IDEMPIERE-5137 Login page reload continuously using http (#1110)

* IDEMPIERE-5137 Login page reload continuously using http

add https check to index.zul

* IDEMPIERE-5137 Login page reload continuously using http

- add jetty-http-forwarded.xml for reverse proxy configuration
This commit is contained in:
hengsin 2022-01-05 21:23:38 +08:00 committed by GitHub
parent 0eb89932fd
commit 1a47a1959d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 42 additions and 9 deletions

View File

@ -43,6 +43,8 @@
tofile="../hazelcast.xml" filtering="yes" overwrite="yes"/> tofile="../hazelcast.xml" filtering="yes" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-threadpool.xml" <copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-threadpool.xml"
tofile="../jettyhome/etc/jetty-threadpool.xml" filtering="no" overwrite="yes"/> tofile="../jettyhome/etc/jetty-threadpool.xml" filtering="no" overwrite="yes"/>
<copy file="../org.adempiere.server-feature/jettyhome/etc/jetty-http-forwarded.xml"
tofile="../jettyhome/etc/jetty-http-forwarded.xml" filtering="no" overwrite="yes"/>
</target> </target>
<!-- ==================================================== --> <!-- ==================================================== -->

View File

@ -24,7 +24,7 @@ FOR %%c in (plugins\org.eclipse.equinox.launcher_1.*.jar) DO set JARFILE=%%c
@Set VMOPTS=%VMOPTS% -Dosgi.compatibility.bootdelegation=true @Set VMOPTS=%VMOPTS% -Dosgi.compatibility.bootdelegation=true
@Set VMOPTS=%VMOPTS% -Djetty.home=jettyhome @Set VMOPTS=%VMOPTS% -Djetty.home=jettyhome
@Set VMOPTS=%VMOPTS% -Djetty.base=jettyhome @Set VMOPTS=%VMOPTS% -Djetty.base=jettyhome
@Set VMOPTS=%VMOPTS% -Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml @Set VMOPTS=%VMOPTS% -Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml,etc/jetty-http-forwarded.xml
@Set VMOPTS=%VMOPTS% -Dosgi.console=localhost:12612 @Set VMOPTS=%VMOPTS% -Dosgi.console=localhost:12612
@Set VMOPTS=%VMOPTS% -Dmail.mime.encodefilename=true @Set VMOPTS=%VMOPTS% -Dmail.mime.encodefilename=true
@Set VMOPTS=%VMOPTS% -Dmail.mime.decodefilename=true @Set VMOPTS=%VMOPTS% -Dmail.mime.decodefilename=true

View File

@ -29,7 +29,7 @@ VMOPTS="-Dorg.osgi.framework.bootdelegation=sun.security.ssl
-Dosgi.compatibility.bootdelegation=true -Dosgi.compatibility.bootdelegation=true
-Djetty.home=$BASE/jettyhome -Djetty.home=$BASE/jettyhome
-Djetty.base=$BASE/jettyhome -Djetty.base=$BASE/jettyhome
-Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml -Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml,etc/jetty-http-forwarded.xml
-Dosgi.console=localhost:$TELNET_PORT -Dosgi.console=localhost:$TELNET_PORT
-Dmail.mime.encodefilename=true -Dmail.mime.encodefilename=true
-Dmail.mime.decodefilename=true -Dmail.mime.decodefilename=true

View File

@ -0,0 +1,22 @@
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "https://www.eclipse.org/jetty/configure_10_0.dtd">
<Configure id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Call name="addCustomizer">
<Arg>
<New class="org.eclipse.jetty.server.ForwardedRequestCustomizer">
<Set name="forwardedOnly" property="jetty.httpConfig.forwardedOnly"/>
<Set name="proxyAsAuthority" property="jetty.httpConfig.forwardedProxyAsAuthority"/>
<Set name="forwardedPortAsAuthority" property="jetty.httpConfig.forwardedPortAsAuthority"/>
<Set name="forwardedHeader" property="jetty.httpConfig.forwardedHeader"/>
<Set name="forwardedHostHeader" property="jetty.httpConfig.forwardedHostHeader"/>
<Set name="forwardedServerHeader" property="jetty.httpConfig.forwardedServerHeader"/>
<Set name="forwardedProtoHeader" property="jetty.httpConfig.forwardedProtoHeader"/>
<Set name="forwardedForHeader" property="jetty.httpConfig.forwardedForHeader"/>
<Set name="forwardedPortHeader" property="jetty.httpConfig.forwardedPortHeader"/>
<Set name="forwardedHttpsHeader" property="jetty.httpConfig.forwardedHttpsHeader"/>
<Set name="forwardedSslSessionIdHeader" property="jetty.httpConfig.forwardedSslSessionIdHeader"/>
<Set name="forwardedCipherSuiteHeader" property="jetty.httpConfig.forwardedCipherSuiteHeader"/>
</New>
</Arg>
</Call>
</Configure>

