I am developing a flex application with flex 4.1 sdk and java backend (runs on Glassfish 3.1 via http). For security reasons I decided to move my authentication process to https until a session id is obtained. Therefore I changed the filter settings to use ssl for login and logout pages(just two pages due to performance reasons. The data-size sent to client is large and I do not want to slow down the system). Glassfish forwarded these pages to 8181 port (which is HTTPS port). Everything is ok for the java part. However flex defines the 8181 port as a different domain and then problems arise. Due to flash's same-origin policy it cannot load the secured content. Normally a crossdomain.xml is the solution but I am accessing content of the same domain through a different port. What will be the solution ?
Probably not the best solution but create a subdomain that maps to 8181 and put a crossdomain.xml that will allow access from root domain.
Related
I'm developing a Java application (launched by Tomee) which needs to call, using JaxRS, an HTTPS server with its hostname, but the hostname is not resolved by the DNS.
In practice, my application creates a VM using Openstack API, so the IP address has been dynamically allocated during the lifetime of the application (which is why it's not solved by the DNS).
But I have to call an HTTPS server running on that VM, for which the certificate was signed using a given hostname, so I MUST call it with https://hostname, and not with https://ip_address...
I am not allowed to "play" with TLS configuration, by (for example) disabling Common Name check, so the only solution I see is to be able to "intercept" a DNS resolution request, to provide the good IP address to use.
The How to override DNS in HTTP connections in Java page shows a solution using Apache HttpClient - however, our microservice was entirely built on JaxRS, and I failed to find a way to do the same thing with it.
The client used is the v3.2.2 version of org.apache.cxf:cxf-rt-rs-client, provided by the Tomee we are based on.
Thanks for your attention!
So i have my site on hosting company, and this company support let encrypt certificate, so i generated it and now the site is running with https protocol.My server side(spring boot application web service oriented started on VPS) for this site is on another company. My questions are:
How can i use this generated certificate on my server side part,
is it possible, what should i do?
What i need to provide to the server, and all things that are needed the server to work?
When i was without the certificate everything worked perfect, but right now on the server side i get
java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens
and in the browser i get
net::ERR_SSL_PROTOCOL_ERROR,
when I`m trying the get resources from server.
From the hosting company i can get everything connected to the certificate
It seems that you are passing HTTPs traffic to web server which "talks" in plain HTTP.
Normally SSL termination is done on software like Apache HTTPD or Nginx.
Then you configure it to act as reverse proxy to your actual Spring boot application running in JVM.
You can also configure your JVM webserver (Jetty,Tomcat .. whatever you have) to use your Let's encrypt certificate, but I have doubt that certbot will be able to easily renew them.
I have a spring boot application (Spring Web) which has a tomcat server embedded into it (maven dependency). The application is a server and consists of several HTTP routes. This application is on my laptop. I would like to execute the application on my laptop, and be able to RESTful calls (e.g. GET, POST etc) to the server. How can I make requests to the server from my computer?
I've checked out several tutorials and they tend to use XAMP or another similar application so not sure on how to go about this. Thank you.
Once your war is deployed on your server, you can send any REST call to it using curl, a browser, or my personal favorite for testing is Postman as it circumvents cross-domain issues.
To make the REST call simply use the IP address of the server instead of localhost. You can get the IP address of the machine using ifconfig or whatsmyip.org
http://<IP address>/...
My goal is to have web servers that work on the default port so users don't have to type in a port #. Easy to do with LAMP stack, where A is apache... and no other web server exists. However, if I purchase general purpose hosting with Centos and I want to run
1) Gunicorn/NGINX for Python/Django -> access from example.com from outside (no port required to be entered by the web browser.
2) Spring framework in a Java EE container - Java EE defaults to port 8080 and other ports in that range but people just enter a domain name and expect it to work. -> So reachable from example2.com
3) Node.js - Reachable from example3.com
4) PHP apps such as WordPress, Drupal on LAMP - example3.com
Recommendations are appreciated.
My closest experience that seems to do this for example would be AWS with load balancer allowing access from public web - app servers accessible from only load balancer.
Thanks,
Bruce
You can use nearly any http server in front to do this kind of job.
bind everything (tomcat, nodejs, gunicorn, uwsgi, etc. pp.) to local http or file sockets and use the proxy feature of your favorite server to bundle them all on this host. With the naming of nginx: use different locations on one server and/or different server blocks with proper server names set to build your custom host.
A few servers:
nginx with proxy feature
apache2 supports setups like that, too if you use mod_proxy.
haproxy is another alternative
Finally it depends on your specific needs (and experiences) which setup to pick.
Edit: missed docker a little - but the same thing works for containers - except that you do not use file sockets, but make everything with (http) sockets in private or public nets.
In my J2ee based application which is deployed on Oracle Weblogic 11g AS, request comes from two Oracle HTTP Web Server. One is meant for Intranet and other is for Internet users. I want to figure out from whether request is coming from Internet web server or Intranet web server. Basis this, access of application being restricted.
Can we add some request header at Oracle HTTP Web Server side which can be check in servlet once request will reach to Application server?
Idea is that we'll add request header in both the web servers with different value. Once request will reach to application server, we'll check the value of this header and identify from which web server request is coming from. Accordingly access right will be provided to the users accessing the application from internet or intranet.
Please suggest if any other solution can meet the requirement.
You could separate the traffic using networks channel. (http://docs.oracle.com/cd/E23943_01/web.1111/e13701/network.htm)
For instance register a new HTTP channel for the WLS Managed Server and point one HTTP server to this new port.
Then you could implement a Weblogic filter the achieve the expected behavior. (http://weblogic-wonders.com/weblogic/2011/03/03/weblogic-connection-filters/)