbon/admin/login.jsp");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath,
+                        "/carbon/admin/login.jsp", request));
 
             }
         }
@@ -273,7 +276,7 @@ protected static boolean handleLogout(CarbonUIAuthenticator authenticator,
             }
         } catch (Exception e) {
             log.error(e.getMessage(), e);
-            response.sendRedirect("../admin/login.jsp");
+            response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL("", "../admin/login.jsp", request));
             return false;
         }
 
@@ -295,7 +298,8 @@ protected static boolean handleLogout(CarbonUIAuthenticator authenticator,
                     }
                 }
             }
-            response.sendRedirect("../../carbon/admin/login.jsp");
+            response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(
+                    "","../../carbon/admin/login.jsp", request));
             return false;
         }
 
@@ -336,7 +340,7 @@ protected static boolean handleLogout(CarbonUIAuthenticator authenticator,
                     }
                 }
             }
-            response.sendRedirect("../.." + indexPageURL);
+            response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL("", "../.." + indexPageURL, request));
             return false;
         }
 
@@ -346,7 +350,8 @@ protected static boolean handleLogout(CarbonUIAuthenticator authenticator,
         // This condition is evaluated when users are logged out in SAML2 based SSO
         if (request.getAttribute("logoutRequest") != null) {
         	log.debug("Loging out from SSO session");
-            response.sendRedirect(contextPath + "/carbon/sso-acs/redirect_ajaxprocessor.jsp?logout=true");
+            response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath,
+                    "/carbon/sso-acs/redirect_ajaxprocessor.jsp?logout=true", request));
             return false;
         }
 
@@ -370,7 +375,7 @@ protected static boolean handleLogout(CarbonUIAuthenticator authenticator,
         rmeCookie.setHttpOnly(true);
         rmeCookie.setMaxAge(0);
         response.addCookie(rmeCookie);
-        response.sendRedirect(contextPath + indexPageURL);
+        response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath, indexPageURL, request));
         return false;
     }
 
@@ -406,7 +411,8 @@ protected static boolean handleLogin(CarbonUIAuthenticator authenticator,
                     && idpSessionIndex != null && !"".equals(idpSessionIndex)) {
                 session.setAttribute(CarbonSecuredHttpContext.LOGGED_USER, request.getParameter("username"));
                 session.setAttribute("idpSessionIndex", idpSessionIndex);
-                response.sendRedirect(contextPath + "/carbon/sso-acs/redirect_ajaxprocessor.jsp?logout=true");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath,
+                        "/carbon/sso-acs/redirect_ajaxprocessor.jsp?logout=true", request));
                 return false;
             }
 
@@ -460,8 +466,8 @@ protected static boolean handleLogin(CarbonUIAuthenticator authenticator,
                     response.addCookie(rmeCookie);
                 }
             } catch (Exception e) {
-                response.sendRedirect(contextPath + indexPageURL
-                        + (indexPageURL.indexOf('?') == -1 ? "?" : "&") + "loginStatus=false");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath, indexPageURL
+                        + (indexPageURL.indexOf('?') == -1 ? "?" : "&") + "loginStatus=false", request));
 				if (log.isDebugEnabled()) {
 					log.debug("Security check failed for login request for " + userName);
 				}
@@ -470,7 +476,8 @@ protected static boolean handleLogin(CarbonUIAuthenticator authenticator,
 
             if (relayState != null && relayState.endsWith("-logout")) {
                 session.setAttribute(CarbonSecuredHttpContext.LOGGED_USER, request.getParameter("username"));
-                response.sendRedirect("/carbon/admin/logout_action.jsp");
+                response.sendRedirect( CarbonUIUtil.resolveAdminConsoleBaseURL("",
+                         "/carbon/admin/logout_action.jsp", request));
                 return false;
             }
 
@@ -479,8 +486,8 @@ protected static boolean handleLogin(CarbonUIAuthenticator authenticator,
                     indexPageURL = indexPageURL.substring(5);
                 }
 
-                response.sendRedirect(contextPath + indexPageURL
-                        + (indexPageURL.indexOf('?') == -1 ? "?" : "&") + "loginStatus=true");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath, indexPageURL
+                        + (indexPageURL.indexOf('?') == -1 ? "?" : "&") + "loginStatus=true", request));
             }
 
