How would I go about configuring Geoserver to only load from an https address? I have been combing the web and cannot find any solution.
I think that this question is not exactly related to geoserver.
You should configure your java application server (tomcat or whatever) to use https. Geoserver will inherit that configuration
If you are using tomcat you can try to follow this instructions. Or as stated in the comments, now geoserver doc also includes how to configure tomcat for ssl.
If you make use of a proxy, e.g. Nginx. Make sure to set the correct Proxy Url in GeoServer. If not set correctly, GeoServer will advertise with HTTP when asked for it's capabilities. You can check it yourself by opening WMS_MS_Capabilities.dtd in your browser.
https://youserver.com/geoserver/schemas/wms/1.1.1/WMS_MS_Capabilities.dtd
or
https://youserver.com/schemas/wms/1.1.1/WMS_MS_Capabilities.dtd
Related
I work with proof of concept web application, and have to create login/password authentication. For now security is not a matter, but further in production it will be important. My first question: Should I already configure TomCAT with SSL certificate to work via HTTPS? Is this somehow affects servlet implementation? Can I just develop everything using http, and just switch to https on production?
I think web application should work with any HTTP or HTTPs and this depends only on servlet container (TomCAT) setup, but I am not sure. Now I work with Oracle manual with some changes, especially in sense of TomCAT 8 and annotations use.
Also, please note some parts of my application will use websocket protocol.
Thanks.
I have been trying to find a way of easily telling if a Java Server has SSL enabled from JSP to redirect a single page. My reasoning for this is that I only want to forward to SSL if it is enabled making it easy to test in our local dev systems without having to set up the certificates and then deploy to our release system and have the certificates just "work."
I have looked at attempting to create a SslSocketFactory and seeing if it works without an exception being thrown, but this doesn't appear to work as I thought. I do not particularly like this method however since I have to spend the time createing the factory to only throw it away. I'm really just looking for a public boolean isSslEnabled() method call that I can use.
Currently what we have is that the default state is to not use HTTPS, but when on the release system you can access the site via HTTPS. This isn't ideal since a user could still access the site over HTTP and everything would then be sent in the clear. I'm also not looking to encrypt the whole server, just a single page if SSL is enabled.
Your Java code shouldnt be concerned whether SSL is enabled or not. Try to leave his to configuration only.
If you have setup your SSL requirements inside your web.xml, then your developers can override their local web.xml for their local server requirements (eg eclipse).
If your concerned about SSL for you per-production servers its best to create your own Certificate Authority and generate your own SSL certificates. This so that you can deploy the exact same EAR or WAR to pre-prod and production environments. You don't want to fiddle you deployment per environment.
Jboss SSL config
Tomcat SSL config
What I ended up doing was moving all the SSL redirect/enforcement into Apache instead of worrying about it in Tomcat. I am running Tomcat behind Apache and it seems that this was the best solution in order to get the forced SSL. I used the mod_rewrite in Apache to enforce the rules and it appears to be working like a charm.
I have an Amazon ELB for my domain www.example.com. At the moment there is one instance behind the ELB running a web app on JBoss 6.0. I want to be able to redirect the user from and to http and https depending on the path. There are three paths only that require https and the other paths should only be accessed through http. I am able to do the redirect to https for the three paths (using web.xml) but not the redirection back to http for the other paths.
I am not using the apache server in front of JBoss so I want to achieve everything through plain Java and JBoss. I want to either use the web.xml or the urlrewritefilter but preferably not both.
Any advice would be greatly appreciated.
Regards
You can use the JBoss official rewrite module which lets you use Apache style rewrite syntax in a rewrite.properties file.
Can one use mod_pagespeed with tomcat application server? directly or indirectly?
Am i correct in stating that you can use mod_pagespeed with tomcat if you use apache webserver as a proxy to tomcat webserver? (does this work with mod_jk?)
You can use mod_pagespeed with Tomcat. You're right that you'll need to use Apache as a proxy to Tomcat. I know that it definitely works with mod_jk since we use it in production. I assume it also works with mod_proxy and mod_proxy_ajp, however I can't confirm those.
I am developing an web app using java/j2ee as middle ware and Mysql 5.1 as database. I have to deploy it on AWS-EC2 server.
My questions are:
How do I create the build
How do I deploy on ec2 server?
I am using Apache Tomcat-6. Should I use any other server like Apache2 as web-server?
Use WTP to create a Dynamic Web Module project.
Use AWS Toolkit for Eclipse
That's pretty terse, but you'll need so many more details that it's pointless to list them here. Read the docs, then come back with specific questions :)
Whether you need Apache2 in front of Tomcat depends on your requirements. If you need it you'll know it :) Things that you might want to punt off on Apache2:
SSL
Static content
URL rewriting
If you are just planning to do every thing manually. You should read this manual http://docs.amazonwebservices.com/AWSEC2/latest/GettingStartedGuide/
Basically,
You need to create an AMI instance of platform of your choice. (Win/Unix-based).
Configure it with the software that you need. In your case, Tomcat-6 and MySQL-5.1. Configure them. Set Schema etc.
Upload your WAR file to the instance and deploy to Tomcat-6.
Make sure Tomcat port (8080 or whatever you've configured) is open. You can configure this from AWS console's Security Group setting.
Use the instance's Public DNS to access your app. Public DNS can be found from AWS console.
There are many freely available, pre-configured AMI available. Since your setting is one of the most common one. I am sure you will get one and skip Step#2.