Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Solr admin UI redirecting root path requests to http instead of https

Shawn,

You should be able to add --module=http-forwarded to the command line to enable the ForwardedRequestCustomizer module.
You should be able to add jetty.httpConfig.relativeRedirectAllowed=true to the command line to configure relative redirection.

However, typically jetty start.jar likes to have persistent configuration for modules so that you can configure them in files.
If you manually did:

java -server -Djetty.home=/opt/solr/server -jar start.jar --add-module=server,http,gzip,http-forwarded 

then that should create a start.d directory with server.ini (and http.ini and http-forwarded.ini etc.) which you can edit to configure the server.

cheers


On Wed, 25 May 2022 at 12:03, Shawn Heisey <eclipse@xxxxxxxxxxxx> wrote:
On 5/24/2022 4:34 PM, Greg Wilkins wrote:
> To turn on relative redirects, you need to set the property
> `jetty.httpConfig.relativeRedirectAllowed=true`, which can be done on
> the command line or better yet in the server.ini file.

There is no server.ini file in a Solr install.  How would I configure
that?  We certainly could define a sysprop on the commandline, we
already do it for other things, but I would prefer a way to do it
through configuration rather than commandline parameters.  The full
command that the script uses to start Solr is already quite long.  This
is from a stock install of version 8.11.1:

java -server -Xms512m -Xmx512m -XX:+UseG1GC -XX:+PerfDisableSharedMem
-XX:+ParallelRefProcEnabled -XX:MaxGCPauseMillis=250 -XX:+UseLargePages
-XX:+AlwaysPreTouch -XX:+ExplicitGCInvokesConcurrent
-Xlog:gc*:file=/var/solr/logs/solr_gc.log:time,uptime:filecount=9,filesize=20M
-Dsolr.jetty.inetaccess.includes= -Dsolr.jetty.inetaccess.excludes=
-Dsolr.log.dir=/var/solr/logs -Djetty.port=8981 -DSTOP.PORT=7981
-DSTOP.KEY=solrrocks -Dhost=127.0.0.1 -Duser.timezone=UTC
-XX:-OmitStackTraceInFastThrow
-XX:_OnOutOfMemoryError_=/opt/solr/bin/oom_solr.sh 8981 /var/solr/logs
-Djetty.home=/opt/solr/server -Dsolr.solr.home=/var/solr/data
-Dsolr.data.home= -Dsolr.install.dir=/opt/solr
-Dsolr.default.confdir=/opt/solr/server/solr/configsets/_default/conf
-Dlog4j.configurationFile=/var/solr/log4j2.xml -Xss256k
-Dsolr.log.muteconsole -jar start.jar --module=http --module=gzip

Would you expect configuring ForwardedRequestCustomizer in our provided
jetty.xml (or one of the other xml configs when using SSL) to cause
problems?  If I understand what it does correctly, I would not expect it
to cause problems for users who do not have a proxy, but I haven't
looked at the code and I am hoping that someone here knows enough about
it that they can answer that question.

I am inclined right now to uncomment the ForwardedRequestCustomizer
section in our xml configs for our next release, if someone can tell me
that it would be a safe thing to do.  I've done some minimal testing and
it did not appear to cause any issues.  But it certainly was not an
extensive test.  Maybe I can find a co-conspirator with a large
development or testing SolrCloud cluster that would be willing to try it
out.

Thanks,
Shawn

_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users


--
Greg Wilkins <gregw@xxxxxxxxxxx> CTO http://webtide.com

Back to the top