[opencms-dev] OpenCMS secure login to workplace with https and proxypass
Babak
babak at wjug.ca
Mon Oct 27 09:16:29 CET 2014
Hi Arash,
I tried following your document one more time and this time working with
no problem.
One of the problem was my virtual host config.
Some how the *:80 is not working on this VPS that I have and had to put
individual ip addresses for both ip and loopback in vhost config.
The only problem web site has, is accessing http://www.wjug.ca/ while
without www and http://wjug.ca is working with no problem.
This is what I have in virtual host config:
<VirtualHost 69.55.234.89:80 127.0.0.1:80>
ServerName wjug.ca
ServerAlias www.wjug.ca
Thank you very much for amazing document.
Thanks
On 10/26/2014 11:48 AM, Arash Kaffamanesh wrote:
> Under which user is tomcat running? do a "chown -R tomcat.tomcat
> /path/to/tomcat"
> It seems u have some permission problems:
>
>
> Forbidden
>
> You don't have permission to access / on this server.
>
>
>
>
>
> On Sun, Oct 26, 2014 at 5:44 PM, Arash Kaffamanesh <ak at cloudssky.com
> <mailto:ak at cloudssky.com>> wrote:
>
> Hi Babak,
>
> Without having the log files its not so easy to say what's going
> wrong.
> But perhaps for tomcat 6 you could try to set the context tag as
> following:
>
> <Context>
>
> <!-- Context sessionCookiePath="/" -->
>
> Some questions:
>
> On which operating are you?
> Is Tomcat listening on 8080 port? (http://wjug.ca:8080/ is dead)
> What does your jk.log, apache log (error log, access log),
> opencms.log say?
> Do you have adapted the vhost with the right path to your tomcat?
> did you used this vhost?
> http://cloudssky.com/.galleries/download/000-default
> Why not using tomcat 7?
>
> -Arash
>
>
>
>
> On Sun, Oct 26, 2014 at 5:08 PM, Babak <babak at wjug.ca
> <mailto:babak at wjug.ca>> wrote:
>
> Hi Arash,
>
> I followed your document step by step and configured mod_jk
> and mod_rewrite but there are problems.
>
> Can you please check below URLs and let me know what you think ?
>
> http://www.wjug.ca
> http://wjug.ca/welcome/index.html
>
>
> Thanks
> Babak
>
>
> On 10/26/2014 4:54 AM, Arash Kaffamanesh wrote:
>> Hi Babak,
>>
>> As I see you're using OpenCms 8.5 and tomcat 6 and I guess
>> the documentation for the mod_proxy on wiki for this
>> combination is outdated.
>> I highly recommend to use mod_jk and mod_rewrite with the ajp
>> connector (is much powerful and more configurable).
>>
>> Kind Regards,
>> Arash
>>
>>
>> On Sun, Oct 26, 2014 at 10:39 AM, Babak <babak at wjug.ca
>> <mailto:babak at wjug.ca>> wrote:
>>
>> Hi Arash,
>>
>> Thanks for the reply.
>>
>> I am running OpenCMS on my own server and not using Docker.
>>
>> Also I am not using mod_jk.
>>
>> I am using mod_proxy and ProxyPass to remove
>> /opencms/opencms/ and port from the url
>> but now want to exclude any uri that have /system/login/
>> but below directive to exclude is not working :
>> ProxyPass /system/login/ !
>>
>> I can access below link:
>> https://wjug.ca:8443/opencms/opencms/system/login/index.html
>>
>> but as soon as I click on Login, even without entering
>> user id or password, link will be forwarded to:
>> https://wjug.ca:8443/system/login/index.html
>>
>>
>> Thanks
>> Babak
>>
>>
>>
>> On 10/26/2014 2:38 AM, Arash Kaffamanesh wrote:
>>> Hi Babak,
>>>
>>> here is a short guide for OpenCms 8.x and 9.x on Ubuntu
>>> (and should work for any other linux distro) with
>>> mod_jk, mod_rewrite and ajp and it works with tomcat 7
>>> and apache 2.2:
>>>
>>> http://ow.ly/DlmBv
>>>
>>> By the way if you love docker, that opencms-stack-aio
>>> docker image is here:
>>> https://registry.hub.docker.com/u/cloudssky/opencms-stack-aio/
>>>
>>> HTH,
>>> Arash
>>>
>>>
>>>
>>> On Sun, Oct 26, 2014 at 7:49 AM, Babak <babak at wjug.ca
>>> <mailto:babak at wjug.ca>> wrote:
>>>
>>> I am following below document to secure workplace :
>>> http://www.opencms-wiki.org/wiki/Enforcing_SSL_Encryption_for_the_Opencms_workplace
>>>
>>> I can access workplace with https, but after login,
>>> because of ProxyPass directive in Apache config
>>> /opencms/opencms/ is removed and getting 404 error:
>>> HTTP Status 404 - /system/login/index.html
>>>
>>> I tried excluding /system/login/ from proxypass but
>>> still /opencms/opencms/ is being removed from URL
>>> and getting 404 errror.
>>>
>>> <VirtualHost ip:80>
>>>
>>> ProxyPass /system/login/ !
>>>
>>> </VirtualHost>
>>>
>>> Appreciate of any tip that might help fixing the
>>> problem.
>>>
>>> Thanks for help.
>>>
>>>
>>> On 10/24/2014 4:24 PM, Babak wrote:
>>>
>>> Hi
>>>
>>> I am using ProxyPass to remove /opencms/opencms/
>>> from my web site URL
>>> and every thing works fine.
>>>
>>> Now I need to enable secure login for workplace
>>> and already added below line to opencms-system.xml :
>>> <workplace-server>https://wjug.ca</workplace-server>
>>>
>>> However when I try to login I get below error:
>>> The requested URL /system/login/ was not found
>>> on this server.
>>>
>>> Is there something I am missing in my
>>> configuration ?
>>> has anyone setup secure workplace ?
>>>
>>> Thanks
>>>
>>> _______________________________________________
>>> This mail is sent to you from the opencms-dev
>>> mailing list
>>> To change your list options, or to unsubscribe
>>> from the list, please visit
>>> http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
>>>
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> This mail is sent to you from the opencms-dev
>>> mailing list
>>> To change your list options, or to unsubscribe from
>>> the list, please visit
>>> http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
>>>
>>>
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> This mail is sent to you from the opencms-dev mailing list
>>> To change your list options, or to unsubscribe from the list, please visit
>>> http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
>>>
>>>
>>>
>>
>>
>> _______________________________________________
>> This mail is sent to you from the opencms-dev mailing list
>> To change your list options, or to unsubscribe from the
>> list, please visit
>> http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> This mail is sent to you from the opencms-dev mailing list
>> To change your list options, or to unsubscribe from the list, please visit
>> http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
>>
>>
>>
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list,
> please visit
> http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20141027/08f54db8/attachment.htm>
More information about the opencms-dev
mailing list