Thanks Jack. The problem involved other components on the site. And
fortunately we could arrange it.
regards.
Alexis.
On 05/24/2011 04:45 PM, Jack Hsu wrote:
Hi Alexis,
You might also want to try deleting your browser cookies for BioMart.
The issue was probably a session that exists in one server is not
found on the other.
If you have more than one server it's a good idea to enable stickiness
in your load balancer (HAProxy or mod_proxy_balancer for Apache). This
will forward traffic for the same user to the same server, which will
get around the session problem.
-jack
On 11-05-23 12:05 PM, "Alexis" <[email protected]> wrote:
I have the thing working with two virtual hosts. A first one for
http, and a later for https.
We decided to redirect all the http flow towards the https
virtual host ( you'll see from the http conf
piece of config I pasted)
thanks
Alexis
************************************************************************************
HTTP CONF
NameVirtualHost 84.88.51.185:80
<VirtualHost 84.88.51.185:80>
ServerName dcc.cllgenome.es
## ProxyPass / http://localhost:9000/
## ProxyPassReverse / http://locahost:9000/
ProxyRequests On
ProxyPreserveHost On
LogLevel info
ErrorLog /var/log/apache2/dcc.error_log
CustomLog /var/log/apache2/dcc.access_log combined
## https
## make it a comment if you have problems
## Force https
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
<https://%%7BHTTP_HOST%7D%%7BREQUEST_URI%7D>
##
</VirtualHost>
*****************************************************************************
HTTPS CONF
NameVirtualHost 84.88.51.185:443
<VirtualHost 84.88.51.185:443>
ServerName dcc.cllgenome.es
ProxyPass / https://localhost:9043/
ProxyPassReverse / https://locahost:9043/
ProxyRequests On
ProxyPreserveHost On
LogLevel info
ErrorLog /var/log/apache2/dcc-ssl.error_log
CustomLog /var/log/apache2/dcc-ssl.access_log combined
#Redirect permanent / https://dcc.cllgenome.es
SSLEngine on
SSLVerifyDepth 10
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCACertificatePath /etc/tls/cacert/
SSLCertificateFile /etc/tls/certs/bscicgc01.bsc.es.pem
SSLCertificateKeyFile
/etc/tls/keys/bscicgc01_nodes.bsc.es.key
SSLProxyCACertificatePath /etc/tls/cacert/
SSLProxyEngine on
#SSLProxyVerify require
SSLProxyVerify none
SSLProxyVerifyDepth 10
</VirtualHost>
********************************************************************************
On 05/23/2011 05:45 PM, Junjun Zhang wrote:
Hi Alexis,
Can you please send us the content of the settings of the
apache virtual host where you redirect incoming requests to
the BioMart server?
Thanks,
Junjun
PS: as Brett suggested, please contact us using
[email protected], not [email protected]
*From: * Alexis <[email protected]>
*Date: * Mon, 23 May 2011 09:45:49 -0400
*To: * "[email protected]" <[email protected]>
*Subject: * Re: [BioMart Users] openID authentication against
https://centralregistry.dcc.icgc.org
Hi Brett, Junjun
I've test what you advice me. No changes in the error
message, the same "Server error: null". And trying
to find out where that change https to http happens. Only
a java error found (added at the end of my mail).
Would you recommend to enable some debug flag in biomart?
The other factor I think can make things go wrong is a
rewrite http to https I keep in my apache virtual host
config file. But puzzles me because what you tell me is
about a https to http change.
regards.
Alexis.
