[Dspace-tech] Question about mod_jk, x-forwarded-for and IP-based authentication
Dear all, We are using apache webserver as a front end for our dspace instance. I did this using mod_jk. Now, our server is (may be) behind a firewall/proxy/load balancer and it is forwarding its own local ip address instead of the user's ip address. I tried implementing this ( http://www.techstacks.com/howto/log-client-ip-and-xforwardedfor-ip-in-apache.html) in the virtualhost of our server's httpd.conf but I still get the local IP address of the load-balancer/proxy upon checking the access logs. I can't implement ip-based authentication if I can't get the real ip-address of the user, right? Please advice what are the necessary steps to do to get the user's ip address to enable ip-based authentication. Lastly, in authentication-ip.cfg, what is the correct syntax for specifying ip range? If for example our ip range is 203.xxx.xx.129 to 203.xxx.xx.142? I tried using 203.xxx.xx.129/142 and I get Malformed *IP range* specified for group error. Thanks in advance. Sincerely, Elvi S. Nemiz -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Question about mod_jk, x-forwarded-for and IP-based authentication
Hi, this is a tangent, but if you want a really handy tool for your box, grab a copy of ipcalc (it's in most package managers): http://jodies.de/ipcalc I use this whenever I need to spot-check my guesses at CIDR notation. -- HARDY POTTINGER pottinge...@umsystem.edu University of Missouri Library Systems http://lso.umsystem.edu/~pottingerhj/ https://MOspace.umsystem.edu/ I am always doing that which I cannot do, in order that I may learn how to do it. --Pablo Picasso On 9/12/13 11:37 AM, Mark H. Wood mw...@iupui.edu wrote: On Thu, Sep 12, 2013 at 06:32:45PM +0800, Nemiz, Elvi wrote: Lastly, in authentication-ip.cfg, what is the correct syntax for specifying ip range? If for example our ip range is 203.xxx.xx.129 to 203.xxx.xx.142? I tried using 203.xxx.xx.129/142 and I get Malformed *IP range* specified for group error. This part I can answer. See: https://wiki.duraspace.org/display/DSDOC3x/Authentication+Plugins#Authenti cationPlugins-ConfiguringIPAuthentication You seem to be trying to use CIDR notation. That doesn't directly indicate the range; the number after the slash is the number of leading one bits in the mask. So, 203.xxx.xx.129/142 is impossible, as there are not 142 bits in an IPv4 address, and that isn't what you meant anyway. You may need to figure out a set of masked addresses, of which the union is the entire set of addresses that you permit. I'm not quite sure what you mean by 203.xxx.xx.129 to 203.xxx.xx.142. Are the xxx and xx don't care bits? If the permitted set is very small, you could just specify each address individually. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Question about mod_jk, x-forwarded-for and IP-based authentication
On Thu, Sep 12, 2013 at 06:32:45PM +0800, Nemiz, Elvi wrote: Lastly, in authentication-ip.cfg, what is the correct syntax for specifying ip range? If for example our ip range is 203.xxx.xx.129 to 203.xxx.xx.142? I tried using 203.xxx.xx.129/142 and I get Malformed *IP range* specified for group error. This part I can answer. See: https://wiki.duraspace.org/display/DSDOC3x/Authentication+Plugins#AuthenticationPlugins-ConfiguringIPAuthentication You seem to be trying to use CIDR notation. That doesn't directly indicate the range; the number after the slash is the number of leading one bits in the mask. So, 203.xxx.xx.129/142 is impossible, as there are not 142 bits in an IPv4 address, and that isn't what you meant anyway. You may need to figure out a set of masked addresses, of which the union is the entire set of addresses that you permit. I'm not quite sure what you mean by 203.xxx.xx.129 to 203.xxx.xx.142. Are the xxx and xx don't care bits? If the permitted set is very small, you could just specify each address individually. -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient. signature.asc Description: Digital signature -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
[Dspace-tech] DSpace 3.2 index-init errors
