I am trying to utilize the configuration files in Mac OS X Server instead of directly modifying Apache's site file to add a reverse proxy entry for the eXist XML database. The mapping should be from [http://example.com/exist] to [http://localhost:8080/exist].
eXist is up and running.
I have added the following plist file /Library/Server/Web/Config/apache2/webapps/org.exist-db.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<!-- See man pages for webapp.plist(5) and webappctl(8) for information about this example webapp.plist -->
<plist version="1.0">
<dict>
<key>includeFiles</key>
<array>
<!-- Include files are activated in virtual host when webapp is started -->
</array>
<key>launchKeys</key>
<array>
<!-- Launchd plists in /Applications/Server.app/Contents/ServerRoot/System/Library/LaunchDaemons are loaded when webapp is started -->
</array>
<key>name</key>
<string>org.exist-db</string>
<key>displayName</key>
<!-- Name shown in Server app -->
<string>eXist Open Source XML Database</string>
<key>proxies</key>
<!-- ProxyPass/ProxyPassReverse directives are activated when webapp is started -->
<dict>
<key>/exist</key>
<!-- Sets up a reverse proxy -->
<dict>
<key>keysAndValues</key>
<string/>
<key>path</key>
<string>/exist</string>
<key>urls</key>
<!-- URLs comprise a proxy_balancer group -->
<array>
<string>http://localhost:8080/exist</string>
</array>
</dict>
</dict>
<key>requiredModuleNames</key>
<array>
<!-- Apache plugin modules are enabled when webapp is started -->
<string>proxy_module</string>
</array>
<key>requiredWebAppNames</key>
<array>
<!-- Required web apps are started when this webapp is started -->
</array>
<key>installationIndicatorFilePath</key>
<!-- The presence of this file indicates web app is installed -->
<string>/Users/cahlander/eXist-trunk</string>
<key>sslPolicy</key>
<!-- Determines webapp SSL behavior -->
<integer>0</integer>
<!-- 0: default, UseSSLWhenEnabled -->
<!-- 1: UseSSLAlways -->
<!-- 2: UseSSLOnlyWhenCertificateIsTrustable -->
<!-- 3: UseSSLNever -->
<!-- 4: UseSSLAndNonSSL -->
</dict>
</plist>
running on the local server, going to http://example.com:8080/exist works, but from a different machine, going to http://example.com/exist does not. Also 'eXist Open Source XML Database' should be showing up as web app in the advanced settings. It is not. What am I doing wrong?
I have fixed all of the outstanding issues, but encountered a new one.
Only add the following as org.exist-db.plist to /Library/Server/Web/Config/apache2/webapps
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<!-- See man pages for webapp.plist(5) and webappctl(8) for information about this example webapp.plist -->
<plist version="1.0">
<dict>
<key>includeFiles</key>
<array/>
<key>launchKeys</key>
<array/>
<key>name</key>
<string>org.exist-db</string>
<key>displayName</key>
<!-- Name shown in Server app -->
<string>eXist Open Source XML Database</string>
<key>proxies</key>
<!-- ProxyPass/ProxyPassReverse directives are activated when webapp is started -->
<dict>
<key>/exist</key>
<!-- Sets up a reverse proxy -->
<dict>
<key>keysAndValues</key>
<string/>
<key>path</key>
<string>/exist</string>
<key>urls</key>
<!-- URLs comprise a proxy_balancer group -->
<array>
<string>http://localhost:8080/exist</string>
</array>
</dict>
</dict>
<key>requiredModuleNames</key>
<array>
<!-- Apache plugin modules are enabled when webapp is started -->
<string>proxy_module</string>
</array>
<key>requiredWebAppNames</key>
<array>
<!-- Required web apps are started when this webapp is started -->
</array>
<key>startCommand</key>
<string>/Users/cahlander/eXist-trunk/tools/wrapper/bin/exist.sh start</string>
<key>stopCommand</key>
<string>/Users/cahlander/eXist-trunk/tools/wrapper/bin/exist.sh stop</string>
<key>installationIndicatorFilePath</key>
<!-- The presence of this file indicates web app is installed -->
<string>/Users/cahlander/eXist-trunk/VERSION.txt</string>
<key>sslPolicy</key>
<!-- Determines webapp SSL behavior -->
<integer>0</integer>
<!-- 0: default, UseSSLWhenEnabled -->
<!-- 1: UseSSLAlways -->
<!-- 2: UseSSLOnlyWhenCertificateIsTrustable -->
<!-- 3: UseSSLNever -->
<!-- 4: UseSSLAndNonSSL -->
</dict>
</plist>
It starts, but does not stop. The entry does show in the advanced settings. It does not stop from the GUI.
