fix: Provide the correct external URL in the ZUUL Gateway if AT-TLS i…

…s enabled (#3565) Signed-off-by: Pavel Jares <[email protected]> Signed-off-by: achmelo <[email protected]> Co-authored-by: achmelo <[email protected]>
zowe · May 27, 2024 · ef78150 · ef78150
1 parent 084f9b4
commit ef78150
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/gateway-package/src/main/resources/bin/start.sh b/gateway-package/src/main/resources/bin/start.sh
@@ -31,6 +31,7 @@
 # - ZWE_configs_heap_init
 # - ZWE_configs_apiml_catalog_serviceId
 # - ZWE_configs_apiml_gateway_timeoutMillis
+# - ZWE_configs_apiml_gateway_externalProtocol
 # - ZWE_configs_apiml_security_auth_provider
 # - ZWE_configs_apiml_security_allowtokenrefresh
 # - ZWE_configs_apiml_security_auth_zosmf_jwtAutoconfiguration
@@ -254,7 +255,7 @@ _BPX_JOBNAME=${ZWE_zowe_job_prefix}${GATEWAY_CODE} java \
     -Dapiml.service.discoveryServiceUrls=${ZWE_DISCOVERY_SERVICES_LIST} \
     -Dapiml.service.allowEncodedSlashes=${ZWE_configs_apiml_service_allowEncodedSlashes:-true} \
     -Dapiml.service.corsEnabled=${ZWE_configs_apiml_service_corsEnabled:-false} \
-    -Dapiml.service.externalUrl="${externalProtocol}://${ZWE_zowe_externalDomains_0}:${ZWE_zowe_externalPort}" \
+    -Dapiml.service.externalUrl="${ZWE_configs_apiml_gateway_externalProtocol:-${externalProtocol}}://${ZWE_zowe_externalDomains_0}:${ZWE_zowe_externalPort}" \
     -Dapiml.service.apimlId=${ZWE_configs_apimlId:-} \
     -Dapiml.catalog.serviceId=${APIML_GATEWAY_CATALOG_ID:-apicatalog} \
     -Dapiml.cache.storage.location=${ZWE_zowe_workspaceDirectory}/api-mediation/${ZWE_haInstance_id:-localhost} \

diff --git a/gateway-service/src/main/java/org/zowe/apiml/gateway/config/GatewayConfig.java b/gateway-service/src/main/java/org/zowe/apiml/gateway/config/GatewayConfig.java
@@ -87,6 +87,7 @@ public EurekaInstanceConfigBean eurekaInstanceConfigBean(InetUtils inetUtils,
             .parseInt(getEnabledPort(env));
 
         boolean isSecurePortEnabled = Boolean.parseBoolean(getProperty("server.ssl.enabled"));
+        boolean attls = Boolean.parseBoolean(getProperty("server.attls.enabled"));
         instance.setNonSecurePort(isSecurePortEnabled ? 0 : serverPort);
         instance.setNonSecurePortEnabled(!isSecurePortEnabled);
         instance.setSecurePort(isSecurePortEnabled ? serverPort : 0);
@@ -105,7 +106,7 @@ public EurekaInstanceConfigBean eurekaInstanceConfigBean(InetUtils inetUtils,
 
         String externalUrl = getProperty("apiml.service.external-url");
         if (!StringUtils.hasText(externalUrl)) {
-            externalUrl = (isSecurePortEnabled ? "https" : "http") + "://" + hostname + ":" + serverPort;
+            externalUrl = (isSecurePortEnabled || attls ? "https" : "http") + "://" + hostname + ":" + serverPort;
         }
         instance.getMetadataMap().put(SERVICE_EXTERNAL_URL, externalUrl);