         } catch (AuthenticationException e) {
@@ -497,22 +504,26 @@ protected static boolean handleLogin(CarbonUIAuthenticator authenticator,
                 if (isLoginFailureReasonEnabled()) {
                     if (e.getCause().getMessage().contains(ACCOUNT_LOCK_ERROR_CODE) || e.getCause().getMessage()
                             .contains(ACCOUNT_LOCK_ERROR_MESSAGE)) {
-                        response.sendRedirect(contextPath + "/carbon/admin/login.jsp?loginStatus=false&errorCode=error" +
-                                ".code.17003");
+                        response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath,
+                                "/carbon/admin/login.jsp?loginStatus=false&errorCode=error" +
+                                ".code.17003", request));
                         return false;
                     } else if (e.getCause().getMessage().contains(USER_NOT_FOUND_ERROR_CODE)) {
-                        response.sendRedirect(contextPath + "/carbon/admin/login.jsp?loginStatus=false&errorCode=error.code.17001");
+                        response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath,
+                                "/carbon/admin/login.jsp?loginStatus=false&errorCode=error.code.17001", request));
                         return false;
                     } else if (e.getCause().getMessage().contains(INVALID_CREDENTIALS_ERROR_CODE)) {
-                        response.sendRedirect(contextPath + "/carbon/admin/login.jsp?loginStatus=false&errorCode=error.code.17002");
+                        response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath,
+                                "/carbon/admin/login.jsp?loginStatus=false&errorCode=error.code.17002", request));
                         return false;
                     }
                 }
                 if (httpLogin != null) {
                     response.sendRedirect(httpLogin + "?loginStatus=false");
                     return false;
                 } else {
-                    response.sendRedirect(contextPath + "/carbon/admin/login.jsp?loginStatus=false");
+                    response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(contextPath,
+                            "/carbon/admin/login.jsp?loginStatus=false", request));
                     return false;
                 }
             } catch (Exception e1) {
@@ -521,7 +532,8 @@ protected static boolean handleLogin(CarbonUIAuthenticator authenticator,
 
         } catch (Exception e) {
             log.error("error occurred while login", e);
-            response.sendRedirect("../../carbon/admin/login.jsp?loginStatus=failed");
+            response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL("",
+                    "carbon/admin/login.jsp?loginStatus=failed", request));
         }
 
         return false;
@@ -598,11 +610,13 @@ protected static int handleLoginPageRequest(String requestedURI, HttpServletRequ
                 	log.debug("User already authenticated. Redirecting to " + indexPageURL);
                 }
                 // redirect relative to the servlet container root
-                response.sendRedirect(context + "/carbon/admin/index.jsp");
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(context, "/carbon/admin/index.jsp",
+                        request));
                 return RETURN_FALSE;
             } else if ((isTryIt || isFileDownload) && !authenticated) {
                 if (isFileDownload) {
-                    response.sendRedirect(context + "/carbon/admin/index.jsp");
+                    response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(context, "/carbon/admin/index.jsp",
+                            request));
                 }
                 return RETURN_FALSE;
             } else if (requestedURI.indexOf("login_action.jsp") > -1 && !authenticated) {
@@ -644,7 +658,8 @@ protected static boolean escapeTenantWebAppRequests(boolean authenticated,
             // a tenant requesting login.jsp while not being authenticated
             // redirecting the tenant login page request to the root /carbon/admin/login.jsp
             // instead of tenant-aware login page
-            response.sendRedirect(context + "/carbon/admin/login.jsp");
+
+            response.sendRedirect(CarbonUIUtil.getAdminConsoleURL(context) + "/admin/login.jsp");
            	log.debug("Redirecting to /carbon/admin/login.jsp");
             return false;
         }

diff --git a/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUIUtil.java b/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUIUtil.java
@@ -18,6 +18,7 @@
 
 import java.net.MalformedURLException;
 import java.net.URL;
+import java.util.Arrays;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
@@ -43,6 +44,9 @@
 import org.wso2.carbon.utils.NetworkUtils;
 import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
 
+import static org.wso2.carbon.CarbonConstants.DEFAULT_HTTPS_PROXY_PORT;
+import static org.wso2.carbon.CarbonConstants.DEFAULT_HTTP_PROXY_PORT;
+
 /**
  * Utility class for Carbon UI
  */
@@ -198,6 +202,17 @@ public static String getAdminConsoleURL(HttpServletRequest request) {
      * @return The URL of the Admin Console
      */
     public static String getAdminConsoleURL(String context) {
+
+        return getAdminConsoleBaseURL(context) + "/carbon/";
+    }
+
+    /**
+     * Returns base URL to admin console.
+     *
+     * @param context Webapp context root of the Carbon webapp
+     * @return The base URL of the Admin Console
+     */
+    private static String getAdminConsoleBaseURL(String context) {
         // Hostname
         String hostName = "localhost";
         try {
@@ -238,8 +253,8 @@ public static String getAdminConsoleURL(String context) {
 
         String proxyContextPath = CarbonUtils.getProxyContextPath(false);
 
-        String adminConsoleURL =  "https://" + hostName + ":" + (httpsProxyPort != -1 ? httpsProxyPort : httpsPort) +
-                proxyContextPath + context + "/carbon/";
+        String adminConsoleURL =  "https://" + hostName + resolvePortForURLs(httpsProxyPort, httpsPort) +
+                proxyContextPath + context;
 
         if(log.isDebugEnabled()){
             log.debug("Generated admin console URL: " + adminConsoleURL);
@@ -248,6 +263,24 @@ public static String getAdminConsoleURL(String context) {
         return adminConsoleURL;
     }
 
