I have deployed a Spring Boot application in Tomcat in Windows Server and it's accessible on browser via http://server-name:8080/app. Now, for end users I don't want them to hit the app at port 8080, so I have configured an IIS rewrite rule
<rule name="app" enabled="true" stopProcessing="false">
<match url="^app.*" />
<action type="Rewrite" url="http://server-name:8080/{R:0}" logRewriteUrl="true" />
</rule>
Now, when I hit http://server-name/app, it works, but the subsequent calls are going to http://server-name:8080/app.
I am not sure if there is a problem with the IIS rule since I ran the app.war using same application.properties as
java -jar app.war --server.port=8080 --spring.config.import=application.properties
The only caveat here is I am passing context path in properties as
server.servlet.context-path=/app
and in this scenario all the URL calls go without port 8080. If anyone have any insight or solution, please share.
Please NOTE: I can't host Tomcat on port 80 as there are other apps running on port 80 which uses the API from app deployed in Tomcat.
Related
My Tomcat server sits behind an Nginx reverse proxy.
I configured RemoteIpValve in Tomcat to replace hostname, port and scheme. Tomcat works on localhost:8080.
Tomcat valve (server.xml)
<Valve className="org.apache.catalina.valves.RemoteIpValve"
remoteIpHeader="x-forwarded-for"
protocolHeader="x-forwarded-proto"
proxiesHeader="x-forwarded-by" />
When i redirect from https://example.com/pages/MyForm.jsp to https://example.com/pages/MyForm.jsp?message=Something, it works correctly,
but when i try to redirect from https://example.com/pages/MyForm.jsp to https://example.com/pages/AnotherPage.jsp?message=Something the
site can't be reached.
Unlike the first example request, the second one displays port 8080 in the location of Response Headers.
location: https://example.com:8080/pages/AnotherPage.jsp?message=Something`
Request Method: GET
Is there any configuration that should be done in Nginx or Tomcat? How can i solve this problem?
I tried almost all internet and stackoverflow tips and no one didn't help me to open ports in Weblogic Server. My Weblogic server starts as windows service in windows server 2008 r2. In config.xml on the path
..user_projects\domains\%Any_app%\config\config.xml i added this string for each server in arguments -
<server-start>
<arguments>... -Xdebug -Xnoagent -Xrunjdwp:transport=dt_socket,address=1777,server=y,suspend=n ...
</arguments>
</server-start>
and i always check in cmd with netstate -a or telnet this port but it doesn't appear and doesn't work.
For the first, check your firewall - ensure that port is open.
Second, check config.xml again, then in administration console go to
Servers - Configuration - Listen Port - made modifications if needed.
Restart weblogic. Check if service is started, if not then modify windows service.
Read this article how to manage ports.
Change the port number with WLST, if it possible for you.
For me the solution was to edit regedit with my weblogic as win service. Path:HKEY_LOCAL_MACHINE/SYSTEM/services/%Name_of_service% and here u can edit settings
(add some strings in setting fields) and then restart machine with u server.
I have deployed an java web application using apache-tomcat-7.0.5 on particular server. Server ip is for example 192.168.0.145.
Below is the host entry I have done in server.xml in the tomcat's conf directory.
> <Host name="license.med.com" debug="0" appBase="" unpackWARs="false"
> autoDeploy="false">
> <Context path="" docBase="/data/LicenseData/setup/licenseGen/WebContent/" debug="0"
> reloadable="true" crossContext="false" />
> </Host>
After starting tomcat server when I try to access web app with URL http://192.168.0.145:10880/, it shows me home page of tomcat.
After doing below host entry in hosts file :
192.168.0.145 license.med.com
when I try to access web app with URL - http://license.med.com:10880/, it shows me home page of the application.
But I would like to access the application using Ip address only. I have tried many things but not able to access the same.
If I host the same using eclipse from my local machine, I am able to access it using IP address. But same is not possible for the server where I have deployed my application.
Please help and Thanks in advance for your suggestions.
Thanks
After going lots of trail and error as per the suggestions provided here and on other I finally found below solution :
I have added tag with the I on through I want to access the Site.
Below is the tag I have added :
<Alias>192.168.0.145</Alias>
Now I can access it with below URL :
http://192.168.0.145:10880/
Thanks all for your responses!!!
IIS is redirecting to Tomcat but SSL is not occurring, basically web page opens but AD user is not "captured" in the process.
Application triggers - "User not Informed" error which is a designed error when AD account is not registered in the system. In our tests users are registered so I can conclude windows authentication does not occurs correctly
I get browser error:
Generic Connector Communication Error:
Please check and adjust your setup:
Ensure that Tomcat is running on given host and port.
If this is a timeout error consider adjusting IIS timeout by changing executionTimeout attribute in web.config (see manual).
connection between Tomcat and IIS experienced error. Please check logat BonCodeAJP13.BonCodeAJP13ServerConnection.p_CreateConnection(BonCodeAJP13PacketCollection packetsToSend)
at BonCodeIIS.BonCodeCallHandler.ProcessRequest(HttpContext context)
Are there any extra settings should I run in IIS or some IIS logs I could check to confirm which AD user is actually accessing tomcat?
Important notes:
IIS8 (Windows SErver 2012) / apache-tomcat-7.0.64 / jdk-7u79-windows-x64
Tomcat service is impersonating (log on as) an AD service account which connects to a SQL 2012 database. Connection to the database occurs through Microsoft JDBC driver.
Only IIS root has a web.config file, application itself does not.
Anonymous + Windows Authentication (Kerberos) are enabled in IIS.
Please let me know of any other relevant information should I provide to help on this troubleshooting.
Thank you so much for all help!
BR
I was able to figure out the problem and fix it.
It was a misconfiguration on Tomcat server.xml "Connector" settings, Added up tomcatauthentication-"false" and now it works flawless.
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" tomcatAuthentication="false"/>
I'm facing a difficult setup where I have to configure single sign on, based on the logged in used on my tomcat application.
I already took some steps which allow me to login via single sign on directly on my tomcat application by using waffle.
I have 1 server where I have a tomcat running and a IIS running (but this IIS will move to another server in the same domain in the future).
I have the Tomcat running on port 8205 and the IIS configure to accept url's from authpoc.company.com. IIS does a redirect to localhost:8025 via URL Rewrite.
My web.xml from IIS
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="ReverseProxyInboundRule1">
<match url="(.*)" />
<action type="Rewrite" url="http://localhost:8205/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
What works
When opening the application directly on localhost:8205 on the server. I get a nice single sign on based on my domain user.
When opening the application directly on the ip of the server. 192.168.1.1:8205. I can log in but single sign on does not work anymore. This I don't understand. (edit: solved, this is a setting in Internet explorer, see SSO waffle asking username and password for more information)
What doesn't work
When redirecting from IIS, I don't get to login into my tomcat application. I have windows authentication enabled, with Negotiate and NTML enabled (in this sequence).
I read a lot on the internet but I can't find anyone with this particular setup. I don't really have the impression I'm doing something exotic.
One possiblity is that I should connect IIS via AJP instead of a much simpeler URL rewrite.
any help is welcome! Thanks
I got an answer on the google groups saying this is not possible because of the reverse proxy counting as a hop.
https://groups.google.com/forum/#!topic/waffle-users/VCaawJMD0Mw
I'm going to try another approach