How to debug wildfly fail when running standalone.sh? - wildfly

I cannot run my cors header in wildfly.
Here is my standalone.xml
<subsystem xmlns="urn:jboss:domain:undertow:3.0">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>
<https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<access-log/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
<filter-ref name="gzipFilter" predicate="exists('%{o,Content-Type}') and regex(pattern='(?:application/javascript|text/css|text/html|text/xml|application/json)(;.*)?', value=%{o,Content-Type}, full-match=true)"/>
<filter-ref name="Access-Control-Allow-Origin"/>
<filter-ref name="Access-Control-Allow-Methods"/>
<filter-ref name="Access-Control-Allow-Headers"/>
<filter-ref name="Access-Control-Allow-Credentials"/>
</host>
</server>
<servlet-container name="default">
<jsp-config development="true" tag-pooling="false"/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="WildFly/10"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
<gzip name="gzipFilter"/>
<response-header name="Access-Control-Allow-Origin" header-name="Access-Control-Allow-Origin" header-value="*"/>
<response-header name="Access-Control-Allow-Methods" header-name="Access-Control-Allow-Methods" header-value="GET, POST, OPTIONS, PUT"/>
<response-header name="Access-Control-Allow-Headers" header-name="Access-Control-Allow-Headers" header-value="accept, authorization, content-type, x-requested-with"/>
<response-header name="Access-Control-Allow-Credentials" header-name="Access-Control-Allow-Credentials" header-value="true"/>
</filters>
</subsystem>
And the result of ./standalone.sh is:
18:44:34,491 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) "WFLYCTL0193: Failed executing subsystem undertow boot operations"
18:44:34,493 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("parallel-subsystem-boot") failed - address: ([]) - failure description: "\"WFLYCTL0193: Failed executing subsystem undertow boot operations\""
18:44:34,499 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.
Anyone can advise please...

You could try to increase the debug level for JBoss classes (eg "org.jboss.as" and/or ""org.jboss.as.config").
In your "standalone.xml" file:
<subsystem xmlns="urn:jboss:domain:logging:5.0">
...
<logger category="org.jboss.as.config">
<level name="DEBUG"/>
</logger>
and then restart your server

Related

How to allow several different origins in Wildfly 10

My goal is to allow several BUT NOT ALL origins for http requests to my Wildfly 10. I have searched StackOverflow and haven't found anything so far on this topic. People all over the Internet suggest using a wildcard, however this could effectively be a security flaw. Yes, a wildcard for Access-Control-Allow-Origin does work, but I don't want to allow just any origin. I have tried this standalone.xml part for undertow subsystem (unsuccessfully):
<subsystem xmlns="urn:jboss:domain:undertow:3.1">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" max-post-size="314572800" redirect-socket="https" enable-http2="true"/>
<https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
<filter-ref name="Access-Control-Allow-Origin-header1"/>
<filter-ref name="Access-Control-Allow-Origin-header2"/>
<filter-ref name="Access-Control-Allow-Origin-header3"/>
<filter-ref name="Access-Control-Allow-Methods-header"/>
<filter-ref name="Access-Control-Allow-Headers-header"/>
<filter-ref name="Access-Control-Allow-Credentials-header"/>
<filter-ref name="Access-Control-Max-Age-header"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="WildFly/10"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
<response-header name="Access-Control-Allow-Origin-header1" header-name="Access-Control-Allow-Origin" header-value="http://122.22.22.24:*"/>
<response-header name="Access-Control-Allow-Origin-header2" header-name="Access-Control-Allow-Origin" header-value="http://122.22.22.21:*"/>
<response-header name="Access-Control-Allow-Origin-header3" header-name="Access-Control-Allow-Origin" header-value="http://122.22.22.22:*"/>
<response-header name="Access-Control-Allow-Methods-header" header-name="Access-Control-Allow-Methods" header-value="GET, POST, OPTIONS, PUT"/>
<response-header name="Access-Control-Allow-Headers-header" header-name="Access-Control-Allow-Headers" header-value="accept, authorization, content-type, x-requested-with"/>
<response-header name="Access-Control-Allow-Credentials-header" header-name="Access-Control-Allow-Credentials" header-value="true"/>
<response-header name="Access-Control-Max-Age-header" header-name="Access-Control-Max-Age" header-value="1"/>
</filters>
</subsystem>
What am I doing wrong?
This nice article is explaining one way to do it, using an Undertow expression-filter validating origin against some whitelisted domains (modelled as a multi-valued|-separated list):
<property name=”cors.whitelist” value=”http://domainA|http://domainB"/>
All credits go to the article author :-)

Access log pattern for Response time Undertow system- Wildfly 14.0.1

What is the access log pattern for logging the total response time to the request on undertow subsystem ?
<subsystem xmlns="urn:jboss:domain:undertow:7.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>
<https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/>
<host name="default-host" alias="localhost">
<access-log prefix="access" pattern="%h %t %U%q %m %s %b %T"/> <!-- use-server-log="true" -->
<location name="/" handler="welcome-content"/>
<http-invoker security-realm="ApplicationRealm"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
</subsystem>
The %T is recording just a '-' in the logs. Please help.
Here i found the following hint:
Time taken to process the request, in seconds. It won't work unless record-request-start-time is set to true, see %D above.
There is also a link how you can configure it. record-request-start-time
If you start undertow with Spring Boot, the properties are
server.undertow.options.server.record-request-start-time=true
server.undertow.accesslog.pattern=[...] %T