+    /**
+     * Get a port to added to the URL.
+     *
+     * @param httpsProxyPort    Https proxy port.
+     * @param httpsPort         Https port.
+     * @return return the port to be added to the URL.
+     */
+    private static String resolvePortForURLs(int httpsProxyPort, int httpsPort) {
+
+        if (httpsProxyPort == DEFAULT_HTTP_PROXY_PORT || httpsProxyPort == DEFAULT_HTTPS_PROXY_PORT) {
+            return "";
+        }
+        if (httpsProxyPort != -1) {
+            return ":" + httpsProxyPort;
+        }
+        return ":" + httpsPort;
+    }
+
     /**
      * Get a ServerConfiguration Property
      *
@@ -510,4 +543,71 @@ public static String getDefaultManagementUIPath() {
     private static Object getDefaultHomePageProductParam() {
         return getProductParam(CarbonConstants.PRODUCT_XML_WSO2CARBON + CarbonConstants.DEFAULT_HOME_PAGE);
     }
+
+
+    /**
+     * Returns absolute URL of admin console webapp for given relative path
+     * if IS_RESOLVE_ABSOLUTE_URLS_ENABLED config is enabled.
+     *
+     * @param context       Webapp context root of the Carbon webapp.
+     * @param relativePath  Relative path of the Carbon webapp
+     * @param request       Request that used to redirect.
+     * @return absolute URL of admin console webapp for given relative path.
+     */
+    public static String resolveAdminConsoleBaseURL(String context, String relativePath, HttpServletRequest request) {
+
+        if (isResolveAbsoluteURLsEnabled()) {
+
+            // Removing any tailing "/" in the context.
+            context = getAdminConsoleBaseURL(context);
+            if (context.endsWith("/")) {
+                context = context.substring(0, context.length() - 1);
+            }
+
+            // Remove any tailing "/carbon" in context to build base URL.
+            if (context.endsWith("/carbon")) {
+                context = context.substring(0, context.length() - 7);
+            }
+
+            // Build relative path starting from root context.
+            List<String> splitPathList = new ArrayList<>(Arrays.asList(
+                    request.getContextPath().concat(request.getServletPath()).split("/")));
+            splitPathList.remove(0);
+            // If the request is a base URL, add the carbon as the root context.
+            if (splitPathList.isEmpty()) {
+                splitPathList.add("carbon");
+            }
+
+            // Replace ".." with the node of path directory.
+            int index = 0;
+            while (relativePath.contains("..")) {
+                relativePath = relativePath.replaceFirst("..", splitPathList.get(index));
+                index++;
+            }
+
+            // Add "/", if relative path is not starting with.
+            if (relativePath.charAt(0) != '/') {
+                relativePath = "/" + relativePath;
+            }
+        }
+
+        return context + relativePath;
+    }
+
+    /**
+     * Returns whether resolving absolute URL config is enabled or not.
+     *
+     * @return Resolving absolute URL config is enabled.
+     */
+    public static boolean isResolveAbsoluteURLsEnabled() {
+
+        String  isResolveAbsoluteURLsEnabled = CarbonUIServiceComponent.getServerConfiguration()
+                .getFirstProperty(CarbonConstants.IS_RESOLVE_ABSOLUTE_URLS_ENABLED);
+
+        if (isResolveAbsoluteURLsEnabled == null) {
+            return false;
+        }
+
+        return Boolean.parseBoolean(isResolveAbsoluteURLsEnabled);
+    }
 }
diff --git a/...ui/src/main/java/org/wso2/carbon/ui/transports/fileupload/AbstractFileUploadExecutor.java b/...ui/src/main/java/org/wso2/carbon/ui/transports/fileupload/AbstractFileUploadExecutor.java
@@ -29,6 +29,7 @@
 import org.wso2.carbon.base.ServerConfiguration;
 import org.wso2.carbon.core.common.UploadedFileItem;
 import org.wso2.carbon.ui.CarbonUIMessage;
+import org.wso2.carbon.ui.CarbonUIUtil;
 import org.wso2.carbon.ui.clients.FileUploadServiceClient;
 import org.wso2.carbon.ui.internal.CarbonUIServiceComponent;
 import org.wso2.carbon.utils.CarbonUtils;
@@ -481,9 +482,9 @@ protected boolean uploadArtifacts(HttpServletRequest request,
 
                     }
                 }
-                response.sendRedirect(getContextRoot(request) + "/carbon/service-mgt/index.jsp?message=Files have been uploaded "
+                response.sendRedirect(CarbonUIUtil.resolveAdminConsoleBaseURL(getContextRoot(request), "/carbon/service-mgt/index.jsp?message=Files have been uploaded "
                                       + "successfully. This page will be auto refreshed shortly with "
-                                      + "the status of the created " + utilityString + " service"); //TODO: why do we redirect to service-mgt ???
+                                      + "the status of the created " + utilityString + " service", request)); //TODO: why do we redirect to service-mgt ???
                 return true;
             } catch (RuntimeException e) {
                 throw e;