I'm with a problem to configure the GZip in my Wildfly server used the following configuration on the server:
<subsystem xmlns="urn:jboss:domain:undertow:1.2">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="gzipFilter" predicate="path-suffix['.css'] or path-suffix['.js'] or path-suffix['.xhtml']"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="Wildfly 8"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow 1"/>
<gzip name="gzipFilter"/>
</filters>
</subsystem>
And became the Zip file of the request correctly, however I would like to set the minimum size for files to be zipped and what I'm hard, anyone know how to set the minimum size for the server do the zip before sends them to the customer?
Expanding on Alexander's answer I did some tests. Strangely enough the predicate to only compress files larger then 500 bytes is not min-content-size[500].
To configure it using jboss-cli.sh run this script:
/subsystem=undertow/configuration=filter/gzip=gzipFilter:add()
/subsystem=undertow/server=default-server/host=default-host/\
filter-ref=gzipFilter:add(predicate="not min-content-size[500]")
Note that the gzip filter will start to work after server reload. You can do this using cli's command :reload.
To test if the filter is enabled I used:
wget $MY_URL -S --header="accept-encoding: gzip" \
-O /dev/null 2>&1| grep Content-Encoding
There is a predicate in undertow min-content-size
so you can use predicate=min-content-size[500]
I found the available predicates here https://github.com/undertow-io/undertow/tree/master/core/src/main/java/io/undertow/predicate due to lack of documentation
It worked with the predicate:
predicate="exists['%{o,Content-Type}'] and regex[pattern='(?:application/javascript|text/css|text/html|text/xml|application/json)(;.*)?', value=%{o,Content-Type}, full-match=true]"
Related
I have setup an EJB client that can connect successfuly to remote+http://localhost:8080 without SSL/TLS.
Now I have created a truststore and keystore and followed the instructions in the Wildfly documentation here to setup SSL/TLS.
My wildfly-config.xml contains the following:
<authentication-client xmlns="urn:elytron:1.0">
<authentication-rules>
<rule use-configuration="default-config"/>
</authentication-rules>
<authentication-configurations>
<configuration name="default-config">
<set-user-name name="${user}"/>
<credentials>
<clear-password password="${password}"/>
</credentials>
<sasl-mechanism-selector selector="#ALL" />
<providers>
<use-service-loader />
</providers>
</configuration>
</authentication-configurations>
<key-stores>
<key-store name="im-keystore" type="JKS">
<file name="client.truststore"/>
<key-store-clear-password password="xxx"/>
</key-store>
</key-stores>
<ssl-contexts>
<ssl-context name="im-ssl-context">
<trust-store key-store-name="im-keystore"/>
<protocol names="TLSv1.2"/>
</ssl-context>
</ssl-contexts>
<ssl-context-rules>
<rule use-ssl-context="im-ssl-context"/>
</ssl-context-rules>
</authentication-client>
The server is configured as follows:
<tls>
<key-stores>
<key-store name="httpsKS">
<credential-reference clear-text="xxx"/>
<implementation type="JKS"/>
<file path="server.keystore" relative-to="jboss.server.config.dir"/>
</key-store>
</key-stores>
<key-managers>
<key-manager name="httpsKM" key-store="httpsKS">
<credential-reference clear-text="xxx"/>
</key-manager>
</key-managers>
<server-ssl-contexts>
<server-ssl-context name="httpsSSC" protocols="TLSv1.2" key-manager="httpsKM"/>
</server-ssl-contexts>
</tls>
and
<https-listener name="https" socket-binding="https" ssl-context="httpsSSC" enable-http2="true"/>
Now the ejb client throws the following exception when connecting to remote+https://localhost:8443:
LOG 2019-06-13T12:12:56Z [XNIO-1 task-1] TRACE org.jboss.remoting.endpoint - Registered exception result
org.xnio.http.UpgradeFailedException: Invalid response code 200
at org.xnio.http.HttpUpgrade$HttpUpgradeState$UpgradeResultListener.handleEvent(HttpUpgrade.java:471) ~[xnio-api-3.6.5.Final.jar:3.6.5.Final]
at org.xnio.http.HttpUpgrade$HttpUpgradeState$UpgradeResultListener.handleEvent(HttpUpgrade.java:400) ~[xnio-api-3.6.5.Final.jar:3.6.5.Final]
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) ~[xnio-api-3.6.5.Final.jar:3.6.5.Final]
at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) ~[xnio-api-3.6.5.Final.jar:3.6.5.Final]
at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) ~[xnio-nio-3.6.5.Final.jar:3.6.5.Final]
at org.xnio.nio.WorkerThread.run(WorkerThread.java:591) ~[xnio-nio-3.6.5.Final.jar:3.6.5.Final]
Any ideas?
