Re: [dspace-tech] Re: http in API responses (blocked as mixed content)

Sun, 30 Jul 2023 22:31:29 -0700 

Hi Tim!
Thank you much, you got it! The problem was really in missing http header |X-Forwarded-Proto: https,| as we use apache ||mod_proxy to redirect to both nodejs and tomcat ports. Adding the rule to this header to httpd.conf solved the issue! 

All the best!

Matyas

Dne 28.07.2023 v 16:58 DSpace Technical Support napsal(a):

Hi Matyas,


This sounds like it could be related to this "Common Installation 
Issue": 
https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-MyRESTAPIisrunningunderHTTPS,butsomeofits%22link%22URLsareswitchingtoHTTP


Check the recommendations there and see if they have any impact.

Tim

On Friday, July 28, 2023 at 6:51:07 AM UTC-5 matyas...@gmail.com wrote:

    Hi Team,

    please could you help us with installation - setting the access to
    https
    only.

    We have backend and frontend on the same server (eduo.osu.cz
    <http://eduo.osu.cz>), backend
    calls are redirected by apache proxy to localhost:8080 tomcat port.

    In local.cfg, we have set: dspace.server.url =
    https://eduo.osu.cz/server

    When I open the DSpace homepage, primary API calls are correct, like
    https://eduo.osu.cz/server/api [HTTP/1.1 200  75ms]

    Still, the API calls that contain uri parameter, like

    
https://eduo.osu.cz/server/api/authz/authorizations/search/object?uri=http://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature
    
<https://eduo.osu.cz/server/api/authz/authorizations/search/object?uri=http://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature>


    have http:// protocol in the uri argument value. These requests are
    blocked by API/backend:

    # curl
    
'http://localhost:8080/server/api/authz/authorizations/search/object?uri=http://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature
    
<http://localhost:8080/server/api/authz/authorizations/search/object?uri=http://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature>'

    {"timestamp":"2023-07-28T11:40:05.876+00:00","status":400,"error":"Bad

    Request","message":"Request is invalid or
    
incorrect","path":"/server/api/authz/authorizations/search/object"}[root@eduard

    config]#

    If I manually change the ?uri to uri=https://..., I get the
    correct API
    answer:

    
https://eduo.osu.cz/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature
    
<https://eduo.osu.cz/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature>

        OR
    curl
    
'http://localhost:8080/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature
    
<http://localhost:8080/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin&embed=feature>'

    {
      "_links" : {
        "self" : {
          "href" :
    
"http://localhost:8080/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin
    
<http://localhost:8080/server/api/authz/authorizations/search/object?uri=https://eduo.osu.cz/server/api/core/sites/0f53bf85-4114-4307-9813-d1cbeea2cf33&feature=isCollectionAdmin>"

        } ... ...


    Please, don't you have any idea, which settings etc. causes the
    "http:"
    in uri argument, or how to change it to https?


    Thank you a lot in advance for any response!

    Best!

    Matyas F. Bajger

    library systems administrator
    University of Ostrava - University Library
    https://library.osu.eu

--

All messages to this mailing list should adhere to the Code of 
Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx

---

You received this message because you are subscribed to the Google 
Groups "DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to dspace-tech+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/dspace-tech/819ad4a5-558d-4f9c-9d18-0829508a0080n%40googlegroups.com 
<https://groups.google.com/d/msgid/dspace-tech/819ad4a5-558d-4f9c-9d18-0829508a0080n%40googlegroups.com?utm_medium=email&utm_source=footer>.


--
All messages to this mailing list should adhere to the Code of Conduct: 
https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx

--- 
You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to dspace-tech+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/dspace-tech/5a4eb049-006b-0302-a870-3ca7f5c72b34%40seznam.cz.






















					Reply via email to