Alessandro: David was testing with the Proxy Base URL setting correctly.
I am also trying to set up a test environment with apache with mod_proxy as per random blog post instructions ( https://www.middlewareinventory.com/blog/docker-reverse-proxy-example/). But I don't really know what I am doing so it is unlikely to match your setup. Not sure where to configure the X-Forwarded-** headers. Did you need to configure https://docs.geoserver.org/stable/en/user/security/webadmin/csrf.html with GEOSERVER_CSRF_WHITELIST or GEOSERVER_CSRF_DISABLED? -- Jody Garnett On Thu, 29 Sept 2022 at 07:01, Alessandro Parma < alessandro.pa...@geosolutionsgroup.com> wrote: > Hi David, andrea > > b) When I proxied geoserver, I couldn't save most configuration options >>> (i.e. change the logging profile) >>> * it would give me a "Origin does not correspond to request" error >>> * others recommended setting "-DGEOSERVER_CSRF_DISABLED=true" >>> + this worked, but now if I change the logging profile it will >>> log me out (but my changes were saved). >>> Hum... not sure, I'll inquire with Alessandro on how the proxying is set >>> up. >> >> > I understand this is an unrelated problem with your local environment > David. I suggest you check your PROXY_BASE_URL settings. > > In terms of proxy config there is nothing special honestly.. we're using > Nginx with an explicitly set PROXY_BASE_URL: > > [image: image.png] > > And we are passing the X-Forwarded-** headers from Nginx to GeoServer. > That info should be used by GeoServer to understand > what protocols and host are used by the user to connect to it. > > We can have a closer look but before we do that are you sure you cannot > reproduce it locally on an HTTPS setup? > > Thank you, > Alessandro > > On Thu, Sep 29, 2022 at 9:46 AM Andrea Aime < > andrea.a...@geosolutionsgroup.com> wrote: > >> On Thu, Sep 29, 2022 at 1:05 AM David Blasby <david.bla...@geocat.net> >> wrote: >> >>> Andrea, >>> >>> I tried to reproduce this and found some more issues; >>> >>> a) I couldn't "cd web/app; mvn jetty:run" >>> * I get a nullpointerexception - likely because there's no >>> settings in global.xml >>> * i used data/release and it worked fine >>> >> >> Uh yeah, this is bad... GeoServer should be able to start off a >> completely empty data directory (eventually >> with some warning). I thought we had a test to that effect, but I cannot >> find it... >> >> >>> b) When I proxied geoserver, I couldn't save most configuration options >>> (i.e. change the logging profile) >>> * it would give me a "Origin does not correspond to request" error >>> * others recommended setting "-DGEOSERVER_CSRF_DISABLED=true" >>> + this worked, but now if I change the logging profile it will >>> log me out (but my changes were saved). >>> >> >> Hum... not sure, I'll inquire with Alessandro on how the proxying is set >> up. >> >> Cheers >> Andrea >> >> == >> >> GeoServer Professional Services from the experts! >> >> Visit http://bit.ly/gs-services-us for more information. >> == >> >> Ing. Andrea Aime >> @geowolf >> Technical Lead >> >> GeoSolutions Group >> phone: +39 0584 962313 >> >> fax: +39 0584 1660272 >> >> mob: +39 339 8844549 >> >> https://www.geosolutionsgroup.com/ >> >> http://twitter.com/geosolutions_it >> >> ------------------------------------------------------- >> >> Con riferimento alla normativa sul trattamento dei dati personali (Reg. >> UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si >> precisa che ogni circostanza inerente alla presente email (il suo >> contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è >> riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il >> messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra >> operazione è illecita. Le sarei comunque grato se potesse darmene notizia. >> >> This email is intended only for the person or entity to which it is >> addressed and may contain information that is privileged, confidential or >> otherwise protected from disclosure. We remind that - as provided by >> European Regulation 2016/679 “GDPR” - copying, dissemination or use of this >> e-mail or the information herein by anyone other than the intended >> recipient is prohibited. If you have received this email by mistake, please >> notify us immediately by telephone or e-mail >> _______________________________________________ >> Geoserver-devel mailing list >> Geoserver-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/geoserver-devel >> > > > -- > > Regards, Alessandro Parma == GeoServer Professional Services from the > experts! Visit http://goo.gl/it488V for more information. == Alessandro > Parma DevOps Engineer GeoSolutions S.A.S. Via di Montramito 3/A 55054 > Massarosa (LU) Italy phone: +39 340 4752467 fax: +39 0584 1660272 > https://www.geosolutionsgroup.com https://twitter.com/geosolutions_it > ------------------------------------------------------- Con riferimento > alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - > Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni > circostanza inerente alla presente email (il suo contenuto, gli eventuali > allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i > destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per > errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le > sarei comunque grato se potesse darmene notizia. This email is intended > only for the person or entity to which it is addressed and may contain > information that is privileged, confidential or otherwise protected from > disclosure. We remind that - as provided by European Regulation 2016/679 > “GDPR” - copying, dissemination or use of this e-mail or the information > herein by anyone other than the intended recipient is prohibited. If you > have received this email by mistake, please notify us immediately by > telephone or e-mail. > _______________________________________________ > Geoserver-devel mailing list > Geoserver-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/geoserver-devel >
_______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
