I am able to log into the backend at: http://dev-ir.dut.ac.za:8080/server/
But using the Angular UI and https://dev-ir.dut.ac.za/server/login.html results in a 403 with XHR errors. environment.prod.ts: export const environment = { ui: { ssl: false, host: 'localhost', port: 4000, nameSpace: '/' }, rest: { ssl: true, host: 'dev-ir.dut.ac.za', port: 443, nameSpace: '/server' } }; apache default-le-ssl.conf: ProxyPass /server http://localhost:8080/server ProxyPassReverse /server http://localhost:8080/server ProxyPass / http://localhost:4000/ ProxyPassReverse / http://localhost:4000/ local.cfg: dspace.server.url = https://dev-ir.dut.ac.za/server dspace.ui.url = http://localhost:4000 rest.cors.allow-origins = ${dspace.ui.url} rest.cors.allow-origins = http://dev-ir.dut.ac.za rest.cors.allow-origins = http://dev-ir.dut.ac.za:4000 rest.cors.allow-origins = https://dev-ir.dut.ac.za rest.cors.allow-origins = http://10.4.36.12 rest.cors.allow-origins = http://10.4.36.12:4000 rest.cors.allow-origins = https://10.4.36.12 I'm not sure what's relevant from the browser's inspector window, but this is what I have after trying to log in with the Angular UI: [image: Selection_022.png] POST scheme https host dev-ir.dut.ac.za filename /server/api/authn/login Address 10.4.36.12:443 Status 403 VersionHTTP/1.1 Transferred447 B (20 B size) Referrer Policystrict-origin-when-cross-origin Response Headers: HTTP/1.1 403 Date: Wed, 25 Aug 2021 14:11:39 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Request Headers: POST /server/api/authn/login HTTP/1.1 Host: dev-ir.dut.ac.za User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0 Accept: application/json, text/plain, */* Accept-Language: en;q=1,en-US;q=0.1,en;q=0.09 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded X-XSRF-TOKEN: 56f4015c-5256-4512-8861-12dacda7aae3 X-CORRELATION-ID: 352472e7-b842-4987-b223-961900a64746 X-REFERRER: /home Content-Length: 43 Origin: https://dev-ir.dut.ac.za Connection: keep-alive Referer: https://dev-ir.dut.ac.za/home Cookie: DSPACE-XSRF-COOKIE=56f4015c-5256-4512-8861-12dacda7aae3; _fbp=fb.2.1611567268808.3166000; __tawkuuid=e::dut.ac.za::X4iey+2XGFdXPDH6lKG4Ikr4yo9SdzTjom+Nd+69vueiUCsm4iQyTzbzsr6pAIEN::2; _ga=GA1.3.923244129.1612793087; __utma=97131402.923244129.1612793087.1624370603.1624440611.58; __utmz=97131402.1620118111.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cookieconsent_status=dismiss; klaro-anonymous=%7B%22authentication%22%3Atrue%2C%22preferences%22%3Atrue%2C%22acknowledgement%22%3Atrue%2C%22google-analytics%22%3Atrue%7D; _gid=GA1.3.1575206032.1629785492; CORRELATION-ID=352472e7-b842-4987-b223-961900a64746; dsLanguage=en; XSRF-TOKEN=56f4015c-5256-4512-8861-12dacda7aae3; dsRedirectUrl=/home Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache Please tell me where I've gone wrong. Sean -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/CA%2BxAuhNk4FsYS1BJ3BaS9T3A9u7DRXv_JK5s9NvHWATaA0Ycsw%40mail.gmail.com.