Hello, i'm migrating our dspace 1.7.2 to the 3.2 version, I have followed al the instructions on https://wiki.duraspace.org/display/DSDOC3x/Upgrading+a+DSpace+Installation from 1.7.x to 1.8.x and 1.8.x to 3.x but i'm having problems with dspace index-init command, for some items it's appearing the exception 1. Besides at the beggining of the process others exceptions like the ones ad the end of this post ocurred. I have DEBUG mode in my log4j Exception 1 2013-09-12 09:40:21,892 DEBUG org.dspace.search.DSIndexer @ Building Item: 10906/235 2013-09-12 09:40:21,893 DEBUG org.dspace.storage.rdbms.DatabaseManager @ Running query SELECT * FROM MetadataValue WHERE item_id= ? ORDER BY metadata_field_id, place with parameters: 180 2013-09-12 09:40:21,896 DEBUG org.dspace.search.DSIndexer @ Added Metadata 2013-09-12 09:40:21,896 DEBUG org.dspace.search.DSIndexer @ Added Sorting 2013-09-12 09:40:21,896 DEBUG org.dspace.storage.rdbms.DatabaseManager @ Running query SELECT bundle.* FROM bundle, item2bundle WHERE item2bundle.bundle_id=bundle.bundle_id AND item2bundle.item_id= ? wi th parameters: 180 2013-09-12 09:40:21,897 DEBUG org.dspace.storage.rdbms.DatabaseManager @ Running query SELECT bitstream.*,bundle2bitstream.bitstream_order FROM bitstream, bundle2bitstream WHERE bundle2bitstream.bitstream_ id=bitstream.bitstream_id AND bundle2bitstream.bundle_id= ? ORDER BY sequence_is ASC with parameters: 178 2013-09-12 09:40:21,898 ERROR org.dspace.search.DSIndexer @ ORA-00904: SEQUENCE_IS: invalid identifier java.sql.SQLSyntaxErrorException: ORA-00904: SEQUENCE_IS: invalid identifier at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:445) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:396) at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:879) at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:450) at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:192) at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:531) at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:207) at oracle.jdbc.driver.T4CPreparedStatement.executeForDescribe(T4CPreparedStatement.java:884) at oracle.jdbc.driver.OracleStatement.executeMaybeDescribe(OracleStatement.java:1167) at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1289) at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3584) at oracle.jdbc.driver.OraclePreparedStatement.executeQuery(OraclePreparedStatement.java:3628) at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeQuery(OraclePreparedStatementWrapper.java:1493) at org.apache.commons.dbcp.DelegatingPreparedStatement.executeQuery(DelegatingPreparedStatement.java:96) at org.apache.commons.dbcp.DelegatingPreparedStatement.executeQuery(DelegatingPreparedStatement.java:96) at org.apache.commons.dbcp.DelegatingPreparedStatement.executeQuery(DelegatingPreparedStatement.java:96) at org.dspace.storage.rdbms.DatabaseManager.query(DatabaseManager.java:280) at org.dspace.content.Bundle.init(Bundle.java:96) at org.dspace.content.Item.getBundles(Item.java:1190) at org.dspace.search.DSIndexer.buildDocumentForItem(DSIndexer.java:1243) at org.dspace.search.DSIndexer.prepareIndexingTask(DSIndexer.java:671) at org.dspace.search.DSIndexer.indexContent(DSIndexer.java:278) at org.dspace.search.DSIndexer.indexContent(DSIndexer.java:260) at org.dspace.search.DSIndexer.updateIndex(DSIndexer.java:540) at org.dspace.search.DSIndexer.createIndex(DSIndexer.java:372) at org.dspace.search.DSIndexer.main(DSIndexer.java:486) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.dspace.app.launcher.ScriptLauncher.main(ScriptLauncher.java:183) 2013-09-12 09:40:21,899 INFO org.dspace.search.DSIndexer @ Wrote Item: 10906/235 to Index Others Exceptions 2013-09-12 09:19:47,432 DEBUG net.sf.ehcache.config.DiskStoreConfiguration @ Disk Store Path: /tmp 2013-09-12 09:19:47,440 DEBUG net.sf.ehcache.config.ConfigurationHelper @ No CacheManagerEventListen erFactory class specified. Skipping... 2013-09-12 09:19:47,449 DEBUG net.sf.ehcache.config.ConfigurationHelper @ No BootstrapCacheLoaderFac tory class specified. Skipping... 2013-09-12 09:19:47,449 DEBUG net.sf.ehcache.config.ConfigurationHelper @ No CacheExceptionHandlerFa ctory class specified. Skipping... 2013-09-12 09:19:47,468 DEBUG net.sf.ehcache.util.UpdateChecker @ Checking for update... 2013-09-12 09:19:48,849 DEBUG org.dspace.storage.rdbms.DatabaseManager @ Running query SELECT * FRO M bi_1 WHERE