[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-users] Solr admin UI redirecting root path requests to http instead of https
|
On 5/24/2022 4:34 PM, Greg Wilkins wrote:
To turn on relative redirects, you need to set the property
`jetty.httpConfig.relativeRedirectAllowed=true`, which can be done on
the command line or better yet in the server.ini file.
There is no server.ini file in a Solr install. How would I configure
that? We certainly could define a sysprop on the commandline, we
already do it for other things, but I would prefer a way to do it
through configuration rather than commandline parameters. The full
command that the script uses to start Solr is already quite long. This
is from a stock install of version 8.11.1:
java -server -Xms512m -Xmx512m -XX:+UseG1GC -XX:+PerfDisableSharedMem
-XX:+ParallelRefProcEnabled -XX:MaxGCPauseMillis=250 -XX:+UseLargePages
-XX:+AlwaysPreTouch -XX:+ExplicitGCInvokesConcurrent
-Xlog:gc*:file=/var/solr/logs/solr_gc.log:time,uptime:filecount=9,filesize=20M
-Dsolr.jetty.inetaccess.includes= -Dsolr.jetty.inetaccess.excludes=
-Dsolr.log.dir=/var/solr/logs -Djetty.port=8981 -DSTOP.PORT=7981
-DSTOP.KEY=solrrocks -Dhost=127.0.0.1 -Duser.timezone=UTC
-XX:-OmitStackTraceInFastThrow
-XX:OnOutOfMemoryError=/opt/solr/bin/oom_solr.sh 8981 /var/solr/logs
-Djetty.home=/opt/solr/server -Dsolr.solr.home=/var/solr/data
-Dsolr.data.home= -Dsolr.install.dir=/opt/solr
-Dsolr.default.confdir=/opt/solr/server/solr/configsets/_default/conf
-Dlog4j.configurationFile=/var/solr/log4j2.xml -Xss256k
-Dsolr.log.muteconsole -jar start.jar --module=http --module=gzip
Would you expect configuring ForwardedRequestCustomizer in our provided
jetty.xml (or one of the other xml configs when using SSL) to cause
problems? If I understand what it does correctly, I would not expect it
to cause problems for users who do not have a proxy, but I haven't
looked at the code and I am hoping that someone here knows enough about
it that they can answer that question.
I am inclined right now to uncomment the ForwardedRequestCustomizer
section in our xml configs for our next release, if someone can tell me
that it would be a safe thing to do. I've done some minimal testing and
it did not appear to cause any issues. But it certainly was not an
extensive test. Maybe I can find a co-conspirator with a large
development or testing SolrCloud cluster that would be willing to try it
out.
Thanks,
Shawn