View File

@ -9,7 +9,7 @@
<launcherArgs> <launcherArgs>
<programArgs>-console <programArgs>-console
</programArgs> </programArgs>
<vmArgs>--add-modules=java.se --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-exports=java.desktop/sun.awt=ALL-UNNAMED --add-exports=java.sql.rowset/com.sun.rowset=ALL-UNNAMED --add-exports=java.naming/com.sun.jndi.ldap=ALL-UNNAMED -Declipse.product=org.adempiere.server.product -Dosgi.noShutdown=true -Dosgi.framework.activeThreadType=normal -Dorg.osgi.framework.bootdelegation=sun.security.ssl -Dosgi.compatibility.bootdelegation=true -Djetty.home=jettyhome -Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml -Dmail.mime.encodefilename=true -Dmail.mime.decodefilename=true -Dmail.mime.encodeparameters=true -Dmail.mime.decodeparameters=true -Dhazelcast.config=hazelcast.xml <vmArgs>--add-modules=java.se --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-exports=java.desktop/sun.awt=ALL-UNNAMED --add-exports=java.sql.rowset/com.sun.rowset=ALL-UNNAMED --add-exports=java.naming/com.sun.jndi.ldap=ALL-UNNAMED -Declipse.product=org.adempiere.server.product -Dosgi.noShutdown=true -Dosgi.framework.activeThreadType=normal -Dorg.osgi.framework.bootdelegation=sun.security.ssl -Dosgi.compatibility.bootdelegation=true -Djetty.home=jettyhome -Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml,etc/jetty-http-forwarded.xml -Dmail.mime.encodefilename=true -Dmail.mime.decodefilename=true -Dmail.mime.encodeparameters=true -Dmail.mime.decodeparameters=true -Dhazelcast.config=hazelcast.xml
</vmArgs> </vmArgs>
<vmArgsMac>-XstartOnFirstThread -Dorg.eclipse.swt.internal.carbon.smallFonts <vmArgsMac>-XstartOnFirstThread -Dorg.eclipse.swt.internal.carbon.smallFonts
</vmArgsMac> </vmArgsMac>

