Disabling use of https on OfBiz servers
Locked
Disabling use of https on OfBiz servers
 
|
Re: Disabling use of https on OfBiz servers
|
|
Hi William
The only way I know of is to edit the relevant controller.xml file(s), looking for <security https="true".../> and changing that "true" to "false". Someone else may know a better way. Cheers, Anne. 2009/8/6 William Angus <[hidden email]> Hi, -- Coherent Software Australia Pty Ltd PO Box 2773 Cheltenham Vic 3192 Phone: (03) 9585 6788 Fax: (03) 9585 1086 Web: http://www.cohsoft.com.au/ Email: [hidden email] Bonsai ERP, the all-inclusive ERP system http://www.bonsaierp.com.au/ |
signature.asc (278 bytes)
Re: Disabling use of https on OfBiz servers
|
|
I think that'll come down to the only option unless you want to change
the RequestHandler class, even if you can prevent the redirect by configuration any POST data meant for a secure url will be rejected if sent via http. Regards Scott HotWax Media http://www.hotwaxmedia.com On 6/08/2009, at 3:03 PM, [hidden email] wrote: > Hi William > > The only way I know of is to edit the relevant controller.xml > file(s), looking for > > <security https="true".../> > > and changing that "true" to "false". > > Someone else may know a better way. > > Cheers, > Anne. > > 2009/8/6 William Angus <[hidden email]> > Hi, > > I am currently trying to disable the use of https on the webtools/ > admin side of ofbiz so that we can use access control to pass users > to the appropriate location within our network. > > Our system will consist of SSL terminated behind our router/firewall > on the proxy server prior to the proxy forwarding to the ofbiz > application servers. https will be used until the traffic hits the > proxy where it is decrypted using stunnel or similar. Once decrypted > we will use the http-based ACLs to pass the traffic to the > appropriate login instance. > > Problem is, I seem to be unable to force the use of http only within > our test environment. > > Currently the test environment we have been looking at this with is > trunk-2009-07-21-v796194 using embedded Tomcat but we would be > looking to running a full Tomcat install on a production system. > > To date I have tried changing the settings of url.properties to > port.https.enabled=N > and > force.http.host=Y > > also have looked at server.xml in the tomcat6 section and just for a > test changed all 8443 to 8080 however when the following url was tried > http://server-name:8080/webtools/login > it changed back to https://.......:8443/.... > > I was wondering if there was anything that I have missed or if there > is a specific file/entry that holds the configuration settings for > webtools/login. > > I haven't had much experience of configuring Tomcat or OfBiz (past > database setup and initial install) as until recently my focus has > been elsewhere. > > Regards > William Angus > -- > William Angus - Systems Analyst > Virtual Xpert Pty Ltd > Suite 207, 35 Buckingham Street > Surry Hills > NSW 2010 > Australia > > Ph: +61 2 9007 1480 > Fax: +61 2 8905 9438 > Mob: +61 424 298 449 > email: [hidden email] > > www.virtualxpert.com.au > > > > -- > Coherent Software Australia Pty Ltd > PO Box 2773 > Cheltenham Vic 3192 > Phone: (03) 9585 6788 > Fax: (03) 9585 1086 > Web: http://www.cohsoft.com.au/ > Email: [hidden email] > > Bonsai ERP, the all-inclusive ERP system > http://www.bonsaierp.com.au/ > |
Re: Disabling use of https on OfBiz servers
|
|
| Free forum by Nabble | Edit this page |