Versions Compared

Old Version 9

changes.mady.by.user Former user

Saved on

compared with

New Version 10

changes.mady.by.user MS (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following configuration has been performed in order to avoid Cross-Origin (CORS) problems with the new Abiquo client in HTML5 using Apache + SSL.

The best way to go approach is to complete all the previous steps, then we will have to do make the following modifications:

In the /opt/abiquo/tomcat/conf/server.xml, we should remove the connector which uses port 8010 and leave the file like this:

Code Block
<?xml version='1.0' encoding='utf-8'?>

...


<!--

...


Licensed to the Apache Software Foundation (ASF) under one or more

...


contributor license agreements. See the NOTICE file distributed with

...


this work for additional information regarding copyright ownership.

...


The ASF licenses this file to You under the Apache License, Version 2.0

...


(the "License"); you may not use this file except in compliance with

...


the License. You may obtain a copy of the License at

...


http://www.apache.org/licenses/LICENSE-2.0

...


Unless required by applicable law or agreed to in writing, software

...


distributed under the License is distributed on an "AS IS" BASIS,

...


WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

...


See the License for the specific language governing permissions and

...


limitations under the License.

...


-->

...


<Server port="8005" shutdown="SHUTDOWN">

...


<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />

...


<Listener className="org.apache.catalina.core.JasperListener" />

...


<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />

...


<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />

...


<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />

...


<Listener className="com.abiquo.listeners.AbiquoConfigurationListener"/>

...


<GlobalNamingResources>

...


<Resource name="UserDatabase" auth="Container"

...


type="org.apache.catalina.UserDatabase"

...


description="User database that can be updated and saved"

...


factory="org.apache.catalina.users.MemoryUserDatabaseFactory"

...


pathname="conf/tomcat-users.xml" />

...


</GlobalNamingResources>

...


<Service name="Catalina">

...


<Connector port="8009"

...


protocol="AJP/1.3"

...


enableLookups="false"

...


tomcatAuthentication="false"

...


redirectPort="8443"

...


connectionTimeout="20000" secure="true"/>

...


<Engine name="Catalina" defaultHost="localhost">

...


<Realm className="org.apache.catalina.realm.UserDatabaseRealm"

...


resourceName="UserDatabase"/>

...


<Host name="localhost" appBase="webapps"

...


unpackWARs="true" autoDeploy="true"

...


xmlValidation="false" xmlNamespaceAware="false">

...


</Host>

...


</Engine>

...


</Service>

...


</Server>

 

The next step will be to modify /etc/httpd/conf.d/proxy_ajp.conf file and change ports from 8010 to 8009, which is the only connector we will use with the AJP. Keep on mind Remember to leave the AM location with the port 8010 as explained in the previous part "section (Adding SSL to AM"). The file should be like thisas follows:

Code Block
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so

...


<VirtualHost *:80>

...


RewriteEngine On

...


RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

...


</VirtualHost>

...


<VirtualHost *:443>

...


RewriteEngine On

...


ProxyRequests Off

...


ProxyPreserveHost On

...


<Directory "/opt/abiquo/tomcat/webapps/ui/">

...


Options MultiViews

...


AllowOverride None

...


Order allow,deny

...


Allow from all

...


</Directory>

...


RewriteRule ^/ui$ /ui/ [R]

...


<Location /ui>

...


ProxyPass ajp://servermaster:8009/ui/

...


ProxyPassReverse ajp://servermaster:8009/ui/

...


</Location>

...


<Location /api>

...


ProxyPass ajp://servermaster:8009/api

...


ProxyPassReverse ajp://servermaster:8009/api

...


</Location>

...


<Location /legal/>

...


ProxyPass ajp://servermaster:8009/legal/

...


ProxyPassReverse ajp://servermaster:8009/legal/

...


</Location>

...



SSLEngine on

...


SSLProtocol all -SSLv2

...


SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

...


SSLCertificateFile /etc/pki/tls/certs/ca.crt

...


SSLCertificateKeyFile /etc/pki/tls/private/ca.key

...


<Location /am>

...


ProxyPass ajp://rsmaster:8010/am

...


ProxyPassReverse ajp://rsmaster:8010/am

...


</Location>

...


</VirtualHost>

 

And the The last file which needs to be modified modify is /opt/abiquo/tomcat/webapps/ui/config/client-config.json. Once there, Edit it and search for the "config.endpoint" attribute and leave it like this:, which should in this format:

Code Block
"config.endpoint": "https://servermaster:443/api"

Remember, Replace "servermaster" is with the hostname of the Abiquo server where the API and the client are running.

 

Last step is Then restart the abiquo-tomcat service on the API+client machine and the Apache as well.