The following command-line entries will work, but I did get a corruption after I stopped and restarted.
sudo webappctl start org.exist-db
sudo webappctl stop org.exist-db
Related
I am trying to configure App Transport security, but I am always getting a response from Security Scan that it is not properly configured. I am using Appcelerator SDK 7.0.1 for iOS.
Scan result:
App Transport Security
App Transport Security (ATS), which is a networking security feature that ensures network connections employ the most secure protocols and ciphers, was found to be misconfigured.
NSAllowsArbitraryLoads set YES
This is a part of my tiapp.xml
<property name="ios.whitelist.appcelerator.com" type="bool">false</property>
<ios>
<enable-launch-screen-storyboard>true</enable-launch-screen-storyboard>
<use-app-thinning>true</use-app-thinning>
<plist>
<dict>
<key>UISupportedInterfaceOrientations~iphone</key>
<array>
<string>UIInterfaceOrientationPortrait</string>
</array>
<key>UISupportedInterfaceOrientations~ipad</key>
<array>
<string>UIInterfaceOrientationPortrait</string>
<string>UIInterfaceOrientationPortraitUpsideDown</string>
</array>
<key>UIRequiresPersistentWiFi</key>
<false/>
<key>UIPrerenderedIcon</key>
<false/>
<key>UIStatusBarHidden</key>
<false/>
<key>UIStatusBarStyle</key>
<string>UIStatusBarStyleDefault</string>
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
</dict>
</plist>
</ios>
It is done as specified in documentation:
http://docs.appcelerator.com/platform/latest/#!/api/Titanium.Network
What am I doing wrong? Thanks in advance for help.
Setting NSAllowsArbitraryLoads to true disables ATS, meaning that all URL's will be allowed and no restriction is configured. This is how it is configured by default in Titanium, to ensure backwards compatibility for apps upgrading to newer SDK versions. It can be overridden to either specify allowed domains (whitelisting) or by disabling NSAllowsArbitraryLoads.
The docs are still incorrect as Nirman pointed, so I just updated them (as I couldn't find the pull request mentioned earlier).
We need to set NSAllowsArbitraryLoads key to NO to enable ATS and get rid of the security warning.
I think the documentation is wrong. I have submitted a CR on github to update the doc page.
I have tried all the methods of here for solving the problem of: "Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file."
But if I try for example adding this in my plist file:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>www.myserver.com</key>
<dict>
<!--Include to allow subdomains-->
<key>NSIncludesSubdomains</key>
<true/>
<!--Include to allow HTTP requests-->
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<!--Include to specify minimum TLS version-->
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
</dict>
</dict>
I get an error:"Unsupported URL", where in this case my link, looks like this:
let url:NSURL = NSURL(string: "www.myserver.com/jsonsignup.php")
But if I would use:
let url:NSURL = NSURL(string: "http://www.myserver.com/jsonsignup.php")
I would get the same error of Transport Security as mentioned above.
Any help?
I had the same issue. I tried adding it to info.plist but it did not work for me either. So I tried this and it worked.
Click on your project name in the "Project Navigator" then click on info. And add it there. See highlighted.
Before I tried selecting the plist from my project navigator under supporting files and for some reason it did not work. The above should work for you.
Note: This will allow all connections.
Are you using http://request ? then add following code in your .plist file.
<key>NSAppTransportSecurity</key>
<dict>
<!--Include to allow all connections (DANGER)-->
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
I hope it's work for you.
I have an app that gets info from another programmer's app via AppleScript and uses it to turn a motor via serial port.
I'd like my app to be visible (on top) when the other app is. Docked? Child? Is this even possible? I'm from a Win background, and still a newbie to Mac, so I'm not sure I asked the right question....
I don't have access to the other program's source. The author may be willing to provide something via scripting.
You can create launch agent with KeepAlive + OtherJobEnabled key.
OtherJobEnabled
Each key in this dictionary is the label of another job. If the value of the key is true, then
this job is kept alive as long as that other job is enabled. Otherwise, if the value is false,
then this job is kept alive as long as the other job is disabled.
Create launchctl plist and place that plist inside /Library/LaunchAgents directory or ~/Library/LaunchAgents directory (to be invoked just for this user).
Plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>appName</string>
<key>KeepAlive</key>
<dict>
<key>OtherJobEnabled</key>
<dict>
<key> labelof_another_job</key>
<true/>
</dict>
</dict>
<key>ProgramArguments</key>
<array>
<string>yourApp.app/Contents/MacOS/yourApp</string>
</array>
</dict>
</plist>
Now open terminal and run
launchctl load pathToplistFile // use sudo if file is in /Library/LaunchAgents
I am trying to create a Finder context menu item using a service (as described here: Writing a Snow Leopard Service for Finder.app )
However, I wish to add a context menu entry for folders only.
