Yes, that’s right Sent by my mobile device - Gerald Kallas
> Am 15.08.2020 um 11:58 schrieb Jean-Baptiste Onofre <j...@nanthrax.net>: > > Hi Gerald, > > AFAIR we have a Jira about HTTP authorization issue, right ? > > Regards > JB > >> Le 15 août 2020 à 10:55, Gerald Kallas - mailbox.org <catsh...@mailbox.org> >> a écrit : >> >> I‘d go with jetty as well but the HTTP authorization problem with Karaf >= >> 4.2.9 isn’t solved yet. >> >> Sent by my mobile device >> - Gerald Kallas >> >>>> Am 15.08.2020 um 10:03 schrieb Jean-Baptiste Onofre <j...@nanthrax.net>: >>> >>> Hi, >>> >>> Webconsole should bind to https by default (at least, it’s what happen with >>> Jetty). >>> >>> Even if I’m not a big undertow fan, let me try to reproduce and fix ;) >>> >>> Regards >>> JB >>> >>>> Le 14 août 2020 à 19:20, Gerald Kallas <catsh...@mailbox.org> a écrit : >>>> >>>> Dear all, >>>> >>>> I did setup a vanilla Karaf 4.3.0RC1 and executed the following commands >>>> >>>> feature:install pax-http-undertow >>>> feature:install webconsole >>>> >>>> How can I bind the webconsole (and later camel servlets) to the HTTPS port? >>>> >>>> Many thanks in advance. >>>> >>>> My undertow.xml looks like >>>> >>>> <?xml version="1.0" encoding="UTF-8"?> >>>> <!-- >>>> Licensed under the Apache License, Version 2.0 (the "License"); >>>> you may not use this file except in compliance with the License. >>>> You may obtain a copy of the License at >>>> >>>> http://www.apache.org/licenses/LICENSE-2.0 >>>> >>>> Unless required by applicable law or agreed to in writing, software >>>> distributed under the License is distributed on an "AS IS" BASIS, >>>> WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or >>>> implied. >>>> >>>> See the License for the specific language governing permissions and >>>> limitations under the License. >>>> --> >>>> <undertow xmlns="urn:org.ops4j.pax.web:undertow:1.0" >>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >>>> xmlns:w="urn:jboss:domain:5.0" >>>> xmlns:io="urn:jboss:domain:io:3.0" >>>> xsi:schemaLocation=" >>>> urn:jboss:domain:io:3.0 >>>> http://www.jboss.org/schema/jbossas/wildfly-io_3_0.xsd >>>> urn:jboss:domain:undertow:4.0 >>>> http://www.jboss.org/schema/jbossas/wildfly-undertow_4_0.xsd >>>> urn:jboss:domain:5.0 >>>> http://www.jboss.org/schema/jbossas/wildfly-config_5_0.xsd";> >>>> >>>> <!-- >>>> Only "default" worker and buffer-pool are supported and can be used to >>>> override the default values >>>> used by all listeners >>>> >>>> buffer-pool: >>>> - buffer-size defaults to: >>>> - when < 64MB of Xmx: 512 >>>> - when < 128MB of Xmx: 1024 >>>> - when >= 128MB of Xmx: 16K - 20 >>>> - direct-buffers defaults to: >>>> - when < 64MB of Xmx: false >>>> - when >= 64MB of Xmx: true >>>> >>>> worker: >>>> - io-threads defaults to >>>> Math.max(Runtime.getRuntime().availableProcessors(), 2); >>>> - task-core-threads and task-max-threads default to io-threads * 8 >>>> --> >>>> <!-- >>>> <subsystem xmlns="urn:jboss:domain:io:3.0"> >>>> <buffer-pool name="default" buffer-size="16364" direct-buffers="true" >>>> /> >>>> <worker name="default" io-threads="8" task-core-threads="64" >>>> task-max-threads="64" /> >>>> </subsystem> >>>> --> >>>> >>>> <!-- >>>> https://docs.jboss.org/author/display/WFLY/Undertow+subsystem+configuration >>>> --> >>>> <subsystem xmlns="urn:jboss:domain:undertow:4.0"> >>>> <!