topic Re: Community Edition Tracking Logo in Alfresco Archive

Community Edition Tracking Logo

toadbrother — Thu, 22 Nov 2012 05:50:56 GMT

This has been a minor nightmare for me. I'mr using proxypass on a separate Apache webserver to wrap Alfresco (v 4.0.d) in SSL. I have been getting errors about non-SSL content and finally tracked it down to an embedded URL to http://www.alfresco.com/assets/images/logos/community-4.0-share.png .I hav

Re: Community Edition Tracking Logo

mikeh — Thu, 22 Nov 2012 09:37:53 GMT

The code will create an https link if the associated request is also https. In other words you need to make sure the link between your Apache webserver and Tomcat is using https, so the link generation code "knows" that the browser wants an https version of the image.

The code is actually in the Surf libraries, so you can modify those if you don't wish your installation to have the tracking logo.

Thanks,
Mike

Re: Community Edition Tracking Logo

toadbrother — Thu, 22 Nov 2012 17:01:20 GMT

The code will create an https link if the associated request is also https. In other words you need to make sure the link between your Apache webserver and Tomcat is using https, so the link generation code "knows" that the browser wants an https version of the image.

The code is actually in the Surf libraries, so you can modify those if you don't wish your installation to have the tracking logo.

Thanks,
Mike

I have done that, and it's still feeding http://www.alfresco.com/assets/images/logos/community-4.0-share.png. From inside the intranet that the Alfresco install is on, if I go https://alfrescoserver.local:8443/share/ I'm still seeing the above non-SSL link to the tracker image being fed, so clearly it is not picking up on the fact that it is an https connection.

I don't have the Java expertise to pull open the source, and frankly (rantmode) I think it's just bad practice to put hardcoded links into compiled code (/rantmode).

So I'm faced with a really ugly hack like trying to get Apache to rewrite the above link using a filter, or trying to get my SSL keys imported into Tomcat. The latter, in fact, would be most preferable of all, because then I wouldn't need an Apache proxy in the first place. Does anybody have a decent set of instructions for importing a SSL key into Tomcat's keystore?

Re: Community Edition Tracking Logo

mikeh — Fri, 23 Nov 2012 11:12:46 GMT

It looks like you've done everything correct, so I think you might be seeing the issue I've just raised: https://issues.alfresco.com/jira/browse/ALF-16900

Summary: the webscript response is cached irregardless of the method used to access it, so you'll always get the first response back even with a different schema. Try accessing https://alfrescoserver.local:8443/share/service/messages.js?locale=en_US after a Tomcat restart and see if that solves your problem.

Thanks,
Mike

P.S. I do understand your frustration with not being able to simply deactivate the tracking image. I suggest you raise a new issue in JIRA which is the best way to get the attention of the Product Managers within Alfresco.

Re: Community Edition Tracking Logo

toadbrother — Mon, 26 Nov 2012 17:54:33 GMT

It looks like you've done everything correct, so I think you might be seeing the issue I've just raised: https://issues.alfresco.com/jira/browse/ALF-16900

Summary: the webscript response is cached irregardless of the method used to access it, so you'll always get the first response back even with a different schema. Try accessing https://alfrescoserver.local:8443/share/service/messages.js?locale=en_US after a Tomcat restart and see if that solves your problem.

That was exactly it! Restarting Tomcat was the trick. Now my Alfresco site is showing no unencrypted items. Thank you very very very much!

For the benefit of anyone in the future looking to use Apache as an SSL gateway to an Alfresco install, here's my config:

<VirtualHost *:8443>

        DocumentRoot "/srv/alfresco/www"
        ServerName portalberni.avemployment.ca

        <Directory "/srv/alfresco/www">
                allow from all
                Options +Indexes
        </Directory>

        SSLEngine On
        SSLProxyEngine On
        SSLCertificateFile /srv/alfresco/ssl/portalberni-cert.pem
        SSLCertificateKeyFile /srv/alfresco/ssl/portalberni.key
        SSLCertificateChainFile /srv/alfresco/ssl/gd_bundle.crt

        <Proxy *>
                AddDefaultCharset Off
                Order deny,allow
                Allow from all
        </Proxy>

        Redirect / /share
        ProxyPass /share https://paalfieserver:8443/share
        ProxyPassReverse /share/ https://paalfieserver:8443/share
        ProxyPass /alfresco https://paalfieserver:8443/alfresco
        ProxyPassReverse /alfresco https://paalfieserver:8443/alfresco

</VirtualHost>

Re: Community Edition Tracking Logo

alfrescostarter — Mon, 18 Mar 2013 14:41:05 GMT

do you have an idea to remove the file:
http://www.alfresco.com/assets/images/logos/community-4.0-share.png
???
using https in your apache backend you still beeing tracked by alfresco, right?

thank you

alfrescostarter

Re: Community Edition Tracking Logo

r_aurelian — Mon, 11 Mar 2019 16:08:38 GMT

Hi,

I have installed Alfresco Community Edition 201901 GA (via Docker) and have the same issue - I have insecure content on my page (which is delivered through HAproxy reverse proxy). The culprit is "http://www.alfresco.com/assets/images/logos/community-5.2-share.png" which is being loaded, but I do not know by what.

How can I disable this? I would not mind the tracking, but the problem is that it`s preventing me from having the page shown as secure.