Whenever I put the following code in my .plist file:
<key>NSServices</key>
<array>
<dict>
<key>NSMenuItem</key>
<dict>
<key>default</key>
<string>Service Handling Demo</string>
</dict>
<key>NSMessage</key>
<string>handleServices</string> <!-- This specifies the selector -->
<key>NSPortName</key>
<string>Tmp</string> <!-- This is the name of the app -->
<key>NSSendTypes</key>
<array>
<string>NSFilenamesPboardType</string>
</array>
</dict>
</array>
Everything works fine, I can select my service in the Services tab (keyborad shourtcuts) and run it.
However, if I try to use the service for folders:
<key>NSServices</key>
<array>
<dict>
<key>NSMenuItem</key>
<dict>
<key>default</key>
<string>Service Handling Demo</string>
</dict>
<key>NSMessage</key>
<string>handleServices</string> <!-- This specifies the selector -->
<key>NSPortName</key>
<string>Tmp</string> <!-- This is the name of the app -->
<key>NSSendFileTypes</key>
<array>
<string>public.directory</string>
</array>
<key>NSSendTypes</key>
<array>
<string>NSStringPboardType</string>
</array>
</dict>
</array>
The service does not appear in the keyboard shortcuts' menu and of course is not visible in finder...
What am I missing?
Add the following code to the .plist:
<key>NSServices</key>
<array>
<dict>
<key>NSMenuItem</key>
<dict>
<key>default</key>
<string>Folder Handling Demo</string>
</dict>
<key>NSMessage</key>
<string>handleServices</string> <!-- This specifies the selector -->
<key>NSPortName</key>
<string>Tmp</string> <!-- This is the name of the app -->
<!-- Here we're limiting where the service will appear. -->
<key>NSRequiredContext</key>
<dict>
<key>NSTextContent</key>
<string>FilePath</string>
</dict>
<!-- This service is only really useful from the Finder. So
we want the finder only to send us the URI "public.directory"
which *will* include packages (on the off-chance you want to
see the full package directory name) -->
<key>NSSendFileTypes</key>
<array>
<!-- Check out "System-Declared Uniform Type Identifiers"
in the Apple documentation for the various UTI types.
In this example, all we want is a directory, which is
a super-type to other types (e.g. public.folder) -->
<string>public.folder</string>
</array>
</dict>
And the service will appear under "Files and Folders" group in the services list (keyboard shortcuts tab).
I create a plist that looks like this:
<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd\">
<!-- My version "1.2.3" -->
<plist version=\"1.0\">
<dict>
<key>Disabled</key>
<false/>
<key>Label</key>
<string>MyPlistName</string>
<key>ProgramArguments</key>
<array>
<string>MyDaemonBinPath</string>
<string>-log</string>
<string>MyLogLevel</string>
<string>-launchd</string>
</array>
<key>Sockets</key>
<dict>
<key>Listeners</key>
<dict>
<key>SockFamily</key>
<string>Unix</string>
<key>SockPathMode</key>
<integer>438</integer>
<key>SockPathName</key>
<string>MySocketName</string>
</dict>
</dict>
<key>StandardErrorPath</key>
<string>MySTDERRLogPath</string>
<key>WaitForDebugger</key>
<false/>
<key>inetdCompatibility</key>
<dict>
<key>Wait</key>
<false/>
</dict>
</dict>
</plist>
I place it in /Library/LaunchDaemons
I then run the command:
/bin/launchctl unload /Library/LaunchDaemons/MyPlistName.plist
/bin/launchctl load /Library/LaunchDaemons/MyPlistName.plist
My daemon does launch when I connect to the socket specified in the plist and when I type:
launchctl list
The daemon is registered but when I log out and log back in and ask for the list again, it's no longer registered and I can't launch my daemon by connecting to the socket
Is there some special permissions I need to be setting on the plist or the daemon to get this to persist between sessions?
Did you check your /var/log/system.log for errors? Regular plists in /Library/LaunchDaemons/ are run as root on boot-up. You might want to check sudo launchctl list to see whether they run. If not, you might need to change the ownership / read+write attributes of the plists to match root. Finally, you could include the following to improve logging:
<key>StandardErrorPath</key>
<string>/logs/launchd_myprogram_stderr.log</string>
<key>StandardOutPath</key>
<string>/logs/launchd_myprogram_stdout.log</string>