GlassFish admin console is blank after login.
In log file there is 2 messages:
"User [] from host 127.0.0.1 does not have administration access"
"SEC5054: Certificate has expired:"
Does anyone know why I am getting blank page?
Related
I am getting the following error in debug mode
[mschapv2] +group MS-CHAP {
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Creating challenge hash with username: tuser
[mschap] Client is using MS-CHAPv2 for tuser, we need NT-Password
[mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
I am pretty sure this is the issue. I am using OpenDJ as the backend ldap server and using freeradius with ldap. Please tell me if I would be missing anything or if there is a specific configuration I have to make. There is nothing network wise that is blocking ports. Note: I am using a Mac to authenticate.
Can you login locally on freeradius server with LDAP creds?
radtest $login $pass 127.0.0.1 10 $secret
If yes, you should probably stop freeradius service and run "freeradius -X" which show you debug from the server side.
Paste your sites-enabled/default config, do you have ms-chap uncommented there?
I installed shibboleth idp and i configured server.xml connector port 8443 to use idp.jsk for ssl connetion. When i navigated to http://localhost:8080/idp/profile/Status, page appears with "ok" , but when i navigate to https://localhost:8443/idp/status, page appears with "SSL connection error"
What can i do to fix this problem ?
I've set up a GCE CentOS7 highmem-8 and installed cpanel as root.
I've executed /scripts/build_cpnat
I've set the GCE Firewall rules to allow tcp:2083; tcp:2087; tcp:2089 (SSL ports)
When I go to whm.mydomain.host I am presented with the standard cPanel login after going through the standard "Your connection is not private" warning bypass. I login with root and password and it authenticates for just one second: you can see the authenticated green status for a second and then it takes me to 502 (Bad Gateway).
I'm at a loss. You're help would be much appreciated!
When deploy an application in the root (/) of my domain (when I set "Context Root:" like in image), Glassfish server administration console crash. After refresh instead the administration console appears the site that I have load in the root. (Why?). So I restart the service and all is ok: the new application run on root and on port 4848 there is the administration console. Why?, how to fix this?
(Console is on port 4848.
Site domain root is on port 8080 redirect by iptable on 80.)
Instead of setting the context-root to "/" I would recommend to set the default web-module under "server-config" -> "virtual server" -> "server" -> and select your app in "default web-module". Note that your app have to be deployed to select it there.
I would like to control when and where the admin service is accessible
How do I do one of the following (if possible)
Enable the admin console only from localhost (I know about disable-secure-admin, but still I don't want anyone to see the console login page when they add 4848 in the end)
I will use SSH tunnle to connect
Or, be able to use a certificate, so only certified clients will be able to even see the console
Or, be able on demand to start / stop the admin service when needed, not opening it to the outside world (e.g. start stop __asadmin virtual server)
Is any of the above possible?
Ok, I found it by guess-work
Solution to scenario #1
Make sure you have SSH tunnel on port 4848 first
Go to Configuration -> server-config -> Network Config -> Network Listeners -> admin-listener
Under the General tab, in the Address: field replace 0.0.0.0 to 127.0.0.1
Restart the server
Solution to scenario #3
I didn't find any command line way to enable / disable virtual servers, network listeners or protocols, but editing domain.xml shows that it's all there, just comment out and restart.
Use asadmin to update the The HTTP Network Listener named admin-listener.
asadmin enable-secure-admin-principal
"Instructs GlassFish Server, when secure admin is enabled, to accept admin requests from clients identified by the specified SSL certificate".
asadmin enable-secure-admin "enables secure admin (if it is not already enabled), optionally changing the alias used for DAS-to-instance admin messages or the alias used for instance-to-DAS admin messages". Also a good blog on the subject. This doesn't turn admin on/off, but enables/disables for remote access to the admin console without the complications of (1).