Ignore:
Timestamp:
2018-09-07T19:39:40+12:00 (6 years ago)
Author:
ak19
Message:
  1. Since there's a chance that 127.0.0.1 isn't always the loopback address or may not always work, we allow this to be specified by the new property localhost.server.http in build.properties. Updating recently commited code that is affected by this and where I had been hardcoding 127.0.0.1. 2. Fixing up the port and now the server host name used by the solr extension: these should be the correct property names, which are localhost.port.http and the new localhost.server.http instead of tomcat.server and the default port for the default protocol, since all GS3 internal communications with solr are done through the local HTTP url, whatever the public URL (with default protocol, matching port and server name) might be. I also updated the get-solr-servlet-url target in build.xml to use the local http base URL (see point 3), so that solr building will work correctly. 3. build.xml now has 2 new targets, one to get the local http base URL and one to get the local http default servlet URL. Both also use the new localhost.server.http property, besides the recently introduced localhost.port.http property. 4. Now the default behaviour of util.pm::get_full_greenstone_url_prefix() is to call the new get-local-http-servlet-url ant target, since only activate.pl's servercontrol.pm helper module uses it. If you want util.pm::get_full_greenstone_url_prefix() to return the non-local (public) servlet URL, pass in 1 (true) for the new 3rd parameter. The important decision here is that activate will use the internal (i.e. local http) greenstone servlet URL to issue pinging and (de)activating commands, since localhost (specifically 127.0.0.1) over http is now always available and because a domain named server over https will create complications to do with certification checks by wget, when wget gets run by activate.pl. Alternatively, activate.pl/servercontrol.pm could run wget with the no-cert-checking flag or we could make wget check the GS3 https certificate if one exists. But all that is convoluted and unnecessary: we've so far always worked with http, and usually with localhost over the httpport, and activate.pl so far has worked well with this, so have some confidence that using the local http URL internally should still work, even if the default GS3 URL has been set up to be a public (https) URL.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/trunk/greenstone3/src/java/org/greenstone/util/ProtocolPortProperties.java

    r32429 r32432  
    6060    private boolean supportsHttps = false;
    6161    private String defaultPortPropertyName = "localhost.port.http";
     62    private String localHttpURL;
    6263
    6364    // default protocol if multiple supported
     
    8687    public boolean hadError() { return errorCode != ALL_CORRECT; }
    8788
    88     // Use 127.0.0.1 instead of localhost since localhost is unsafe (can be mapped
    89     // to something other than 127.0.0.1). See https://letsencrypt.org/docs/certificates-for-localhost/
     89    // returns the local http base URL, something like http://127.0.0.1:<httpPort>
    9090    public String getLocalHttpBaseAddress() {
    91     // httpPort is set during the constructor,
    92     // so knowing httpPort, we can set the internal/local access http URL:
    93     String portSuffix = httpPort.equals("80") ? "" : (":"+httpPort);
    94     return "http://127.0.0.1"+portSuffix;
    95    
     91    return localHttpURL;   
    9692    }
     93
    9794
    9895    // Constructor that will throw an Exception on ports/protocol configuration error or inconsistency
     
    116113    }
    117114   
     115    // Setting the internal/local access url, which has to be over http (see
     116    // https://letsencrypt.org/docs/certificates-for-localhost/)
     117    // localhost.server.http defaults to 127.0.0.1 instead of localhost, since
     118    // localhost is unsafe as it can be mapped to something other than 127.0.0.1.
     119    localHttpURL = "http://" + props.getProperty("localhost.server.http", "127.0.0.1");
     120    if(!httpPort.equals("80")) {
     121        localHttpURL = localHttpURL + ":" + httpPort;
     122    }
     123
    118124    String supportedProtocols = props.getProperty("server.protocols");
    119125    if(supportedProtocols == null || supportedProtocols.equals("")) {
Note: See TracChangeset for help on using the changeset viewer.