I want to query my data indexed by elasticsearch in Lucene engine, but I want this connection to be secure by using SSL:
https://x.y.z.w:9200/index_name/_search?&q=field:value
And this is my whole code:
<!doctype html>
<html lang="fa">
<head>
<title>XHR App Test</title>
<script>
function send() {
var xhr = new XMLHttpRequest(),
url = 'https://x.y.z.w:9200/index_name/_search?&q=field:value',
sendButton = document.getElementById('sendButton');
xhr.onreadystatechange = function(e) {
console.log(e);
if (e.currentTarget.readyState > 2) {
document.getElementById('result').innerHTML = e.currentTarget.responseText;
}
};
xhr.open('GET', url, true);
xhr.send(null);
}
</script>
</head>
<body>
<h1>XHR App Test</h1>
<button id='sendButton' onclick="send()">Send</button>
<div id="result"></div>
</body>
</html>
I also added these configs in elasticsearch.yml file:
http.port: 9200
http.cors.enabled : true
http.cors.allow-origin: /https?:\/\//
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : "X-Requested-With,X-Auth-Token,Content-Type, Content-Length, Authorization"
# http.cors.allow-credentials : true
But only be able to query by http protocol not https.
How to resolve this?
Elasticsearch doesn't support SSL out-of-the-box. The http.cors settings are for enabling and setting up the CORS (Cross-origin resource sharing) mechanism but have nothing to do with SSL.
If you want your ES cluster to serve requests over HTTPS/SSL, you need to setup SSL/TLS either using the Shield plugin or preferably with XPack if you're running ES 5.
Related
I have set up a new Azure Mobile App Service instance which has been working fine. The only thing I can think that I've done to the server side configuration is add a Lets Encrpyt certificate to provide SSL support using the Lets Encrypt Azure Extension.
Now, when I publish, I get a Runtime Error. Looking in the Azure streaming logs, I can see the following every time I hit the application URL:
2017-06-29T13:54:07 Welcome, you are now connected to log-streaming service.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>IIS Detailed Error - 500.0 - Internal Server Error</title>
</head>
<body>
<div id="content">
<div class="content-container">
<h3>HTTP Error 500.0 - Internal Server Error</h3>
<h4>The page cannot be displayed because an internal server error has occurred.</h4>
</div>
<div class="content-container">
<fieldset><h4>Most likely causes:</h4>
<ul> <li>IIS received the request; however, an internal error occurred during the processing of the request. The root cause of this error depends on which module handles the request and what was happening in the worker process when this error occurred.</li> <li>IIS was not able to access the web.config file for the Web site or application. This can occur if the NTFS permissions are set incorrectly.</li> <li>IIS was not able to process configuration for the Web site or application.</li> <li>The authenticated user does not have permission to use this DLL.</li> <li>The request is mapped to a managed handler but the .NET Extensibility Feature is not installed.</li> </ul>
</fieldset>
</div>
<div class="content-container">
<fieldset><h4>Things you can try:</h4>
<ul> <li>Ensure that the NTFS permissions for the web.config file are correct and allow access to the Web server's machine account.</li> <li>Check the event logs to see if any additional information was logged.</li> <li>Verify the permissions for the DLL.</li> <li>Install the .NET Extensibility feature if the request is mapped to a managed handler.</li> <li>Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here. </li> </ul>
</fieldset>
</div>
<div class="content-container">
<fieldset><h4>Detailed Error Information:</h4>
<div id="details-left">
<table border="0" cellpadding="0" cellspacing="0">
<tr class="alt"><th>Module</th><td> AspNetInitializationExceptionModule</td></tr>
<tr><th>Notification</th><td> BeginRequest</td></tr>
<tr class="alt"><th>Handler</th><td> ExtensionlessUrlHandler-Integrated-4.0</td></tr>
<tr><th>Error Code</th><td> 0x00000000</td></tr>
Has anyone come across this problem before?
OK< bit of an obscure and edge case one this, but thought I'd leave it here with the answer in case it helps someone.