View File

@ -51,7 +51,7 @@
<stringAttribute key="org.eclipse.jdt.launching.JRE_CONTAINER" value="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-11"/> <stringAttribute key="org.eclipse.jdt.launching.JRE_CONTAINER" value="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-11"/>
<stringAttribute key="org.eclipse.jdt.launching.PROGRAM_ARGUMENTS" value="-os ${target.os} -ws ${target.ws} -arch ${target.arch} -nl ${target.nl} -consoleLog -console"/> <stringAttribute key="org.eclipse.jdt.launching.PROGRAM_ARGUMENTS" value="-os ${target.os} -ws ${target.ws} -arch ${target.arch} -nl ${target.nl} -consoleLog -console"/>
<stringAttribute key="org.eclipse.jdt.launching.SOURCE_PATH_PROVIDER" value="org.eclipse.pde.ui.workbenchClasspathProvider"/> <stringAttribute key="org.eclipse.jdt.launching.SOURCE_PATH_PROVIDER" value="org.eclipse.pde.ui.workbenchClasspathProvider"/>
<stringAttribute key="org.eclipse.jdt.launching.VM_ARGUMENTS" value="--add-modules=java.se&#10;--add-opens=java.base/java.lang=ALL-UNNAMED&#10;--add-opens=java.base/java.nio=ALL-UNNAMED&#10;--add-opens=java.base/sun.nio.ch=ALL-UNNAMED&#10;--add-opens=java.management/sun.management=ALL-UNNAMED&#10;--add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED&#10;--add-exports=java.base/jdk.internal.ref=ALL-UNNAMED&#10;--add-exports=java.desktop/sun.awt=ALL-UNNAMED&#10;--add-exports=java.sql.rowset/com.sun.rowset=ALL-UNNAMED&#10;--add-exports=java.naming/com.sun.jndi.ldap=ALL-UNNAMED&#10;-Declipse.product=org.adempiere.server.product&#10;-Dosgi.noShutdown=true&#10;-Dosgi.framework.activeThreadType=normal&#10;-Dorg.osgi.framework.bootdelegation=sun.security.ssl&#10;-Dosgi.compatibility.bootdelegation=true&#10;-Djetty.home=jettyhome&#10;-Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml&#10;-Dmail.mime.encodefilename=true&#10;-Dmail.mime.decodefilename=true&#10;-Dmail.mime.encodeparameters=true&#10;-Dmail.mime.decodeparameters=true&#10;-Dhazelcast.config=hazelcast.xml&#10;-Dorg.zkoss.zk.config.path=file://${project_loc:org.adempiere.ui.zk}/WEB-INF/zk-selenium.xml"/> <stringAttribute key="org.eclipse.jdt.launching.VM_ARGUMENTS" value="--add-modules=java.se&#10;--add-opens=java.base/java.lang=ALL-UNNAMED&#10;--add-opens=java.base/java.nio=ALL-UNNAMED&#10;--add-opens=java.base/sun.nio.ch=ALL-UNNAMED&#10;--add-opens=java.management/sun.management=ALL-UNNAMED&#10;--add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED&#10;--add-exports=java.base/jdk.internal.ref=ALL-UNNAMED&#10;--add-exports=java.desktop/sun.awt=ALL-UNNAMED&#10;--add-exports=java.sql.rowset/com.sun.rowset=ALL-UNNAMED&#10;--add-exports=java.naming/com.sun.jndi.ldap=ALL-UNNAMED&#10;-Declipse.product=org.adempiere.server.product&#10;-Dosgi.noShutdown=true&#10;-Dosgi.framework.activeThreadType=normal&#10;-Dorg.osgi.framework.bootdelegation=sun.security.ssl&#10;-Dosgi.compatibility.bootdelegation=true&#10;-Djetty.home=jettyhome&#10;-Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml,etc/jetty-http-forwarded.xml&#10;-Dmail.mime.encodefilename=true&#10;-Dmail.mime.decodefilename=true&#10;-Dmail.mime.encodeparameters=true&#10;-Dmail.mime.decodeparameters=true&#10;-Dhazelcast.config=hazelcast.xml&#10;-Dorg.zkoss.zk.config.path=file://${project_loc:org.adempiere.ui.zk}/WEB-INF/zk-selenium.xml"/>
<stringAttribute key="org.eclipse.jdt.launching.WORKING_DIRECTORY" value="${project_loc:org.adempiere.base}/.."/> <stringAttribute key="org.eclipse.jdt.launching.WORKING_DIRECTORY" value="${project_loc:org.adempiere.base}/.."/>
<stringAttribute key="pde.version" value="3.3"/> <stringAttribute key="pde.version" value="3.3"/>
<stringAttribute key="product" value="org.adempiere.server.server_product"/> <stringAttribute key="product" value="org.adempiere.server.server_product"/>

View File

@ -51,7 +51,7 @@
<stringAttribute key="org.eclipse.jdt.launching.JRE_CONTAINER" value="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-11"/> <stringAttribute key="org.eclipse.jdt.launching.JRE_CONTAINER" value="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-11"/>
<stringAttribute key="org.eclipse.jdt.launching.PROGRAM_ARGUMENTS" value="-os ${target.os} -ws ${target.ws} -arch ${target.arch} -nl ${target.nl} -consoleLog -console"/> <stringAttribute key="org.eclipse.jdt.launching.PROGRAM_ARGUMENTS" value="-os ${target.os} -ws ${target.ws} -arch ${target.arch} -nl ${target.nl} -consoleLog -console"/>
<stringAttribute key="org.eclipse.jdt.launching.SOURCE_PATH_PROVIDER" value="org.eclipse.pde.ui.workbenchClasspathProvider"/> <stringAttribute key="org.eclipse.jdt.launching.SOURCE_PATH_PROVIDER" value="org.eclipse.pde.ui.workbenchClasspathProvider"/>
<stringAttribute key="org.eclipse.jdt.launching.VM_ARGUMENTS" value="-Dorg.eclipse.swt.graphics.Resource.reportNonDisposed=true --add-modules=java.se --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-exports=java.desktop/sun.awt=ALL-UNNAMED --add-exports=java.sql.rowset/com.sun.rowset=ALL-UNNAMED --add-exports=java.naming/com.sun.jndi.ldap=ALL-UNNAMED -Declipse.product=org.adempiere.server.product -Dosgi.noShutdown=true -Dosgi.framework.activeThreadType=normal -Dorg.osgi.framework.bootdelegation=sun.security.ssl -Dosgi.compatibility.bootdelegation=true -Djetty.home=jettyhome -Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml -Dmail.mime.encodefilename=true -Dmail.mime.decodefilename=true -Dmail.mime.encodeparameters=true -Dmail.mime.decodeparameters=true -Dhazelcast.config=hazelcast.xml"/> <stringAttribute key="org.eclipse.jdt.launching.VM_ARGUMENTS" value="-Dorg.eclipse.swt.graphics.Resource.reportNonDisposed=true --add-modules=java.se --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-exports=java.desktop/sun.awt=ALL-UNNAMED --add-exports=java.sql.rowset/com.sun.rowset=ALL-UNNAMED --add-exports=java.naming/com.sun.jndi.ldap=ALL-UNNAMED -Declipse.product=org.adempiere.server.product -Dosgi.noShutdown=true -Dosgi.framework.activeThreadType=normal -Dorg.osgi.framework.bootdelegation=sun.security.ssl -Dosgi.compatibility.bootdelegation=true -Djetty.home=jettyhome -Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml,etc/jetty-http-forwarded.xml -Dmail.mime.encodefilename=true -Dmail.mime.decodefilename=true -Dmail.mime.encodeparameters=true -Dmail.mime.decodeparameters=true -Dhazelcast.config=hazelcast.xml"/>
<stringAttribute key="org.eclipse.jdt.launching.WORKING_DIRECTORY" value="${project_loc:org.adempiere.base}/.."/> <stringAttribute key="org.eclipse.jdt.launching.WORKING_DIRECTORY" value="${project_loc:org.adempiere.base}/.."/>
<stringAttribute key="pde.version" value="3.3"/> <stringAttribute key="pde.version" value="3.3"/>
<stringAttribute key="product" value="org.adempiere.server.server_product"/> <stringAttribute key="product" value="org.adempiere.server.server_product"/>