Swagger is not working in Wildfly 8 server for representing set of Rest API

Hi I have integrated Swagger API to represent all Rest Easy API to the application developer(Abdroid, iOS). For that I have done some configuration in standalone.xml file(/opt/wildfly/standalone/configuration) in wildfly server as given below for access control origin setting.
Here I have added filter and response header in existing undertow module.
<subsystem xmlns="urn:jboss:domain:undertow:1.2">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
<filter-ref name="Access-Control-Allow-Origin"/>
<filter-ref name="Access-Control-Allow-Methods"/>
<filter-ref name="Access-Control-Allow-Headers"/>
<filter-ref name="Access-Control-Allow-Credentials"/>
<filter-ref name="Access-Control-Max-Age"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="WildFly/8"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
<response-header name="Access-Control-Allow-Origin" header-name="Access-Control-Allow-Origin" header-value="*"/>
<response-header name="Access-Control-Allow-Methods" header-name="Access-Control-Allow-Methods" header-value="GET, POST, OPTIONS, PUT"/>
<response-header name="Access-Control-Allow-Headers" header-name="Access-Control-Allow-Headers" header-value="accept, authorization, content-type, x-requested-with"/>
<response-header name="Access-Control-Allow-Credentials" header-name="Access-Control-Allow-Credentials" header-value="true"/>
<response-header name="Access-Control-Max-Age" header-name="Access-Control-Max-Age" header-value="1"/>
</filters>
</subsystem>
When I hit the swagger url(http://host/application/dist/index.html), it is working on local machine but when some other machine hit the same url, it is showing error like "not have appropriate access-control-origin setting".

Wildfly static store content protection

I am using wildfly and I create a folder to store images. eg:
localhost:8080/images/1/3487722873453756755.jpeg
but if i put :
localhost:8080/images/1/
our
localhost:8080/images/
I can see all files in that folders
How can I protect that folders?
My standalone.xml:
<subsystem xmlns="urn:jboss:domain:undertow:3.1">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>
<https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<location name="/images" handler="PicturesDir"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
<file name="PicturesDir" path="C:\Users\diogo\wildfly-10.1.0.Final\bin\Images\" directory-listing="true"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="WildFly/10"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
</filters>
</subsystem>

Uploading large files error to wildfly

I try to upload large files(400mb+) to wildfly 8.1 and i get an IOException but i dont encounter any exception with the same conditions when using jboss 7 server:
Exception:
Blocking request failed HttpServerExchange{ POST /ehub/contentstore/categories/maincategory/file/create}: java.lang.RuntimeException: java.io.IOException: Broken pipe
at io.undertow.servlet.spec.HttpServletResponseImpl.responseDone(HttpServletResponseImpl.java:527)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:287)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:177)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_51]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_51]
at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_51]
Caused by: java.io.IOException: Broken pipe
at sun.nio.ch.FileDispatcherImpl.write0(Native Method) [rt.jar:1.7.0_51]
at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:47) [rt.jar:1.7.0_51]
at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93) [rt.jar:1.7.0_51]
at sun.nio.ch.IOUtil.write(IOUtil.java:51) [rt.jar:1.7.0_51]
at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:487) [rt.jar:1.7.0_51]
at org.xnio.nio.NioSocketConduit.write(NioSocketConduit.java:150) [xnio-nio-3.2.2.Final.jar:3.2.2.Final]
at io.undertow.server.protocol.http.HttpResponseConduit.processWrite(HttpResponseConduit.java:212)
at io.undertow.server.protocol.http.HttpResponseConduit.flush(HttpResponseConduit.java:629)
at io.undertow.conduits.FinishableStreamSinkConduit.flush(FinishableStreamSinkConduit.java:83)
at org.xnio.conduits.ConduitStreamSinkChannel.flush(ConduitStreamSinkChannel.java:162) [xnio-api-3.2.2.Final.jar:3.2.2.Final]
at io.undertow.channels.DetachableStreamSinkChannel.flush(DetachableStreamSinkChannel.java:100)
at org.xnio.channels.Channels.flushBlocking(Channels.java:63) [xnio-api-3.2.2.Final.jar:3.2.2.Final]
at io.undertow.servlet.spec.ServletOutputStreamImpl.close(ServletOutputStreamImpl.java:625)
at io.undertow.servlet.spec.HttpServletResponseImpl.closeStreamAndWriter(HttpServletResponseImpl.java:451)
at io.undertow.servlet.spec.HttpServletResponseImpl.responseDone(HttpServletResponseImpl.java:525)
I increased the max-post-size but it didnt work.
standalone.xml :
<subsystem xmlns="urn:jboss:domain:undertow:1.1">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" max-post-size="974247881"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="WildFly/8"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
</filters>
</subsystem>
I have found solution for this. I had this same issue and I solved it. It may help others.
For allowing more http request header size you need to change standalone.xml file of jboss or wildfly.
Add max-header-size attribute to default server and restart the server it will work
Standalone.conf
<subsystem xmlns="urn:jboss:domain:undertow:1.1">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" max-header-size="974247881"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
...
</subsystem>
It is not in "standalone.conf" file . It is "standalone.xml" file which is located in folder "standalone/configuration".
change max-post-size :
<http-listener name="default" socket-binding="http" redirect-socket="https" max-post-size="104857600"/>
<host name="default-host" alias="localhost">
see this link in jboss: https://issues.jboss.org/browse/UNDERTOW-185
max-post-size in ../wildfly/stanadalone/configuration/standalone.xml will be set.
If your wildfly stands behind webserver, e.q. nginx, you may have to set the limit there. This helped me.
Using the WildFly web console move to:
Configuration -> Subsystems -> Web(Undertow) -> Server -> default-server
click "View" button
move to "Listener" tab
edit "HTTP Listener" and "HTTPS Listener" parameter "max-post-size"