I created the site and published it with it all working fine. I then changed the assembly name to fit in with my project naming standards and re-published, without selecting 'DELETE ALL FILES' becuase it would wipe out the Lets Encrypt extension settings. However, this lef the old DLL's hanging around in the \bin directory meaning there were two OWIN startup classes being found!
Deleting the old one fixed the issue.
I am using AWS tools for deploy a simple application.
I have a RDS instance (Oracle) and it is working. (I can access to it from SQL Developer in my local computer)
By other side, I built in Eclipse a simple application in jsp that loops over a table in my Oracle instance (above metioned) and shows the values in the screen.
Test.jsp
<%# page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<%#page import="dbconnection.DataSource"%>
<%#page import="java.sql.*"%>
<%#page import="oracle.jdbc.pool.OracleDataSource"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Tercera Prueba</title>
</head>
<body>
<%
DataSource ods = new DataSource();
Connection conn=ods.connect();
out.println (ods.getUserName(conn));
// Close the connection
conn.close();
conn = null;
%>
</body>
</html>
DataSource.java
import oracle.jdbc.pool.OracleDataSource;
public class DataSource
{
public String getUserName(Connection conn)
throws SQLException
{
// Create a Statement
Statement stmt = conn.createStatement ();
String str="";
// Select the ENAME column from the EMP table
ResultSet rset = stmt.executeQuery ("select USER from dual");
// Iterate through the result and print the employee names
while (rset.next ())
str= "User name is " + rset.getString (1);
// Close the RseultSet
rset.close();
rset = null;
// Close the Statement
stmt.close();
stmt = null;
return (str);
}
public Connection connect() throws SQLException{
// Create a OracleDataSource instance explicitly
OracleDataSource ods = new OracleDataSource();
// Set the user name, password, driver type and network protocol
ods.setDriverType("thin");
ods.setServerName("xxxxxx");
ods.setDatabaseName("oracledb");
ods.setPortNumber(1521);
ods.setUser("xxxxxx");
ods.setPassword("xxxxxxx");
Connection conn = ods.getConnection();
return (conn);
}
}
Once this app is deployed in Apache Tomcat server (localhost), everything Works ok and the value is shown in the screen.
However, once this app is deployed over Elastic BeanStalk service (using AWS toolkit for Eclipse), the web page takes too long for loading, and finally nothing appear (page in blank). In fact, it does not shows errors either.
I was debugging line by line, and everything goes well untill the line :
Connection conn=ods.connect();
I think is something related to the configuration of my RDS Oracle instance. but Im not sure. it is how it is configured.
Do you have any idea?
Many Thanks
Have you ensured that the RDS Instance and the Elastic Beanstalk have the appropriate security groups?
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.managing.ec2.html#using-features.managing.ec2.securitygroups
Solved!.
Need to configure Security Groups.
My RDS Instace had only one inbound ip (it was my local computer, thats why it worked from Apache Tomcat Server). For allowing all ip's you must specify 0.0.0.0/0 as ip.
:)
How to access the server host ip and port in playframework template?
Background
Let say I start play using the command on a server with ip: 192.168.1.10:
./activator "run 12345"
How to make the app/views/index.scala.html when I visit 192.168.1.10/index.html (assumed I have setup the appropriate route)?
<html>
<body>
192.168.1.10:12345
</body>
</html>
Maybe the simplest solution for you is using the HTTP request. Check out play.api.mvc.Http
/**
* The HTTP host (domain, optionally port)
*/
lazy val host: String = headers.get(HeaderNames.HOST).getOrElse("")
In Play! you can get access to the HTTP request by using the Action builder that accepts the function (Request) => Result
def getHostPort = Action { request =>
Ok(s"This page served from ${request.host}")
}
If your server is listening for HTTP on 192.168.1.10:12345 hitting that endpoint will render the string "This page served from 192.168.1.10:12345"
But you can easily modify it to pass request.host to your template
I have an EmberJS application that uses ember-data to access data via a REST API. The REST API is running on the same machine but on a different port (although this probably applies to REST API's that are served from another domain.
