[dspace-tech] Re: HTTPS and SOLR
Hi, please help me, I just set up dspace with https, I use apache tomcat 7, and I have the following error: 2019-03-01 01:58:31,497 ERROR org.dspace.app.webui.components.RecentSubmissionsManager @ caught exception: org.dspace.browse.BrowseException: org.dspace.discovery.SearchServiceException: Server at http://localhost/solr/search sent back a redirect (302). at org.dspace.browse.SolrBrowseDAO.getSolrResponse(SolrBrowseDAO.java:206) at org.dspace.browse.SolrBrowseDAO.doQuery(SolrBrowseDAO.java:315) at org.dspace.browse.BrowseEngine.browseMini(BrowseEngine.java:167) at org.dspace.app.webui.components.RecentSubmissionsManager.getRecentSubmissions(RecentSubmissionsManager.java:90) at org.dspace.app.webui.components.RecentCommunitySubmissions.process(RecentCommunitySubmissions.java:48) at org.dspace.app.webui.servlet.HandleServlet.preProcessCommunityHome(HandleServlet.java:641) at org.dspace.app.webui.servlet.HandleServlet.communityHome(HandleServlet.java:591) at org.dspace.app.webui.servlet.HandleServlet.doDSGet(HandleServlet.java:329) at org.dspace.app.webui.servlet.DSpaceServlet.processRequest(DSpaceServlet.java:126) at org.dspace.app.webui.servlet.DSpaceServlet.doGet(DSpaceServlet.java:73) at javax.servlet.http.HttpServlet.service(HttpServlet.java:624) at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.dspace.rdf.negotiation.NegotiationFilter.doFilter(NegotiationFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.dspace.utils.servlet.DSpaceWebappServletFilter.doFilter(DSpaceWebappServletFilter.java:78) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:603) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:1025) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1136) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748) Caused by: org.dspace.discovery.SearchServiceException: Server at http://localhost/solr/search sent back a redirect (302). at org.dspace.discovery.SolrServiceImpl.search(SolrServiceImpl.java:1615) at org.dspace.browse.SolrBrowseDAO.getSolrResponse(SolrBrowseDAO.java:201) ... 37 more Caused by: org.apache.solr.client.solrj.SolrServerException: Server at http://localhost/solr/search sent back a redirect (302). at org.apache.solr.client.solrj.impl.HttpSolrServer.executeMethod(HttpSolrServer.java:470) at org.apache.solr.client.solrj.impl.HttpSolrServer.request(HttpSolrServer.java:210) at org.apache.solr.client.solrj.impl.HttpSolrServer.request(HttpSolrServer.java:206) at org.apache.solr.client.solrj.request.QueryRequest.process(QueryRequest.java:91) at org.apache.solr.client.solrj.SolrServer.query(SolrServer.java:310) at org.dspace.discovery.SolrServiceImpl.search(SolrServiceImpl.java:1610) ... 38 more 2019-03-01 01:58:31,497 ERROR org.dspace.app.webui.servlet.HandleServlet @ caught exception: org.dspace.plugin.PluginException: org.dspace.app.webui.components.RecentSubmissionsException: org.dspace.browse.BrowseException: org.dspace.discovery.SearchServiceException: Server at http://localhost/solr/search sent back a redirect (302). at
Re: [dspace-tech] Re: HTTPS and SOLR
Dear Jacob,
I think it's better if you add another Tomcat connector to handle the
un-encrypted HTTP. We use nginx + TLS in front of our Tomcat and the "main"
connector specifically has to know about the reverse port mapping 443→8443
with HTTPS scheme, so we added a plain HTTP connector for localhost:
Then in our DSpace configuration we point Solr to this localhost:8081.
Hope that helps,
On Tue, Nov 6, 2018 at 11:49 PM Cameron, Jacob
wrote:
> Hi Mark,
>
>
>
> It’s because the cert is wildcard for our domain it is breaking going to
> the localhost for SOLR. With SOLR setup for localhost only, it got
> grumpy. I’ve found an easy way to work around it now. I hope to get
> apache httpd working on it in the future.
