Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTP listener in case where HTTPS is forbidden? #75

Open
mminks opened this issue Nov 8, 2018 · 1 comment
Open

HTTP listener in case where HTTPS is forbidden? #75

mminks opened this issue Nov 8, 2018 · 1 comment

Comments

@mminks
Copy link

mminks commented Nov 8, 2018

Description:

I'm wondering if it is still possible to deploy or configure the UI with a HTTP listener? I can find some hints that it should but no evidence so far. I live in an environment where HTTPS is a problem. A workaround would be to fake things that the UI accepts a login from a non-secure client. Because that's the main problem. The UI denies a login from HTTP.

Nevertheless, SSL termination at an earlier point in the infrastructure would be much better and easier to handle. I prefer to outsource SSL termination to a central place so all services would benefit from it.

Affected Product Version:

Stream Processor Status Dashboard 4.3.0

Steps to reproduce:

wso2.transport.http:
  transportProperties:
    - name: "server.bootstrap.socket.timeout"
      value: 60
    - name: "client.bootstrap.socket.timeout"
      value: 60
    - name: "latency.metrics.enabled"
      value: true

  listenerConfigurations:
    - id: "default-https"
      host: "0.0.0.0"
      port: 9643
      scheme: https
      keyStoreFile: "${carbon.home}/resources/security/wso2carbon.jks"
      keyStorePassword: wso2carbon
      certPass: wso2carbon

Changing things to something like this

  listenerConfigurations:
    - id: "default-https"
      host: "0.0.0.0"
      port: 9643
      scheme: https

doesn't work.

Caused by: org.wso2.carbon.uiserver.internal.exception.AppDeploymentEventListenerException: Cannot find any HTTPS transports to register web app 'portal'.

Related Issues:

#33
@this
Copy link
Member

this commented Oct 5, 2019

@mminks I'm not sure whether I understood your requirement correctly.
What you want is to disable HTTPS for a webapp, then it can be done by configuring a HTTP listenerConfiguration in the deploymet.yaml and configuring that to be used for your webapp.

e.g. deploymet.yaml

# Carbon UI server configurations
wso2.carbon-ui-server:
  apps:
    # configurations for the Portal app
    "portal":
      transportId: "for-portal-app"

# HTTP transport related configurations
wso2.transport.http:
  transportProperties:
    - name: "server.bootstrap.socket.timeout"
      value: 60
    - name: "client.bootstrap.socket.timeout"
      value: 60
    - name: "latency.metrics.enabled"
      value: true

  listenerConfigurations:
   # HTTP transport for the Portal web app
    - id: "for-portal-app"
      host: "0.0.0.0"
      port: 9090

  senderConfigurations:
    - id: "default-http-sender"

You can refer the Documentation section of PR #64 for more details.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mminks @this