View File

@ -21,6 +21,9 @@ Copyright (C) 2007 Ashley G Ramdass.
"?> "?>
<zk> <zk>
<script><![CDATA[ <script><![CDATA[
if (window.location.protocol == 'https:')
{
zk.load("jawwa.atmosphere"); zk.load("jawwa.atmosphere");
zk.load("org.idempiere.websocket"); zk.load("org.idempiere.websocket");
zk.load("adempiere.local.storage"); zk.load("adempiere.local.storage");
@ -247,9 +250,15 @@ Copyright (C) 2007 Ashley G Ramdass.
return result; return result;
} }
}); });
}); });
} //window.location.protocol check
else
{
alert("This request has been blocked, the content must be served over HTTPS");
}
]]> ]]>
</script> </script>
<include src="${themePreference}"/> <include src="${themePreference}" if="${execution.getScheme() == 'https'}"/>
<window use="org.adempiere.webui.AdempiereWebUI"/> <window use="org.adempiere.webui.AdempiereWebUI" if="${execution.getScheme() == 'https'}"/>
</zk> </zk>

View File

@ -9,7 +9,7 @@
<launcherArgs> <launcherArgs>
<programArgs>-console <programArgs>-console
</programArgs> </programArgs>
<vmArgs>--add-modules=java.se --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-exports=java.desktop/sun.awt=ALL-UNNAMED --add-exports=java.sql.rowset/com.sun.rowset=ALL-UNNAMED --add-exports=java.naming/com.sun.jndi.ldap=ALL-UNNAMED -Declipse.product=org.adempiere.server.product -Dosgi.noShutdown=true -Dosgi.framework.activeThreadType=normal -Dorg.osgi.framework.bootdelegation=sun.security.ssl -Dosgi.compatibility.bootdelegation=true -Djetty.home=jettyhome -Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml -Dmail.mime.encodefilename=true -Dmail.mime.decodefilename=true -Dmail.mime.encodeparameters=true -Dmail.mime.decodeparameters=true -Dhazelcast.config=hazelcast.xml <vmArgs>--add-modules=java.se --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-exports=java.desktop/sun.awt=ALL-UNNAMED --add-exports=java.sql.rowset/com.sun.rowset=ALL-UNNAMED --add-exports=java.naming/com.sun.jndi.ldap=ALL-UNNAMED -Declipse.product=org.adempiere.server.product -Dosgi.noShutdown=true -Dosgi.framework.activeThreadType=normal -Dorg.osgi.framework.bootdelegation=sun.security.ssl -Dosgi.compatibility.bootdelegation=true -Djetty.home=jettyhome -Djetty.etc.config.urls=etc/jetty.xml,etc/jetty-deployer.xml,etc/jetty-ssl.xml,etc/jetty-ssl-context.xml,etc/jetty-http.xml,etc/jetty-https.xml,etc/jetty-threadpool.xml,etc/jetty-http-forwarded.xml -Dmail.mime.encodefilename=true -Dmail.mime.decodefilename=true -Dmail.mime.encodeparameters=true -Dmail.mime.decodeparameters=true -Dhazelcast.config=hazelcast.xml
</vmArgs> </vmArgs>
<vmArgsMac>-XstartOnFirstThread -Dorg.eclipse.swt.internal.carbon.smallFonts <vmArgsMac>-XstartOnFirstThread -Dorg.eclipse.swt.internal.carbon.smallFonts
</vmArgsMac> </vmArgsMac>