Ignore:
Timestamp:
2018-09-06T22:32:58+12:00 (6 years ago)
Author:
ak19
Message:

solr should only be accessible locally (from localhost, specifically 127.0.0.1) which means over http. This conflicted with the previous design of the properties file for working with http and/or https. Now we have tomcat.port.https and localhost.port.http, both always set. In place of server.protocol that used to contain the default protocol, we now have server.protocols which can be set to a comma separated list of one or both of http and https. Drastic restructuring followed. I think I've tested all but https certification stuff.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/trunk/greenstone3/src/java/org/greenstone/util/GlobalProperties.java

    r32357 r32429  
    3838    private static String gsdl3_writablehome = null;
    3939    private static String gsdl3_web_address = null;
    40     private static String full_gsdl3_web_address = null;
    41 
    42     private static String http_full_gsdl3_web_address = null;
    43     private static String https_full_gsdl3_web_address = null;
     40    private static String full_gsdl3_web_address = null; // for the default protocol
     41
     42    private static String http_full_gsdl3_web_address = null; // if http or both protocols supported
     43    private static String https_full_gsdl3_web_address = null; // if https or both protocols supported
     44
     45    // The locally accessible url such as for solr is always available at http://127.0.0.1:<httpPort>
     46    // regardless of whether http is listed as one of the server protocols
     47    private static String localhost_http_web_address = null;
    4448
    4549    /** get the value of the property 'key'. returns null if not found */
     
    8185    {
    8286        return full_gsdl3_web_address;
     87    }
     88
     89    public static String getLocalHttpBaseAddress()
     90    {
     91        return localhost_http_web_address;
    8392    }
    8493
     
    155164            String protocolSpecifier = null, hostSpecifier = null, portSpecifier = null, contextSpecifier = null;
    156165
    157             //protocol
     166            // default protocol
    158167            protocolSpecifier = properties.getProperty("server.protocol");
    159168            if (protocolSpecifier == null || protocolSpecifier.equals(""))
     
    180189            }
    181190
    182             //port
     191            //default port (port for the default protocol)
    183192            portSpecifier = properties.getProperty("tomcat.port"); // support for legacy tomcat.port?
    184             if(portSpecifier == null) {
    185                 portSpecifier = protocolSpecifier.startsWith("https") ? properties.getProperty("tomcat.port.https") : properties.getProperty("tomcat.port.http");
    186             }
    187193            if (portSpecifier == null || portSpecifier.equals("")
    188194                || (protocolSpecifier.equals("http://") && portSpecifier.equals("80"))
     
    214220            gsdl3_web_address = contextSpecifier;
    215221
     222            // Set the always available internal root address that is locally accessible (http://127.0.0.1:<httpPort>)
     223            // Used by solr.
     224            String httpPort = properties.getProperty("localhost.port.http");
     225            localhost_http_web_address = properties.getProperty("localhost.protocol.http") + "://"
     226                + properties.getProperty("localhost.server.http") // always uses 127.0.0.1 (not localhost, which can be modified and is therefore unsafe!)
     227                + httpPort;
     228
     229
     230
    216231            // set the http and https variants of the full web address, if they're meant to be available
    217             if(protocolSpecifier.startsWith("https")) { // check the default protocol, then set the address for the other protocol too
     232            // First check the default protocol, then set the web address for the other protocol too
     233            String supportedProtocols = properties.getProperty("server.protocols", "http");
     234            String isHttpRestrictedToLocal = properties.getProperty("restrict.http.to.local", "true");
     235
     236            if(protocolSpecifier.startsWith("https")) {
    218237                https_full_gsdl3_web_address = full_gsdl3_web_address;
    219238
    220                 // and set http version, if sufficient properties are available
    221                 String httpPort = properties.getProperty("tomcat.port.http");
    222                 if(httpPort != null && !httpPort.equals("")) {
     239                // and set http version of URL, if http is made public (if http is in server.protocols list)
     240                if(isHttpRestrictedToLocal.equals("false")) {               
    223241                http_full_gsdl3_web_address = "http://" + hostSpecifier + httpPort + contextSpecifier;
    224242                }
     
    226244                http_full_gsdl3_web_address = full_gsdl3_web_address;
    227245
    228                 // and set https version, if sufficient properties are available
    229                 String httpsPort = properties.getProperty("tomcat.port.https");
    230                 if(httpsPort != null && !httpsPort.equals("")) {
     246                // and set https version, if https enabled
     247                if(supportedProtocols.contains("https")) {
     248                String httpsPort = properties.getProperty("tomcat.port.https");
    231249                https_full_gsdl3_web_address = "https://" + hostSpecifier + httpsPort + contextSpecifier;
    232250                }
Note: See TracChangeset for help on using the changeset viewer.