By the way I put also some biomart.properties variables :
locale.name = en
location.code = 005
locale.plurals = true
##################################################
# HTTP SETTINGS
##################################################
http.host = 0.0.0.0
#http.host = localhost
http.port = 9000
# Only if public URL different from host+port above
http.url = http://dcc.cllgenome.es/
##################################################
# HTTPS SETTINGS
##################################################
https.port = 9043
# Only if public URL different from host+port above
https.url = https://dcc.cllgenome.es
ssl.keystore = etc/keystore
#ssl.password = OBF:19iy19j019j219j419j619j8
ssl.password = XXXXXXXX
#ssl.truststore = etc/keystore
#ssl.trustpassword = OBF:19iy19j019j219j419j619j8
# Set to false if x509 certificate verification is required
x509.trustall = true
THE JAVA EXCEPTION :
2011-05-23 15:20:29,391 ERROR
[881581266@qtp-1986936160-6:Log.java:208]: Request to
Central Registry threw an IOException: centr
java.lang.NullPointerException
at
org.biomart.api.lite.MartRegistry.getGroupName(MartRegistry.java:186)
at
org.biomart.api.rest.UserResource.verify(UserResource.java:229)
at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$ResponseOutInvoker._dispatch(
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.j
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:279)
...
at
org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:680)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
On 05/20/2011 08:18 PM, Brett Whitty wrote:
*Hi Alexis,
*
*
*
When I try to use openID to log into your site I get a
popup in my browser that warns about the traffic being
switched from HTTPS to HTTP, which leads me to believe
there is a problem with the http.url and https.url
settings in your biomart.properties file. You should
set these to the real external URLs of your site if
they aren't already set to that. You also should set
your http.host to '0.0.0.0'.
When I try to login with yahoo instead of openid, I
get redirected to the following URL on successful login:
*http://localhost:9000/
*
*which is what the default settings would be if they
weren't changed.
*
*
*
Please send future email support requests to
[email protected] and not to Junjun or
myself directly, as it is easier for us to co-ordinate
this way.
Regards,
*
*
*Brett
*
*
*
*From: * Alexis <[email protected]>
*Date: * Fri, 20 May 2011 11:07:38 -0400
*To: * jzhang <[email protected]>
*Subject: * openID authentication against
https://centralregistry.dcc.icgc.org
Hi Junjun
After some issues I think our server at BSC could
be tested from
your site. There is only a matter about openID. I
put the "location" Brett
told us to use for openID authentication (
https://centralregistry.dcc.icgc.org<https://centralregistry.dcc.icgc.org>
). I receive after signing in an error message
such as : "Server error: null" in a yellow box
just at my dcc portal. When I use an empty
"location" it works well. There is some detail I'm
missing, I suppose. Do you know where it could
come from?
By the way... https and many other details worked
shoulder to shoulder
with Jorge are fine (dcc from bsc do not
complaints about the "binary" problem is annoying
Jorge). If you consider it's the right time to add
dcc.cllgenome.es to your test pipelines, go ahead,
you are welcome.
regards.
Alexis.
WARNING / LEGAL TEXT: This message is intended
only for the use of the individual or entity to
which it is addressed and may contain information
which is privileged, confidential, proprietary, or
exempt from disclosure under applicable law. If
you are not the intended recipient or the person
responsible for delivering the message to the
intended recipient, you are strictly prohibited
from disclosing, distributing, copying, or in any
way using this message. If you have received this
communication in error, please notify the sender
and destroy and delete any copies you may have
received.
http://www.bsc.es/disclaimer.htm
WARNING / LEGAL TEXT: This message is intended only for
the use of the individual or entity to which it is
addressed and may contain information which is privileged,
confidential, proprietary, or exempt from disclosure under
applicable law. If you are not the intended recipient or
the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from
disclosing, distributing, copying, or in any way using
this message. If you have received this communication in
error, please notify the sender and destroy and delete any
copies you may have received.
http://www.bsc.es/disclaimer.htm
WARNING / LEGAL TEXT: This message is intended only for the use of
the individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or
exempt from disclosure under applicable law. If you are not the
intended recipient or the person responsible for delivering the
message to the intended recipient, you are strictly prohibited
from disclosing, distributing, copying, or in any way using this
message. If you have received this communication in error, please
notify the sender and destroy and delete any copies you may have
received.
http://www.bsc.es/disclaimer.htm
WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.
http://www.bsc.es/disclaimer.htm
_______________________________________________
Users mailing list
[email protected]
https://lists.biomart.org/mailman/listinfo/users
