Hi Alexis, You might also want to try deleting your browser cookies for BioMart. The issue was probably a session that exists in one server is not found on the other.
If you have more than one server it's a good idea to enable stickiness in your load balancer (HAProxy or mod_proxy_balancer for Apache). This will forward traffic for the same user to the same server, which will get around the session problem. -jack On 11-05-23 12:05 PM, "Alexis" <[email protected]> wrote: I have the thing working with two virtual hosts. A first one for http, and a later for https. We decided to redirect all the http flow towards the https virtual host ( you'll see from the http conf piece of config I pasted) thanks Alexis ************************************************************************************ HTTP CONF NameVirtualHost 84.88.51.185:80 <VirtualHost 84.88.51.185:80> ServerName dcc.cllgenome.es ## ProxyPass / http://localhost:9000/ ## ProxyPassReverse / http://locahost:9000/ ProxyRequests On ProxyPreserveHost On LogLevel info ErrorLog /var/log/apache2/dcc.error_log CustomLog /var/log/apache2/dcc.access_log combined ## https ## make it a comment if you have problems ## Force https RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} ## </VirtualHost> ***************************************************************************** HTTPS CONF NameVirtualHost 84.88.51.185:443 <VirtualHost 84.88.51.185:443> ServerName dcc.cllgenome.es ProxyPass / https://localhost:9043/ ProxyPassReverse / https://locahost:9043/ ProxyRequests On ProxyPreserveHost On LogLevel info ErrorLog /var/log/apache2/dcc-ssl.error_log CustomLog /var/log/apache2/dcc-ssl.access_log combined #Redirect permanent / https://dcc.cllgenome.es SSLEngine on SSLVerifyDepth 10 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCACertificatePath /etc/tls/cacert/ SSLCertificateFile /etc/tls/certs/bscicgc01.bsc.es.pem SSLCertificateKeyFile /etc/tls/keys/bscicgc01_nodes.bsc.es.key SSLProxyCACertificatePath /etc/tls/cacert/ SSLProxyEngine on #SSLProxyVerify require SSLProxyVerify none SSLProxyVerifyDepth 10 </VirtualHost> ******************************************************************************** On 05/23/2011 05:45 PM, Junjun Zhang wrote: Hi Alexis, Can you please send us the content of the settings of the apache virtual host where you redirect incoming requests to the BioMart server? Thanks, Junjun PS: as Brett suggested, please contact us using [email protected], not [email protected] From: Alexis <[email protected]> Date: Mon, 23 May 2011 09:45:49 -0400 To: "[email protected]" <[email protected]> Subject: Re: [BioMart Users] openID authentication against https://centralregistry.dcc.icgc.org Hi Brett, Junjun I've test what you advice me. No changes in the error message, the same "Server error: null". And trying to find out where that change https to http happens. Only a java error found (added at the end of my mail). Would you recommend to enable some debug flag in biomart? The other factor I think can make things go wrong is a rewrite http to https I keep in my apache virtual host config file. But puzzles me because what you tell me is about a https to http change. regards. Alexis. By the way I put also some biomart.properties variables : locale.name = en location.code = 005 locale.plurals = true ################################################## # HTTP SETTINGS ################################################## http.host = 0.0.0.0 #http.host = localhost http.port = 9000 # Only if public URL different from host+port above http.url = http://dcc.cllgenome.es/ ################################################## # HTTPS SETTINGS ################################################## https.port = 9043 # Only if public URL different from host+port above https.url = https://dcc.cllgenome.es ssl.keystore = etc/keystore #ssl.password = OBF:19iy19j019j219j419j619j8 ssl.password = XXXXXXXX #ssl.truststore = etc/keystore #ssl.trustpassword = OBF:19iy19j019j219j419j619j8 # Set to false if x509 certificate verification is required x509.trustall = true THE JAVA EXCEPTION : 2011-05-23 15:20:29,391 ERROR [881581266@qtp-1986936160-6:Log.java:208]: Request to Central Registry threw an IOException: centr java.lang.NullPointerException at org.biomart.api.lite.MartRegistry.getGroupName(MartRegistry.java:186) at org.biomart.api.rest.UserResource.verify(UserResource.java:229) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$ResponseOutInvoker._dispatch( at com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.j at com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:279) ... at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:680) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582) On 05/20/2011 08:18 PM, Brett Whitty wrote: Hi Alexis, When I try to use openID to log into your site I get a popup in my browser that warns about the traffic being switched from HTTPS to HTTP, which leads me to believe there is a problem with the http.url and https.url settings in your biomart.properties file. You should set these to the real external URLs of your site if they aren't already set to that. You also should set your http.host to '0.0.0.0'. When I try to login with yahoo instead of openid, I get redirected to the following URL on successful login: http://localhost:9000/ which is what the default settings would be if they weren't changed. Please send future email support requests to [email protected] and not to Junjun or myself directly, as it is easier for us to co-ordinate this way. Regards, Brett From: Alexis <[email protected]> Date: Fri, 20 May 2011 11:07:38 -0400 To: jzhang <[email protected]> Subject: openID authentication against https://centralregistry.dcc.icgc.org Hi Junjun After some issues I think our server at BSC could be tested from your site. There is only a matter about openID. I put the "location" Brett told us to use for openID authentication ( https://centralregistry.dcc.icgc.org <https://centralregistry.dcc.icgc.org> ). I receive after signing in an error message such as : "Server error: null" in a yellow box just at my dcc portal. When I use an empty "location" it works well. There is some detail I'm missing, I suppose. Do you know where it could come from? By the way... https and many other details worked shoulder to shoulder with Jorge are fine (dcc from bsc do not complaints about the "binary" problem is annoying Jorge). If you consider it's the right time to add dcc.cllgenome.es to your test pipelines, go ahead, you are welcome. regards. Alexis. WARNING / LEGAL TEXT: This message is intended only for the use of the individual or entity to which it is addressed and may contain information which is privileged, confidential, proprietary, or exempt from disclosure under applicable law. If you are not the intended recipient or the person responsible for delivering the message to the intended recipient, you are strictly prohibited from disclosing, distributing, copying, or in any way using this message. If you have received this communication in error, please notify the sender and destroy and delete any copies you may have received. http://www.bsc.es/disclaimer.htm WARNING / LEGAL TEXT: This message is intended only for the use of the individual or entity to which it is addressed and may contain information which is privileged, confidential, proprietary, or exempt from disclosure under applicable law. If you are not the intended recipient or the person responsible for delivering the message to the intended recipient, you are strictly prohibited from disclosing, distributing, copying, or in any way using this message. If you have received this communication in error, please notify the sender and destroy and delete any copies you may have received. http://www.bsc.es/disclaimer.htm WARNING / LEGAL TEXT: This message is intended only for the use of the individual or entity to which it is addressed and may contain information which is privileged, confidential, proprietary, or exempt from disclosure under applicable law. If you are not the intended recipient or the person responsible for delivering the message to the intended recipient, you are strictly prohibited from disclosing, distributing, copying, or in any way using this message. If you have received this communication in error, please notify the sender and destroy and delete any copies you may have received. http://www.bsc.es/disclaimer.htm
_______________________________________________ Users mailing list [email protected] https://lists.biomart.org/mailman/listinfo/users
