Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Share Login Problems when forcing Tomcat to use only SSL/HTTPS (Alfresco 5.0.d)

dfxx
Champ in-the-making
Champ in-the-making

‎02-27-2016 03:51 PM

Dear all,

I'm completely new to Alfresco and also web servers, so please excuse any easy or "dumb" question. For a university project, my team and me are supposed to develop an Alfresco plugin. I am currently responsible for installing and configuring on our own server for testing purposes. I dislike the idea that the Alfresco installer comes "all in one" and does not make use of pre-installed software on the server, such as a database or a webserver. Hence, I decided to manually install the components.

Up to now, I did the following:
<ul>
  <li>Install Java 8.</li>
  <li>Install Tomcat 7 and enable SSL support using self-signed certificates (it is only a test environment).</li>
  <li>Install MariaDB (MySQL).</li>
  <li>Followed instructions at http://docs.alfresco.com/5.0/tasks/alf-war-install.html</li>
</ul>

I dislik the fact that the share log in possible using only HTTPS, so I wanted to enforce HTTPS on Tomcat. To do so, I added the following lines to /var/lib/tomcat7/conf/web.xml:

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Protected Context</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <!– auth-constraint goes here if you requre authentication –>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>


Furthermore, I edited my /var/lib/tomcat7/conf/server.xml:

<Connector port="8080" enableLookups="false"
       redirectPort="8443" />


I also changed /var/lib/tomcat7/shared/classes/alfresco-global.properties file accordingly:

#
# URL Generation Parameters (The ${localname} token is replaced by the local server name)
#————-
alfresco.context=alfresco
alfresco.host=${localname}
#alfresco.port=8080
alfresco.port=8443
alfresco.protocol=https

share.context=share
share.host=${localname}
#share.port=8080
share.port=8443
share.protocol=https


However, since I forced Tomcat to use HTTPS, I can no longer log in to share. My (correct) credentials are simply rejected. I attached alfresco.log and share.log. I already googled for a solution, but I did not get any further. I read about similar problems which were solved by using both Apache httpd and Tomcat. If possible, I would like to avoid installing another web server to keep the complexity low. As I already mentioned, I'm very new to this field.

I would really appreciate suggestions and comments from you. If you need further information, just let me know.

Thanks in advance and kind regards,

dfxx
Labels:
alfresco_118.log.zip
share_19.log.zip
0 Kudos
1 REPLY 1

eswbitto
Confirmed Champ
Confirmed Champ

‎02-29-2016 12:51 PM

I have had several issues trying to get tomcat to handle the ssl traffic. No matter what configuration I have done or tweaking I would end up where you are right now.

I know that you stated that you don't want to install another webserver, but I do have apache handling the SSL connections and to be quite honest it only takes about half a day to do. If you search the forums you will find posts that I have made outlining how to do this.

0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC