I just installed flowable/all-in-one docker image in JElastic.
When accessing server.xxx/flowable-modeler a redirection is generated http://localhost:8080/flowable-idm/#/login?redirectOnAuthSuccess=true&redirectUrl=http://server.xxx/flowable-modeler/
The instance is not installed locally so the browser may not find it. How to manage these redirections ?
Thanks a lot
Looking from the comments the problem is that you can't set the environment variables because they contain -. The Flowable UI Applications use Spring Boot and you can benefit from the Spring Boot Relaxed Binding.
In this case the FLOWABLE_COMMON_APP_IDM_URL can be written like FLOWABLE_COMMON_APP_IDMURL and properly detected by the runtime
Related
I'm using authlib in my project. I have a local IDP setup using http atm.
For testing, this code is blocking me because my dev environment is http.
https://github.com/lepture/authlib/blob/master/authlib/client/oauth2.py#L155
I can carry on by commenting out the line. But, i think having a way to turn of https check is neater.
So, dose anyway know a way to turn off https check in Authlib ?
It can be solved by setting an environment:
AUTHLIB_INSECURE_TRANSPORT=true
This is not documented on client sections, it is documented on the server parts like https://docs.authlib.org/en/latest/flask/oauth2.html
Hokay… so…
I have a series of applications which are deployed to a single Tomcat application server. Let's call them appOne, appTwo and appFoo.
I am fronting these applications with an Apache reverse-proxy listening for appOne.mysite.com, appTwo.mysite.com and appFoo.mysite.com, and it effectively sends traffic where it needs to go using a pattern similar to the following:
<VirtualHost appOne.mysite.com:443>
[ ... ]
ProxyPass / http://serverOne.mysite.com:8080/appOne/
ProxyPass Reverse / http://serverOne.mysite.com:8080/appOne/
[ ... ]
</VirtualHost>
Because of how Tomcat works, each application is granted its own application context on serverOne.mysite.com:8080.
However, I don't want the user's to know they're hitting appOne, vs appFoo, so I want to hide it from the URL pattern reported by the browser.
Thus, a request for appOne.mysite.com should appear as appOne.mysite.com and not appOne.mysite.com/appOne/.
REJECTIONS
It's tempting to just rename the war file for an application to ROOT.war and deploy it because it automagically gets the root context. But in this case, each application should appear to be its own root context (isn't that part of why we use reverse-proxy configurations?).
It's also tempting to suggest that I turn off autoDeploy with Tomcat and provide custom context.xml files for each application… but that doesn't solve the issue of applications fighting over the root context designation and ends up being similar to renaming the war file just to get the context root.
It's also also tempting (see what I did there?) to suggest that I install multiple versions of Tomcat listening on unique ports… but this gets into complications with asking my organization to open firewall requests for different ports and I anticipate more and more of these applications popping up and sharing this Tomcat instance. (YAY for single threaded single points of failure!)
WHAT ABOUT…?
I have also considered that there could be programmatic methods I can recommend to the developers to make this more seamless, but I'm not as strong with Java DEV as I am with supporting it's infrastructure. I am open to suggestions here.
It's Possible…
It's entirely possible the answer is glaring me in the face and I don't see it because I've been staring at the problem for too long, or coming at it from the wrong angle.
How do we by pass this issue with SonarQube server v5.1 and firefox? Chrome & IE are working fine but firefox is not allowing to access the server in https mode. I looked at https://weakdh.org/sysadmin.html but I am not sure what server SonarQube uses and how to implement fix for this problem. Any help is appreciated. Thanks.
When a user wants to enable (or restrict) access to a SonarQube instance over HTTPS, the recommended way is to put it behind another WebServer she configures at will.
So, the way to go here, is to add an Apache, Nginx or whatever in front of the SQ instance and configure it according to the recommendations in the link you provided and generate a "safe" server certificate.
I fixed it by setting the following property in sonar.properties file.
sonar.web.https.ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA
I am trying to create a login module that could use facebook login too . I am using Jboss 7.1 as my server and i run it from inside eclipse and my OS is Ubuntu.
The problem now is that Facebook doesn't seem to accept requests when the url is of type say
http://localhost:8080/myApp/
and expects something of the form http://localhost.test/myApp.
(Testing facebook connect on localhost)
My problem is that I am not aware of how to change the above pattern (from localhost:8080 to say localhost.mysite) in JBOSS server.
Can someone let me know on how this has to be done.
Thanks
You can use the -b parameter to specify the bind address JBoss should use, see:
https://docs.jboss.org/author/display/AS71/Admin+Guide?_sscc=t
This switch should be available in the Eclipse JBoss Tools as well.
I discovered just recently that JBoss 7.x (as well as JBoss EAP 6) does not accept connections from outside if you don't specify the Host/IP-Address via the aforementioned parameter; even responses to web service requests it sends itself are not received.
If you want to change things like the web service endpoint host, port etc. you can do this via standalone.xml. For Web Services or ReST you simply specify subsections whose schema is defined by the XSDs located in the docs/schema folder (jboss-as-webservices_1_1, jboss-as-jaxrs_1_0 respectively ). For convenience (auto-completion, validation) you can put them into an XML catalog and registered the catalog within Eclipse.
So I'm not sure what the best way to accomplish this is, but basically I have a laptop that I use at work for Maven projects. It works fine when I'm at work, but as soon as I walk out of the door of their corporate proxy and maven server, I often have to do alot of hand-fudging of the settings.xml file when I'm at home if I'm not VPN'ed in:
We have a corporate-installed Maven Repository proxy server to store some of our own artifacts and handle being the middle-man for our commonly used artifacts.
We have an http proxy that we use for connecting to the outside world.
Both configurations have been handled by my settings.xml file for setting a single Nexus group and maven proxies. If I'm not connected to the VPN while away from the office, I have to muck around with the settings.xml each time I'm not on it, then switch it back when I am on it.
What solutions have anyone else found to handle this? I've been trying profiles to manage the proxy, but I can't seem to get it to work correctly, and it's starting to look pretty ugly. Are there some settings configurations that can detect when I'm not behind the proxy at work and not use the corporate proxy server or Maven server?
While I can think of some profile based solution to handle the proxy (basically, reading the <active> value from a property defined in a profile), this wouldn't be fully automated (the profile activation do not support network based stuff) unless you can find a file that is present or not depending on your location (in which case, you could use an existing/missing file trigger but this is kinda hacky). Anyway, this would solve only one part of the problem because mirrors can't be declared in profiles (see MNG-3525).
So, instead of trying to control this with a profile, my suggestion would be to use two settings.xml and to pass your settings-home.xml file with the -s command line option when you're at home.
Another option would be to automate the changes in your settings.xml with a script (Groovy would be a good choice as someone reported in MNG-3525).
I found a use environment variables to set nonProxyHosts together with proxy and noproxy shell aliases to be the most convenient solution when switching between networks with proxy and without it.
In settings.xml, configure proxy with
<host>proxy.corporation.int</host>
<port>8080</port>
<nonProxyHosts>${env.MAVEN_NONPROXY}</nonProxyHosts>
Then in ~/.profile set
export MAVEN_NONPROXY_PROXY='*.corporation.int|local.net|some.host.com'
export MAVEN_NONPROXY_NOPROXY='*'
alias proxy="export MAVEN_NONPROXY=\"$MAVEN_NONPROXY_PROXY\" && export all_proxy=http://proxy.corporation.int:8080"
alias noproxy="export MAVEN_NONPROXY=\"$MAVEN_NONPROXY_NOPROXY\" && unset all_proxy"
To do the switch when roaming, you would just execute from a shell:
[me#linuxbox me]$ proxy
or
[me#linuxbox me]$ noproxy
Obviously, both aliases proxy and noproxy can include much more changes than just setup of MAVEN_NOPROXY and all_proxy.
I was frustrated by the same problem: having to manually edit settings.xml when roaming between networks. So much in fact, that I wrote a Maven plugin that enables automatic discovery of proxy settings. The current implementation uses the proxy-vole library written by Bernd Rosstauscher to detect proxy settings based on OS configuration, browser, and environment settings.
I've just released the source code of the plugin on Github, under an Apache 2.0 license: https://github.com/volkertb/autoproxy-maven-plugin
You're welcome to give it a try and to see if it meets your needs. Any feedback or contributions are welcome!
(Note: you don't necessarily have to add the plugin to your project's POM. You can invoke it from the command line as well, after you've installed it. See the README on the site for more details.)
You can set MAVEN_OPTS when you need to activate a proxy:
export MAVEN_OPTS="-Dhttp.proxyHost=my-proxy-server -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=*.my.org -Dhttps.proxyHost=my-proxy-server -Dhttps.proxyPort=80 -Dhttps.nonProxyHosts=*.my.org"