It turned out, that an additional remoting connector was missing that points with connector-ref to the https-listener defined in the undertow subsection:
<subsystem xmlns="urn:jboss:domain:remoting:4.0">
<http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
<http-connector name="https-remoting-connector" connector-ref="https" security-realm="ApplicationRealm"/>
</subsystem>
I've blocked the http protocol(enabled https only) in wildfly 9.0 by changing below configuration
Changed connector-ref="default" to connector-ref="default-ssl"
<subsystem xmlns="urn:jboss:domain:remoting:3.0">
<endpoint worker="default"/>
<http-connector name="http-remoting-connector" connector-ref="default-ssl" security-realm="ApplicationRealm"/>
</subsystem>
Commented the http-listener
<subsystem xmlns="urn:jboss:domain:undertow:2.0">
<buffer-cache name="default"/>
<server name="default-server">
<!-- <http-listener name="default" socket-binding="http" redirect-socket="https"/> -->
<https-listener name="def.....
it worked..i am able to block the http and enabled https protocol access only. Ideally it should reject the http request. But, now problem is, whenever i am accessing the http://localhost:8080/MyWebApp/ , its rejecting the http request, but at the same time, web page is downloading a blank download file. why ???
Thanks.
You should redirect your http requests to https instead of disabling the http:
<connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http" redirect-port="443" />
Add a redirect handler in the handlers part, something along the way of:
<host name="other-host" alias="www.mysite.com, ${prop.value:default-alias}" default-web-module="something.war" disable-console-redirect="true">
<location name="/" handler="welcome-content">
<filter-ref name="redirects" predicate="!secure" />
</location>
<filter-ref name="headers"/>
</host>
</server>
...
https://myserver/'" redirect="true" />
My use case involves deployment of two different packages (war files) on a single Wildfly server.
In standalone-full.xml my socket-binding-group looks like this after addition of the extra socket as below
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
<socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
<socket-binding name="http" port="${jboss.http.port:8080}"/>
<socket-binding name="https" port="${jboss.https.port:8443}"/>
<socket-binding name="jacorb" interface="unsecure" port="3528"/>
<socket-binding name="jacorb-ssl" interface="unsecure" port="3529"/>
<socket-binding name="messaging-group" port="0" multicast-address="${jboss.messaging.group.address:231.7.7.7}" multicast-port="${jboss.messaging.group.port:9876}"/>
<socket-binding name="txn-recovery-environment" port="4712"/>
<socket-binding name="txn-status-manager" port="4713"/>
<socket-binding name="mylocal-internal" port="8099"/>
<outbound-socket-binding name="mail-smtp">
<remote-destination host="localhost" port="25"/>
</outbound-socket-binding>
</socket-binding-group>
In standalone-full.xml my Subsystem looks like this after addition of the external server as shown below
<subsystem xmlns="urn:jboss:domain:undertow:1.1">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
<single-sign-on path="/"/>
</host>
</server>
<server name="mylocal-internal-server">
<http-listener name="config-listener" socket-binding="mylocal-internal"/>
<host name="mylocal-host" alias="localhost2">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
<single-sign-on path="/"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="WildFly/8"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
</filters>
</subsystem>
Also my jboss-web.xml file for myapp war looks like the following
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web xmlns="http://www.jboss.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.jboss.com/xml/ns/javaee
http://www.jboss.org/j2ee/schema/jboss-web_8_0.xsd">
<context-root>/myapp</context-root>
<virtual-host>mylocal-host</virtual-host>
<server-instance>mylocal-internal-server</server-instance>
</jboss-web>
Everything deploys successfully when i upload and deploy the war file through admin console at 9990, but when i try accessing myapp on the new port 8099 then i am getting 404 Not Found error.
I am trying to access it like http://mydomain:8099/myapp
However if i deploy my war for port 8080 then it is available successfully at http://mydomain:8080/myapp
Please advice on this.
A bit of history for this answer taken from the comments to complete the picture.
The configuration setup for this question is taken from this existing off-site question and answer in the JBoss forums, which is a clear indication there is little wrong with the setup as it is; the proper configuration is in place, there is simply something that still needs to be re-configured in it. https://developer.jboss.org/message/857103
With a little comparison, the only difference that could be spotted was that the host alias configuration was different (localhost -> localhost2). However the source material in the above JBoss forum thread is not configured for production deployment, it is a setup for development on the localhost. This question IS about deploying the server in production behind a proper domain name. So that's where the missing link is to be found.
As this existing related stackoverflow question indicates, you need to put the proper host name in the alias to make it work. Wildfly / Undertow : Multiple aliases for one host
And that was ultimately the solution to this problem too; add the domain name to the host alias.