When I go to the URL localhost:4200/items I get the following error in the Firefox console:
Content Security Policy: The page's settings blocked the loading of a resource at http://localhost:7654/api/items ("connect-src http://localhost:4200 ws://localhost:35729 ws://0.0.0.0:35729 http://0.0.0.0:4200").
I tried installing ember-cli-cors but nothing changed. I also tried the solution at http://discuss.emberjs.com/t/ember-data-and-cors/3690, but that didn't work either. That discussion was from 2013, so that's not a huge surprise.
The REST API is written in python using Flask and Flask-cors. Using the network tab I can see that the request is being sent, and the data being sent back, but the error is still there. The header Access-Control-Allow-Origin is set to http://localhost:4200 in the response, as expected.
app/router.js
import Ember from 'ember';
import config from './config/environment';
var Router = Ember.Router.extend({
location: config.locationType
});
export default Router.map(function() {
this.route('items');
});
app/adapters/application.js
import DS from 'ember-data';
export default DS.RESTAdapter.extend({
namespace: 'api',
host: 'http://localhost:7654',
});
app/routes/items.js
import Ember from 'ember';
export default Ember.Route.extend({
model: function() {
return this.store.find('item');
}
});
app/models/item.js
import DS from 'ember-data';
export default DS.Model.extend({
name: DS.attr(),
});
app/templates/items.hbs
{{#each item in items}}
{{ item.name }}<br>
{{else}}
<p>No items</p>
{{/each}}
{{outlet}}
This is a CSP issue not CORS
Inside config/environment.js find the ENV.contentSecurityPolicy and add http://localhost:7654 to your 'connect-src' key
e.g.
ENV.contentSecurityPolicy = {
// ... other stuff here
'connect-src': "'self' http://localhost:7654"
}
You will probably need a different setting for your production environment as well.
For testing environment you can use proxy.
ember s -proxy http://localhost:7654
So all back-end request goes to your server which is running on port 7654.
I am trying to run this piece of code taken from http://coffeescriptcookbook.com embedding it into an html.
net = require 'net'
domain = 'localhost'
port = 9001
connecting = (socket) ->
console.log "Connecting to real-time server"
connection = net.createConnection port, domain
connection.on 'connect', () ->
console.log "Opened connection to #{domain}:#{port}"
connecting connection
connection.on 'data', (data) ->
console.log "Received: #{data}"
connection.on 'end', (data) ->
console.log "Connection closed"
This code is in file named client.coffe and when i run it with the coffee command: coffee client.coffe it runs fine and connects to the server, but when I embbed it in a html file and open it i get this error: Uncaught ReferenceError: require is not defined.
My html script tags looks like this:
<script src="http://jashkenas.github.com/coffee-script/extras/coffee-script.js"
type="text/javascript" charset="utf-8" ></script>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.0/jquery.min.js"
type="text/javascript" charset="utf-8"></script>
<script src="{% get_static_prefix %}functions.js"
type="text/javascript" charset="utf-8"></script>
<script src="{% get_static_prefix %}jquery.dajax.core.js"
type="text/javascript" charset="utf-8"></script>
<script src="{% get_static_prefix %}client.coffee"
type="text/coffeescript" charset="utf-8"></script>
Any ideas?
This won't work in the browser.
First issue: Stuff in the browser isn't allowed to connect to other servers or ports than it's coming from for security reasons. Also, you don't get real sockets, just HTTP.
Second issue: require is a node.js command you'll only be able to use in node.js (that is, when you run a javascript file with the node command or a coffeescript file with the coffee command). The net module belongs to node.js and will never work this way in the browser.
If you want to talk to the server in realtime from inside the browser, I recommend the socket.io module which uses websockets, flashsockets and HTTP (those are usable from within the browser).
You can use require in a browser with wrappers like node-browserify. However, all problems pointed out by #thejh are correct, so you'll have to rethink your code.