OK I tried adding the WebSocket as well but still get the same results: Works direct but the proxy just stays on the login page.
At the end of the log I get syncope-console_1 | 50.59.199.214 - - [03/Sep/2019:13:13:41 +0000] "POST /syncope-console/login?1-1.0-login-submit HTTP/1.1" 400 1195 (a bad request response) I now see the change of admin password, what is the right way to generate a SSHA256 form, it does not look like a standard $XX$... password with hash encoding. does the bcrypt method support strings of the form $2a$12$0HvCGo2ao0gI3q8.... for a 12th order bcrypt encode? -- This email, and any files transmitted with it, are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please advise [email protected] <mailto:[email protected]>. 3480 Preston Ridge Road Suite 450 Alpharetta, GA 30005 Philip W. Dalrymple III <[email protected]> MDT Software - Automation Management Company +1 678 297 1001 Fax +1 678 297 1003 ________________________________________ From: Francesco Chicchiriccò <[email protected]> Sent: Tuesday, September 3, 2019 8:43 To: [email protected] Subject: Re: Syncope behind a Apache Reverse proxy. Hi Philip, welcome to Syncope. See my replies embedded below. Regards. On 03/09/19 14:25, Dalrymple, Philip wrote: > I am new to Syncope and have a VM server with docker with a Postgres DB and > an Apache web > server on the main VM and the syncope, syncope-console, & syncope-enduser as > images > on docker. I can access the console (as admin, default password) from > XXX.example.com:28080/syncope-console > but the reverse proxy shows the login page and stays there. > > I assume that this is not an uncommon configuration, what am I doing wrong. With Admin Console you should consider that WebSockets come into play, so instead of <Location /syncope-console> ProxyPreserveHost on ProxyPass http://XXXXX.mdtsoft.com:28080/syncope-console ProxyPassReverse http://XXXX.mdtsoft.com:28080/syncope-console </Location> you should configure something as follows: <Location /syncope-console> ProxyPreserveHost on ProxyPass ws://XXXXX.mdtsoft.com:28080/syncope-console ProxyPass http://XXXXX.mdtsoft.com:28080/syncope-console ProxyPassReverse http://XXXX.mdtsoft.com:28080/syncope-console </Location> > Also what is the correct way to change the admin password; admin does not > appear in the users. See http://syncope.apache.org/docs/2.1/reference-guide.html#set-admin-credentials > my docker compose file: > # Licensed to the Apache Software Foundation (ASF) under one > # or more contributor license agreements. See the NOTICE file > # distributed with this work for additional information > # regarding copyright ownership. The ASF licenses this file > # to you under the Apache License, Version 2.0 (the > # "License"); you may not use this file except in compliance > # with the License. You may obtain a copy of the License at > # > # http://www.apache.org/licenses/LICENSE-2.0 > # > # Unless required by applicable law or agreed to in writing, > # software distributed under the License is distributed on an > # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY > # KIND, either express or implied. See the License for the > # specific language governing permissions and limitations > # under the License. > > # Full deployment (Core, Console, Enduser) on PostgreSQL with JSONB support > > version: '3.3' > > services: > > syncope: > image: apache/syncope:2.1.4 > ports: > - "18080:8080" > restart: always > environment: > DBMS: pgjsonb > DB_URL: "jdbc:postgresql://XXXXX.mdtsoft.com:5432/syncope?stringtype= > unspecified" > DB_USER: "syncope" > DB_PASSWORD: "XXXXXXXX" > DB_POOL_MAX: 10 > DB_POOL_MIN: 2 > OPENJPA_REMOTE_COMMIT: sjvm > > syncope-console: > depends_on: > - syncope > image: apache/syncope-console:2.1.4 > ports: > - "28080:8080" > restart: always > environment: > CORE_SCHEME: http > CORE_HOST: syncope > CORE_PORT: 8080 > > syncope-enduser: > depends_on: > - syncope > image: apache/syncope-enduser:2.1.4 > ports: > - "38080:8080" > restart: always > environment: > CORE_SCHEME: http > CORE_HOST: syncope > CORE_PORT: 8080 > DOMAIN: Master > > -------------- > > My Apache Configure for reverse proxy is: > ## proxy setup > SSLProxyEngine on > SSLProxyCheckPeerExpire off > SSLProxyCheckPeerName off > SSLProxyCheckPeerCN off > SSLProxyVerify none > > > ## syncope -- it has a number of redirects needed > <Location /syncope> > ProxyPreserveHost on > ProxyPass http://XXXX.mdtsoft.com:18080/syncope > ProxyPassReverse http://XXXX.mdtsoft.com:18080/syncope > </Location> > > <Location /syncope-console> > ProxyPreserveHost on > ProxyPass http://XXXXX.mdtsoft.com:28080/syncope-console > ProxyPassReverse http://XXXX.mdtsoft.com:28080/syncope-console > </Location> > > <Location /syncope-enduser> > ProxyPreserveHost on > ProxyPass http://XXXX.mdtsoft.com:38080/syncope-enduser > ProxyPassReverse http://XXXX.mdtsoft.com:38080/syncope-enduser > </Location> > > ----------------------------------------------- -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/
