Re: [dspace-tech] DSpace 7 CORS Error
Thanks, Tim.
Sean
On Thu, 26 Aug 2021, 18:34 Tim Donohue, wrote:
> Hi Sean,
>
> The problem is not obvious to me based on the information you've provided
> to us. Just to verify...
>
>- In your frontend configs (environment.*.ts)
> - UI section should likely say localhost, as this is where your
> Node/Angular app is running locally. This is the only setting of these
> that
> usually is a localhost (non-public) URL, as this setting is used to
> tell *Node
> *where to start/run your app.
> - REST section should be the public URL of REST, as this is the URL
> that the Angular app will use to communicate with backend.
>- In your backend configs (local.cfg)
> - dspace.ui.url should be the public URL of Angular UI, as that way
> the REST API can validate responses properly coming any user who
> accesses
> your UI.
> - dspace.server.url should be the public URL of REST (same as REST
> section on backend)
>
> Your proxy settings look reasonable as well.
>
> I'd recommend looking for anything odd in logs of Apache or Tomcat or
> DSpace. Maybe there's something else going on that you haven't discovered
> yet? Something is definitely off here, and it's not obvious to me what it
> may be...that makes me suspect there may be an error somewhere that you
> haven't found.
>
> More tips can be found at
>
>-
>
> https://wiki.lyrasis.org/display/DSPACE/Troubleshoot+an+error#Troubleshootanerror-DSpace7.x(orabove)
>-
>
> https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-CommonInstallationIssues
>
>
> Tim
>
> --
> *From:* Sean Carte
> *Sent:* Thursday, August 26, 2021 2:32 AM
> *To:* Tim Donohue
> *Cc:* DSpace Technical Support
> *Subject:* Re: [dspace-tech] DSpace 7 CORS Error
>
> Thanks, Tim. I did try using the public URL in local.cfg, but then
> reverted to using localhost:4000 as I thought the proxy would expect to
> find dspace on localhost:4000. Also, I thought the rest.cors.allow-origins
> would let me use other origins (
> https://wiki.lyrasis.org/display/DSDOC7x/REST+API -- linked to from the
> CORS error part of the documentation).
>
> As you suggest, I've changed dspace.ui.url to:
>
> dspace.ui.url = https://dev-ir.dut.ac.za
>
> restarted tomcat, but I still have the same behaviour. I can log in
> directly to the backend on port 8080, but using the Angular UI or the
> /server endpoint results in CORS errors.
>
> I also tried changing environment.prod.ts as follows:
>
> ui: {
> ssl: false,
> //host: 'localhost',
> host: 'dev-ir.dut.ac.za',
> port: 4000,
> nameSpace: '/'
> },
>
> That allows me to log in at
>
> https://dev-ir.dut.ac.za/server/
>
> However, I get a 503 at
>
> https://dev-ir.dut.ac.za/home
>
> I think that makes sense because the proxy is redirecting / to
> localhost:4000, so ui should be host: 'localhost'. But now I'm stuck.
>
> These are the lines for the proxy:
>
> ProxyPass /server http://localhost:8080/server
> ProxyPassReverse /server http://localhost:8080/server
> ProxyPass / http://localhost:4000/
> ProxyPassReverse / http://localhost:4000/
>
> Sean
>
> On Wed, 25 Aug 2021 at 17:00, Tim Donohue wrote:
>
> Hi Sean,
>
> Your "dspace.ui.url" setting on the backend is incorrect. This MUST be
> the public URL of the UI...and it appears you are publicly accesing the UI
> using a different URL in your browser.
>
> When you do this, the backend will throw a CORS error because it ONLY
> trusts clients listed in either "dspace.ui.url" or
> "rest.cors.allowed-origins" configurations.
>
> Currently, because you've set "dspace.ui.url = http://localhost:4000;,
> your backend will only trust requests that come directly from
> http://localhost:4000/ (meaning this must be the exact URL you type into
> your browser)
>
> More info on this behavior can also be found in the "Common Installation
> Issues" section of our install guide at:
> https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-%22CORSerror%22or%22InvalidCORSrequest%22
>
> Tim
>
> --
> *From:* dspace-tech@googlegroups.com on
> behalf of Sean Carte
> *Sent:* Wednesday, August 25, 2021 9:25 AM
> *To:* DSpace Technical Support
> *Subject:* [dspace-tech] DSpace 7 CORS Error
>
> I am able to log into the backend at:
>
> http://dev-ir.dut.ac.za:8080/server/
>
> But using the Angular UI and
>
> https://dev-ir.dut.ac.za/server/login.html
>
> results in a 403 with XHR errors.
>
> environment.prod.ts:
> export const environment = {
> ui: {
> ssl: false,
> host: 'localhost',
> port: 4000,
> nameSpace: '/'
> },
> rest: {
> ssl: true,
> host: 'dev-ir.dut.ac.za',
> port: 443,
> nameSpace: '/server'
> }
> };
>
> apache default-le-ssl.conf:
> ProxyPass /server http://localhost:8080/server
> ProxyPassReverse /server
Re: [dspace-tech] DSpace 7 CORS Error
Hi Sean,
The problem is not obvious to me based on the information you've provided to
us. Just to verify...
* In your frontend configs (environment.*.ts)
* UI section should likely say localhost, as this is where your
Node/Angular app is running locally. This is the only setting of these that
usually is a localhost (non-public) URL, as this setting is used to tell Node
where to start/run your app.
* REST section should be the public URL of REST, as this is the URL that
the Angular app will use to communicate with backend.
* In your backend configs (local.cfg)
* dspace.ui.url should be the public URL of Angular UI, as that way the
REST API can validate responses properly coming any user who accesses your UI.
* dspace.server.url should be the public URL of REST (same as REST
section on backend)
Your proxy settings look reasonable as well.
I'd recommend looking for anything odd in logs of Apache or Tomcat or DSpace.
Maybe there's something else going on that you haven't discovered yet?
Something is definitely off here, and it's not obvious to me what it may
be...that makes me suspect there may be an error somewhere that you haven't
found.
More tips can be found at
*
https://wiki.lyrasis.org/display/DSPACE/Troubleshoot+an+error#Troubleshootanerror-DSpace7.x(orabove)
*
https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-CommonInstallationIssues
Tim
From: Sean Carte
Sent: Thursday, August 26, 2021 2:32 AM
To: Tim Donohue
Cc: DSpace Technical Support
Subject: Re: [dspace-tech] DSpace 7 CORS Error
Thanks, Tim. I did try using the public URL in local.cfg, but then reverted to
using localhost:4000 as I thought the proxy would expect to find dspace on
localhost:4000. Also, I thought the rest.cors.allow-origins would let me use
other origins (https://wiki.lyrasis.org/display/DSDOC7x/REST+API -- linked to
from the CORS error part of the documentation).
As you suggest, I've changed dspace.ui.url to:
dspace.ui.url = https://dev-ir.dut.ac.za
restarted tomcat, but I still have the same behaviour. I can log in directly to
the backend on port 8080, but using the Angular UI or the /server endpoint
results in CORS errors.
I also tried changing environment.prod.ts as follows:
ui: {
ssl: false,
//host: 'localhost',
host: 'dev-ir.dut.ac.za',
port: 4000,
nameSpace: '/'
},
That allows me to log in at
https://dev-ir.dut.ac.za/server/
However, I get a 503 at
https://dev-ir.dut.ac.za/home
I think that makes sense because the proxy is redirecting / to localhost:4000,
so ui should be host: 'localhost'. But now I'm stuck.
These are the lines for the proxy:
ProxyPass /server http://localhost:8080/server
ProxyPassReverse /server http://localhost:8080/server
ProxyPass / http://localhost:4000/
ProxyPassReverse / http://localhost:4000/
Sean
On Wed, 25 Aug 2021 at 17:00, Tim Donohue
mailto:tim.dono...@lyrasis.org>> wrote:
Hi Sean,
Your "dspace.ui.url" setting on the backend is incorrect. This MUST be the
public URL of the UI...and it appears you are publicly accesing the UI using a
different URL in your browser.
When you do this, the backend will throw a CORS error because it ONLY trusts
clients listed in either "dspace.ui.url" or "rest.cors.allowed-origins"
configurations.
Currently, because you've set "dspace.ui.url =
http://localhost:4000
mailto:dspace-tech@googlegroups.com>> on behalf
of Sean Carte mailto:sean.ca...@gmail.com>>
Sent: Wednesday, August 25, 2021 9:25 AM
To: DSpace Technical Support
mailto:dspace-tech@googlegroups.com>>
Subject: [dspace-tech] DSpace 7 CORS Error
I am able to log into the backend at:
http://dev-ir.dut.ac.za:8080/server/
But using the Angular UI and
https://dev-ir.dut.ac.za/server/login.html
results in a 403 with XHR errors.
environment.prod.ts:
export const environment = {
ui: {
ssl: false,
host: 'localhost',
port: 4000,
nameSpace: '/'
},
rest: {
ssl: true,
host: 'dev-ir.dut.ac.za',
port: 443,
nameSpace: '/server'
}
};
apache default-le-ssl.conf:
ProxyPass /server http://localhost:8080/server
ProxyPassReverse /server http://localhost:8080/server
ProxyPass / http://localhost:4000/
ProxyPassReverse / http://localhost:4000/
Re: [dspace-tech] DSpace 7 CORS Error
Thanks, Tim. I did try using the public URL in local.cfg, but then reverted
to using localhost:4000 as I thought the proxy would expect to find dspace
on localhost:4000. Also, I thought the rest.cors.allow-origins would let me
use other origins (https://wiki.lyrasis.org/display/DSDOC7x/REST+API --
linked to from the CORS error part of the documentation).
