Mmm, we should remove it completely from url.properties, ie
-# HTTP Port (Not Secure port)
-port.http=8080
-force.http.host=
Is that what you mean?
With maybe some documentation? Anyway now OFBiz is only supporting secured
connections, like eg Google.
Else feel free to improve how it's done
Hi Paul,
While the proposition to move to SSL is open for discussion elsewhere, I
share Michael's concern that the issue we are discussing here might have
not been done properly. The discussion in JIRAs and the way the commits
were done gives me the impression that this was a quick hack more than
Hi all,
I agree with Taher, we should simply remove non-SSL access. The world is
rapidly moving to SSL only.
It is now close to essential that passwords should be encrypted in transit
for a serious system like OFBiz.
Cheers
Paul Foxworthy
On 14 March 2017 at 07:18, Michael Brohl
Unfortunately I have not the time to dig deeper into this but I've got a
bad feeling about this and similar threads we had lately.
Ports 8080 and 8443 are used for a long time without problems and it's a
common production setting if you run OFBiz behind a webserver connected
through AJP. I
I faced this issue again while trying some tests today, and I read your
comments which refer to this as "not a bug".
So my question is: if we should not use 8080 as the port, why is it enabled
in the first place in OFBiz? why not disable it completely instead of
confusing people.
On Fri, Mar 3,
Okay so it seems this issue was introduced by your work based on what I
read in jira. I don't think you should apply code changes that cause
regressions like this one.
On Mar 3, 2017 4:40 PM, "Jacques Le Roux"
wrote:
> Le 02/03/2017 à 17:12, Jacques Le Roux a écrit
Le 02/03/2017 à 17:12, Jacques Le Roux a écrit :
Le 02/03/2017 à 15:52, Taher Alkhateeb a écrit :
I'm not sure who committed what, but now the automatic redirection from
8080 to 8443 ssl is broken. Jacques is this related to your work on port
offset stuff?
This is only with localhost, right?
Le 02/03/2017 à 15:52, Taher Alkhateeb a écrit :
I'm not sure who committed what, but now the automatic redirection from
8080 to 8443 ssl is broken. Jacques is this related to your work on port
offset stuff?
This is only with localhost, right?
If it's the case, I guess it's related to
I'm not sure who committed what, but now the automatic redirection from
8080 to 8443 ssl is broken. Jacques is this related to your work on port
offset stuff?