[opencms-dev] Big problem with remove :8080/context/servlet with SSL

Stephan Hartmann hartmann at metamesh.de
Thu May 28 18:56:22 CEST 2009


Deiverson,

we encountered this problem when the workpalce server name (including 
protocol and port) is the same as any secure server name.
As you could figure out the problem vanished when you changed the 
worplace server name to plain HTTP and so it will do when you change the 
secure server name of your site.

Regards,
Stephan


Deiverson Silveira schrieb:
> Hello List,
>
> I am facing a very strange problem here, to remove: 
> 8080/context/servlet/ with SSL.
>
> I removed the <vfs-prefix></vfs-prefix> CONTEXT_NAME and SERVLET_NAME, 
> and configure for using secure in opencms-system.xml for SSL,
> but if I try to access http://localhost/system/login, the system 
> redirects to https://localhost/system/login/index.html and 404 occur.
> If I add https://localhost/context/servlet/system/login/index.html the 
> system displays the secure page to login, but it does not refer to
> the meeting, it is strange that I removed the CONTEXT_NAME, and the 
> SERVLET_NAME file opencms-importexport.xml.
>
> Why when configured to use https, he insists on searching (add) for 
> context/servlet and the page is loaded, which removed the
> opencms-importexport.xml? From where he is reading this information?
>
> My environment is:
> Apache 2.2.11
> JBoss 4.2.1
> SQL Server 2003
> Windows Server 2003
> JDK 5
>
> I followed the tutorial from Sebastian Himberg, and successfully 
> managed to remove: 8080/context/servlet /, but now I need implement SSL.
>
> To implement the SSL 3 I follow these guidelines:
>
> http://www.pomegranate.de:9000/cms/forum/viewthread?thread=11
> http://opencms-forum.de/opencms-forum/viewthread?thread=1559
> http://opencms-forum.de/opencms-forum/viewthread?thread=1888
>
> I will describe now how are my files:
> - File Httpd.conf:
> Uncomment the following lines:
>
> LoadModule proxy_module modules/mod_proxy.so
> LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
> LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
> LoadModule proxy_connect_module modules/mod_proxy_connect.so
> LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
> LoadModule proxy_http_module modules/mod_proxy_http.so
> LoadModule rewrite_module modules/mod_rewrite.so
> LoadModule ssl_module modules/mod_ssl.so
>
> Include conf/extra/httpd-vhosts.conf
>
> I do not uncomment, for that is that JBoss/OpenCms is responsible for 
> doing/managing a SSL connection:
> #Include conf/extra/httpd-ssl.conf
>
> - File httpd-vhosts.conf:
> <VirtualHost *:80>
>
>   ServerName localhost
>   DocumentRoot c:\jboss-421\server\default\deploy\myproject.war
>  
>   <Proxy ajp://localhost:18009*>
>      Allow from all
>   </Proxy>
>  
>   ProxyPass /myproject/          ajp://localhost:8009/myproject/
>   ProxyPassReverse /myproject/   ajp://localhost:8009/myproject/
>  
>   ProxyPass /          ajp://localhost:8009/myproject/opencms/
>   ProxyPassReverse /   ajp://localhost:8009/myproject/opencms/ 
>  
> </VirtualHost>
>
> - File opencms-importexport.xml
> <vfs-prefix></vfs-prefix>
> But if I go back to <vfs-prefix> $(CONTEXT_NAME)$(SERVLET_NAME)</ 
> vfs-prefix> and try to get http://localhost/context/servlet/system/login
> the system redirects to https://localhost/context/servlet/system/ 
> login and I can enter the environment via https, but I need to remove the
> context and servlet
>
> - File opencms-system.xml
>     <sites>
>       <workplace-server>https://localhost/</workplace-server>
>       <default-uri>/sites/default/</default-uri>
>       <site server="http://localhost/" uri="/sites/default/">
>         <secure server="https://localhost/" exclusive="true" 
> error="false" />       
>       </site>
>     </sites>
>    
> I tried to do all this setup using the port 8443 and then 18443 
> (Changing in server.xml)
> If I change <workplace-server>https://localhost/</workplace-server> to 
> http, not use https, I can log normal http://localhost/system/login
> but not via SSL.
>
> - File server.xml (jboss-web.deployer/server.xml) to secure port:
>
> <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
>                maxThreads="150" scheme="https" secure="true"
>                clientAuth="false" sslProtocol="TLS"
>                keystoreFile="c:\mykey.keystore"
>                keystorePass="test123456"               
>                />
>               
>     <Connector port="8009" address="${jboss.bind.address}" 
> protocol="AJP/1.3"
>          emptySessionPath="true" enableLookups="false" 
> redirectPort="443" />
>       <Engine name="jboss.web" defaultHost="localhost">              
>      
>     <Connector port="8090" address="${jboss.bind.address}"   
>          maxThreads="250" maxHttpHeaderSize="8192"
>          emptySessionPath="true" protocol="HTTP/1.1"
>          enableLookups="false" redirectPort="443" acceptCount="100"
>          connectionTimeout="20000" disableUploadTimeout="true" />     
>          
> It was in these places that I swapped the ports SSL.
>
> If I make SSL configuration and remove the context/servlet in 
> opencms-importexport.xml the site works, I surf, but the login page
> does not work, gives the 404 error and redirect to 
> https://localhost/system/login/index.html, but if I try 
> https://localhost/context/servlet/system/login,
> the page is rendered, but can not login, when you run submit, the 404, 
> the putting context/servlet when I try to make a secure connection?
>
> I tried another scenario, keep the $CONTEXT_NAME and SERVLET_NAME the 
> VFS (opencms-importexport.xml) then does the secure connection, the 
> login,
> OK, WORK ALL, but get https://localhost/context/servlet/system/login 
> ... dont work remove context/servlet with SSL
>
> Someone already faced this kind of difficulty or see any solution?
>
> Forgive me the great email, but I do not know who to rely more
>  
> King Regards,
>
> Deiverson Silveira
> Developer OpenCms Brazilian
> ------------------------------------------------------------------------
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev




More information about the opencms-dev mailing list