-- org.wildfly.extension.undertow.BufferCacheDefinition --> >>>> <buffer-cache name="default" buffer-size="1024" >>>> buffers-per-region="1024" max-regions="10" /> >>>> <server name="default-server"> >>>> <!-- HTTP(S) Listener references Socket Binding (and indirectly - >>>> Interfaces) --> >>>> <http-listener name="http" socket-binding="http" /> >>>> <!-- verify-client: org.xnio.SslClientAuthMode.NOT_REQUESTED, >>>> org.xnio.SslClientAuthMode.REQUESTED, org.xnio.SslClientAuthMode.REQUIRED >>>> --> >>>> <https-listener name="https" socket-binding="https" >>>> security-realm="default" verify-client="NOT_REQUESTED" /> >>>> <host name="default-host" alias="localhost"> >>>> <!--<location name="/" handler="welcome-content" />--> >>>> <!--<location name="/docs" handler="docs-content" />--> >>>> <access-log directory="${karaf.data}/log" pattern="common" >>>> prefix="access_log." suffix="log" rotate="true" /> >>>> <filter-ref name="server-header" /> >>>> <filter-ref name="x-powered-by-header" /> >>>> </host> >>>> </server> >>>> <servlet-container name="default"> >>>> <jsp-config /> >>>> <websockets /> >>>> <welcome-files> >>>> <welcome-file name="index.html" /> >>>> <welcome-file name="index.txt" /> >>>> </welcome-files> >>>> </servlet-container> >>>> <handlers> >>>> <file name="welcome-content" path="${karaf.home}/welcome" /> >>>> <!--<file name="docs-content" path="${karaf.home}/docs" />--> >>>> </handlers> >>>> <filters> >>>> <!-- filters for reference from /host/filter-ref and >>>> /host/location/filter-ref --> >>>> <response-header name="server-header" header-name="Server" >>>> header-value="Pax-HTTP-Undertow" /> >>>> <response-header name="x-powered-by-header" >>>> header-name="X-Powered-By" header-value="Pax-HTTP-Undertow/7.2.16" /> >>>> </filters> >>>> </subsystem> >>>> >>>> <!-- https://docs.jboss.org/author/display/WFLY/Security+Realms --> >>>> <!-- >>>> we'll use "default" security realm by default to configure >>>> jaas/properties authentication >>>> (io.undertow.security.idm.IdentityManager): >>>> - w:jaas - >>>> org.ops4j.pax.web.service.undertow.internal.security.JaasIdentityManager >>>> - w:properties - >>>> org.ops4j.pax.web.service.undertow.internal.security.PropertiesIdentityManager >>>> --> >>>> <security-realm name="default"> >>>> <w:server-identities> >>>> <w:ssl> >>>> <!-- sun.security.ssl.ProtocolVersion --> >>>> <!-- sun.security.ssl.CipherSuite --> >>>> <!-- openssl ciphers 'ALL:eNULL' | sed -e 's/:/\n/g' | sort --> >>>> <w:engine >>>> >>>> enabled-cipher-suites="TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 >>>> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" >>>> enabled-protocols="TLSv1 TLSv1.1 TLSv1.2" /> >>>> <w:keystore path="${karaf.etc}/keystore.p12" provider="PKCS12" >>>> alias="server" >>>> keystore-password="password" key-password="password" >>>> generate-self-signed-certificate-host="localhost" /> >>>> </w:ssl> >>>> </w:server-identities> >>>> <w:authentication> >>>> <!-- JaasIdentityManager for given realm --> >>>> <w:jaas name="karaf" /> >>>> <!-- OR PropertiesIdentityManager (mutually exclusive with >>>> <w:jaas>) --> >>>> <!