<host name="mylocal-host" alias="localhost2, my.domainname.com">
...
</host>
In my case (here), I had to add "default-host" for the virtual server (In addition to whatever is suggested in the other answer).
<server name="jolokia-server" default-host="jolokia-host">
Otherwise, I was not able to access the service on the different port from outside the system. Here you can find out the complete configuration.
I’m using Wildfly 9.0.0.CR2. How do I enable on-the-fly compilation of JSPs? I found this configuration in another thread
<subsystem xmlns="urn:jboss:domain:web:1.4" default-virtual-server="default-host" native="false">
<configuration>
<jsp-configuration development="true" check-interval="1" modification-test-interval="1" recompile-on-fail="true"/>
</configuration>
</subsystem>
but alas, it doesn’t work, result in gin the below exception when I restart my JBoss server …
14:23:05,224 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration
at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:131)
at org.jboss.as.server.ServerService.boot(ServerService.java:350)
at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:271)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[442,2]
Message: Unexpected element '{urn:jboss:domain:web:1.4}subsystem'
at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:108)
at org.jboss.staxmapper.XMLExtendedStreamReaderImpl.handleAny(XMLExtendedStreamReaderImpl.java:69)
at org.jboss.as.server.parsing.StandaloneXml.parseServerProfile(StandaloneXml.java:1199)
at org.jboss.as.server.parsing.StandaloneXml.readServerElement_1_4(StandaloneXml.java:457)
at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:144)
at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:106)
at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:110)
at org.jboss.staxmapper.XMLMapperImpl.parseDocument(XMLMapperImpl.java:69)
at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:123)
... 3 more
This is a XML parsing issue as evident by this error message javax.xml.stream.XMLStreamException: ParseError. The parsing failed for this particular line Unexpected element{urn:jboss:domain:web:1.4}subsystem.
You can look at the XML schema documents to figure out these types of XML parsing issues. The schemas are located under the docs folder of WildFly.
By the way you should use WildFly-9.0.1.Final build version as that is the latest release candidate build.
You will most likely need to make the changes to the undertow subsystem. I have updated an example below:
<subsystem xmlns="urn:jboss:domain:undertow:2.0">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
<servlet-container name="default">
<jsp-config development="true" check-interval="1" modification-test-interval="1" recompile-on-fail="true"/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="WildFly/9"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
</filters>
</subsystem>
I highly recommend using CLI to make such changes:
/subsystem=undertow/servlet-container=default/setting=jsp:write-attribute(name=development,value=true)
/subsystem=undertow/servlet-container=default/setting=jsp:write-attribute(name=recompile-on-fail,value=true)
/subsystem=undertow/servlet-container=default/setting=jsp:write-attribute(name=check-interval,value=1)
/subsystem=undertow/servlet-container=default/setting=jsp:write-attribute(name=modification-test-interval,value=1)
This way you can avoid these XML parsing errors without having to find the exact XML schemas.
Search subsystem and add this on jsp config
<subsystem xmlns="urn:jboss:domain:undertow:1.1"><br>. . . .<br> <servlet-container name="default" default-buffer-cache="default" stack-trace-on-error="local-only">
<jsp-config development="true" check-interval="1" modification-test-interval="1" recompile-on-fail="true"/>
Make sure you are loading the undertow extension. Otherwise the subsystem configuration can't load. Other than that your syntax is correct.
<extensions>
<!-- other extensions here -->
<extension module="org.wildfly.extension.undertow"/>
</extensions>
This is related to two posts -
Hosting multiple domains with WildFly (Undertow),
WildFly -> Undertow -> maping subdomain to war file not working
The workaround with creating/editing jboss-web.xml does not seem to be working.
I tried this workaround for my scenario where two virtual hosts are served exactly with the same WAR files, with no context-root configuration.
In wildfly/standalone/configuration/standalone.xml:
<host name="domain1" alias="domain1.rootdomain.com">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
<host name="domain2" alias="domain2.rootdomain.com">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
In jboss-web.xml:
<jboss-web>
<virtual-host>domain1</virtual-host>
<virtual-host>domain2</virtual-host>
</jboss-web>
During deploy/redeploy Wildfly complains that already one virtual-host tag was processed and the deployment/redeployment fails.
Is there any other solution for this problem?
I had the same problem for long time ago. My solution was to "merge" two host configurations in a single one, like:
<host name="domains1and2" alias="domain1.rootdomain.com, domain2.rootdomain.com">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
And then in jboss-web.xml:
<jboss-web>
<virtual-host>domain1and2</virtual-host>
</jboss-web>