As you suggest, I've changed dspace.ui.url to:
dspace.ui.url = https://dev-ir.dut.ac.za
restarted tomcat, but I still have the same behaviour. I can log in
directly to the backend on port 8080, but using the Angular UI or the
/server endpoint results in CORS errors.
I also tried changing environment.prod.ts as follows:
ui: {
ssl: false,
//host: 'localhost',
host: 'dev-ir.dut.ac.za',
port: 4000,
nameSpace: '/'
},
That allows me to log in at
https://dev-ir.dut.ac.za/server/
However, I get a 503 at
https://dev-ir.dut.ac.za/home
I think that makes sense because the proxy is redirecting / to
localhost:4000, so ui should be host: 'localhost'. But now I'm stuck.
These are the lines for the proxy:
ProxyPass /server http://localhost:8080/server
ProxyPassReverse /server http://localhost:8080/server
ProxyPass / http://localhost:4000/
ProxyPassReverse / http://localhost:4000/
Sean
On Wed, 25 Aug 2021 at 17:00, Tim Donohue wrote:
> Hi Sean,
>
> Your "dspace.ui.url" setting on the backend is incorrect. This MUST be
> the public URL of the UI...and it appears you are publicly accesing the UI
> using a different URL in your browser.
>
> When you do this, the backend will throw a CORS error because it ONLY
> trusts clients listed in either "dspace.ui.url" or
> "rest.cors.allowed-origins" configurations.
>
> Currently, because you've set "dspace.ui.url = http://localhost:4000;,
> your backend will only trust requests that come directly from
> http://localhost:4000/ (meaning this must be the exact URL you type into
> your browser)
>
> More info on this behavior can also be found in the "Common Installation
> Issues" section of our install guide at:
> https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-%22CORSerror%22or%22InvalidCORSrequest%22
>
> Tim
>
> --
> *From:* dspace-tech@googlegroups.com on
> behalf of Sean Carte
> *Sent:* Wednesday, August 25, 2021 9:25 AM
> *To:* DSpace Technical Support
> *Subject:* [dspace-tech] DSpace 7 CORS Error
>
> I am able to log into the backend at:
>
> http://dev-ir.dut.ac.za:8080/server/
>
> But using the Angular UI and
>
> https://dev-ir.dut.ac.za/server/login.html
>
> results in a 403 with XHR errors.
>
> environment.prod.ts:
> export const environment = {
> ui: {
> ssl: false,
> host: 'localhost',
> port: 4000,
> nameSpace: '/'
> },
> rest: {
> ssl: true,
> host: 'dev-ir.dut.ac.za',
> port: 443,
> nameSpace: '/server'
> }
> };
>
> apache default-le-ssl.conf:
> ProxyPass /server http://localhost:8080/server
> ProxyPassReverse /server http://localhost:8080/server
> ProxyPass / http://localhost:4000/
> ProxyPassReverse / http://localhost:4000/
>
> local.cfg:
> dspace.server.url = https://dev-ir.dut.ac.za/server
> dspace.ui.url = http://localhost:4000
> rest.cors.allow-origins = ${dspace.ui.url}
> rest.cors.allow-origins = http://dev-ir.dut.ac.za
> rest.cors.allow-origins = http://dev-ir.dut.ac.za:4000
> rest.cors.allow-origins = https://dev-ir.dut.ac.za
> rest.cors.allow-origins = http://10.4.36.12
> rest.cors.allow-origins = http://10.4.36.12:4000
> rest.cors.allow-origins = https://10.4.36.12
>
> I'm not sure what's relevant from the browser's inspector window, but this
> is what I have after trying to log in with the Angular UI:
>
> [image: Selection_022.png]
> POST
> scheme https
> host dev-ir.dut.ac.za
> filename /server/api/authn/login
>
> Address 10.4.36.12:443
> Status
> 403
> VersionHTTP/1.1
> Transferred447 B (20 B size)
> Referrer Policystrict-origin-when-cross-origin
>
> Response Headers:
> HTTP/1.1 403
> Date: Wed, 25 Aug 2021 14:11:39 GMT
> Server: Apache/2.4.41 (Ubuntu)
> Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
> X-Content-Type-Options: nosniff
> X-XSS-Protection: 1; mode=block
> Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> Pragma: no-cache
> Expires: 0
> X-Frame-Options: DENY
> Keep-Alive: timeout=5, max=100
> Connection: Keep-Alive
> Transfer-Encoding: chunked
>
> Request Headers:
> POST /server/api/authn/login HTTP/1.1
> Host: dev-ir.dut.ac.za
> User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0)
> Gecko/20100101 Firefox/91.0
> Accept: application/json, text/plain, */*
> Accept-Language: en;q=1,en-US;q=0.1,en;q=0.09
> Accept-Encoding: gzip, deflate, br
> Content-Type: application/x-www-form-urlencoded
> X-XSRF-TOKEN: 56f4015c-5256-4512-8861-12dacda7aae3
> X-CORRELATION-ID: 352472e7-b842-4987-b223-961900a64746
> X-REFERRER: /home
>