--<w:properties path="users.properties" />--> >>>> <w:truststore path="${karaf.etc}/truststore.jks" provider="JKS" >>>> keystore-password="password" /> >>>> </w:authentication> >>>> >>>> <user-principal-class-name>org.apache.karaf.jaas.boot.principal.UserPrincipal</user-principal-class-name> >>>> >>>> <role-principal-class-name>org.apache.karaf.jaas.boot.principal.RolePrincipal</role-principal-class-name> >>>> <!--<role-principal-class-name>...</role-principal-class-name>--> >>>> </security-realm> >>>> >>>> <!-- Interface lists IP addresses to bind to --> >>>> <interface name="default"> >>>> <w:inet-address value="0.0.0.0" /> >>>> <!--<w:inet-address value="127.0.0.1" />--> >>>> </interface> >>>> >>>> <!-- Socket Binding adds port for each IP from referenced Interface --> >>>> <socket-binding name="http" interface="default" >>>> port="${org.osgi.service.http.port}" /> >>>> <socket-binding name="https" interface="default" >>>> port="${org.osgi.service.http.port.secure}" /> >>>> >>>> </undertow> >>>> >>>> The log shows >>>> >>>> 2020-08-14T19:12:59,801 | INFO | paxweb-config-1-thread-1 | >>>> ServerControllerImpl | 64 - org.ops4j.pax.web.pax-web-undertow >>>> - 7.2.14 | Using >>>> "file:/E:/apache-karaf/apache-karaf-4.3.0.RC1/etc/undertow.xml" to >>>> configure Undertow >>>> 2020-08-14T19:13:00,018 | INFO | activator-1-thread-2 | >>>> BouncyCastleSecurityProviderRegistrar | 39 - org.apache.sshd.core - 1.7.0 >>>> | getOrCreateProvider(BC) created instance of >>>> org.bouncycastle.jce.provider.BouncyCastleProvider >>>> 2020-08-14T19:13:00,050 | INFO | paxweb-config-1-thread-1 | >>>> ServerControllerImpl | 64 - org.ops4j.pax.web.pax-web-undertow >>>> - 7.2.14 | Starting undertow http listener on 0.0.0.0:8181 >>>> 2020-08-14T19:13:00,052 | INFO | paxweb-config-1-thread-1 | >>>> ServerControllerImpl | 64 - org.ops4j.pax.web.pax-web-undertow >>>> - 7.2.14 | Starting undertow https listener on 0.0.0.0:8443 >>>> 2020-08-14T19:13:00,093 | INFO | activator-1-thread-2 | CommandExtension >>>> | 36 - org.apache.karaf.shell.core - 4.3.0.RC1 | >>>> Registering commands for bundle org.apache.karaf.features.command/4.3.0.RC1 >>>> 2020-08-14T19:13:00,244 | INFO | activator-1-thread-2 | Activator >>>> | 20 - org.apache.karaf.deployer.features - 4.3.0.RC1 | >>>> Deployment finished. Registering FeatureDeploymentListener >>>> 2020-08-14T19:13:00,310 | INFO | activator-1-thread-3 | CommandExtension >>>> | 36 - org.apache.karaf.shell.core - 4.3.0.RC1 | >>>> Registering commands for bundle org.apache.karaf.kar.core/4.3.0.RC1 >>>> 2020-08-14T19:13:00,320 | INFO | activator-1-thread-2 | FeaturesPlugin >>>> | 73 - org.apache.karaf.webconsole.features - 4.3.0.RC1 | >>>> Features plugin deactivated >>>> 2020-08-14T19:13:00,333 | INFO | activator-1-thread-2 | FeaturesPlugin >>>> | 73 - org.apache.karaf.webconsole.features - 4.3.0.RC1 | >>>> Features plugin activated >>>> 2020-08-14T19:13:00,813 | INFO | activator-1-thread-2 | CommandExtension >>>> | 36 - org.apache.karaf.shell.core - 4.3.0.RC1 | >>>> Registering commands for bundle org.apache.karaf.shell.ssh/4.3.0.RC1 >>>> 2020-08-14T19:13:01,295 | INFO | paxweb-config-1-thread-1 | >>>> ServerControllerImpl | 64 - org.ops4j.pax.web.pax-web-undertow >>>> - 7.2.14 | Using in-memory session persistence >>>> 2020-08-14T19:13:01,344 | INFO | paxweb-config-1-thread-1 | >>>> HttpServiceFactoryImpl | 62 - org.ops4j.pax.web.pax-web-runtime >>>> - 7.2.14 | Binding bundle: [org.apache.karaf.webconsole.console [72]] to >>>> http service >>> >> >