>
>
>
> Jake
>
> --
>
> Jake Cameron, BCS(UNB)
>
> Systems Support Specialist III
>
> Information Systems and Technical Services University of Lethbridge Library
>
> Phone:(403)329-2756
>
> This e-mail, including any and all attachments, is only for the use of the
> intended recipient(s) and may contain information that is confidential or
> privileged. If you are not the intended recipient, you are advised that any
> dissemination, copying or other use of this e-mail is prohibited. Please
> notify the sender of the error in communication by return e-mail and
> destroy all copies of this e-mail. Thank you.
>
>
>
> *From:* dspace-tech@googlegroups.com *On
> Behalf Of *Mark H. Wood
> *Sent:* Tuesday, November 6, 2018 11:27 AM
> *To:* DSpace Technical Support
> *Subject:* [dspace-tech] Re: HTTPS and SOLR
>
>
>
> On Monday, November 5, 2018 at 6:11:29 PM UTC-5, jacob.cameron wrote:
>
> Can I have SOLR secured under a wildcard SSL certificate? I’ve installed
> our cert and forced HTTPS I’m tomcat, but SOLR keeps giving a 302 error now
> and when I browse it it tells me that it’s an invalid cert. I haven’t been
> able to figure a way around it. We aren’t using Apache HTTPD to configure
> our ports.
>
>
>
>
>
>
>
> There are any number of ways a cert. can be invalid. Which specific one
> does your browser show you? (Browsers are so "helpful" these days that you
> may need to dig...and dig...to get down to the real reason.) A less
> "friendly", more precise tool such as 'openssl s_client' may provide better
> information.
>
>
>
> HTTP status 302 ("Found") is a redirection. Tomcat (not Solr) is saying
> that the resource exists but you have to ask for it at a different
> location. Is DSpace configured to contact Solr via HTTPS? Does
> 'bin/dspace dsprop -property solr.server' show the https: scheme?
>
> --
> All messages to this mailing list should adhere to the DuraSpace Code of
> Conduct: https://duraspace.org/about/policies/code-of-conduct/
> ---
> You received this message because you are subscribed to the Google Groups
> "DSpace Technical Support" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to dspace-tech+unsubscr...@googlegroups.com.
> To post to this group, send email to dspace-tech@googlegroups.com.
> Visit this group at https://groups.google.com/group/dspace-tech.
> For more options, visit https://groups.google.com/d/optout.
>
> --
> All messages to this mailing list should adhere to the DuraSpace Code of
> Conduct: https://duraspace.org/about/policies/code-of-conduct/
> ---
> You received this message because you are subscribed to the Google Groups
> "DSpace Technical Support" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to dspace-tech+unsubscr...@googlegroups.com.
> To post to this group, send email to dspace-tech@googlegroups.com.
> Visit this group at https://groups.google.com/group/dspace-tech.
> For more options, visit https://groups.google.com/d/optout.
>
--
Alan Orth
alan.o...@gmail.com
https://picturingjordan.com
https://englishbulgaria.net
https://mjanja.ch
"In heaven all the interesting people are missing." ―Friedrich Nietzsche
--
All messages to this mailing list should adhere to the DuraSpace Code of
Conduct: https://duraspace.org/about/policies/code-of-conduct/
---
You received this message because you are subscribed to the Google Groups
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to dspace-tech+unsubscr...@googlegroups.com.
To post to this group, send email to dspace-tech@googlegroups.com.
Visit this group at https://groups.google.com/group/dspace-tech.
For more options, visit https://groups.google.com/d/optout.
RE: [dspace-tech] Re: HTTPS and SOLR
Hi Mark,
It’s because the cert is wildcard for our domain it is breaking going to the
localhost for SOLR. With SOLR setup for localhost only, it got grumpy. I’ve
found an easy way to work around it now. I hope to get apache httpd working on
it in the future.
Jake
--
Jake Cameron, BCS(UNB)
Systems Support Specialist III
Information Systems and Technical Services University of Lethbridge Library
Phone:(403)329-2756
This e-mail, including any and all attachments, is only for the use of the
intended recipient(s) and may contain information that is confidential or
privileged. If you are not the intended recipient, you are advised that any
dissemination, copying or other use of this e-mail is prohibited. Please notify
the sender of the error in communication by return e-mail and destroy all
copies of this e-mail. Thank you.
From: dspace-tech@googlegroups.com On Behalf Of
Mark H. Wood
Sent: Tuesday, November 6, 2018 11:27 AM
To: DSpace Technical Support
Subject: [dspace-tech] Re: HTTPS and SOLR
On Monday, November 5, 2018 at 6:11:29 PM UTC-5, jacob.cameron wrote:
Can I have SOLR secured under a wildcard SSL certificate? I’ve installed our
cert and forced HTTPS I’m tomcat, but SOLR keeps giving a 302 error now and
when I browse it it tells me that it’s an invalid cert. I haven’t been able to
figure a way around it. We aren’t using Apache HTTPD to configure our ports.
There are any number of ways a cert. can be invalid. Which specific one does
your browser show you? (Browsers are so "helpful" these days that you may need
to dig...and dig...to get down to the real reason.) A less "friendly", more
precise tool such as 'openssl s_client' may provide better information.
HTTP status 302 ("Found") is a redirection. Tomcat (not Solr) is saying that
the resource exists but you have to ask for it at a different location. Is
DSpace configured to contact Solr via HTTPS? Does 'bin/dspace dsprop -property
solr.server' show the https: scheme?
--
All messages to this mailing list should adhere to the DuraSpace Code of
Conduct: https://duraspace.org/about/policies/code-of-conduct/
---
You received this message because you are subscribed to the Google Groups
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
dspace-tech+unsubscr...@googlegroups.com<mailto:dspace-tech+unsubscr...@googlegroups.com>.
To post to this group, send email to
dspace-tech@googlegroups.com<mailto:dspace-tech@googlegroups.com>.
Visit this group at https://groups.google.com/group/dspace-tech.
For more options, visit https://groups.google.com/d/optout.
--
All messages to this mailing list should adhere to the DuraSpace Code of
Conduct: https://duraspace.org/about/policies/code-of-conduct/
---
You received this message because you are subscribed to the Google Groups
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to dspace-tech+unsubscr...@googlegroups.com.
To post to this group, send email to dspace-tech@googlegroups.com.
Visit this group at https://groups.google.com/group/dspace-tech.
For more options, visit https://groups.google.com/d/optout.
[dspace-tech] Re: HTTPS and SOLR
On Monday, November 5, 2018 at 6:11:29 PM UTC-5, jacob.cameron wrote:
>
> Can I have SOLR secured under a wildcard SSL certificate? I’ve installed
> our cert and forced HTTPS I’m tomcat, but SOLR keeps giving a 302 error now
> and when I browse it it tells me that it’s an invalid cert. I haven’t been
> able to figure a way around it. We aren’t using Apache HTTPD to configure
> our ports.
>
>
There are any number of ways a cert. can be invalid. Which specific one
does your browser show you? (Browsers are so "helpful" these days that you
may need to dig...and dig...to get down to the real reason.) A less
"friendly", more precise tool such as 'openssl s_client' may provide better
information.
HTTP status 302 ("Found") is a redirection. Tomcat (not Solr) is saying
that the resource exists but you have to ask for it at a different
location. Is DSpace configured to contact Solr via HTTPS? Does
'bin/dspace dsprop -property solr.server' show the https: scheme?
--
All messages to this mailing list should adhere to the DuraSpace Code of
Conduct: https://duraspace.org/about/policies/code-of-conduct/
---
You received this message because you are subscribed to the Google Groups
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to dspace-tech+unsubscr...@googlegroups.com.
To post to this group, send email to dspace-tech@googlegroups.com.
Visit this group at https://groups.google.com/group/dspace-tech.
For more options, visit https://groups.google.com/d/optout.
