Apache2 如何在apache上使用http auth在tomcat7上设置gerrit
操作系统-Ubuntu 14.04.3 LTC 安装了git、Tomcat7、mysql和apache2 我将tomcat7配置为支持SSL: server.xmlApache2 如何在apache上使用http auth在tomcat7上设置gerrit,apache2,tomcat7,gerrit,http-authentication,Apache2,Tomcat7,Gerrit,Http Authentication,操作系统-Ubuntu 14.04.3 LTC 安装了git、Tomcat7、mysql和apache2 我将tomcat7配置为支持SSL: server.xml <Connector port="4432" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProto
<Connector port="4432" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="some_path"
keystorePass="some_pass" />
并重新启动了apache2和tomcat7服务。
现在,当我转到https://my\u gerrit\u站点:4432/时,我看到了tomcat7
它起作用了
当我转到https://my\u gerrit\u站点:4432/gerrit时,我看到了
配置错误
检查HTTP服务器的身份验证设置
HTTP服务器未在授权中提供用户名
将请求转发给Gerrit Code Review时的标头
如果HTTP服务器是ApacheHTTPD,请检查代理配置
包括具有正确位置的授权指令,确保
它以“/”结尾:
ServerName我的\u gerrit\u站点
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /gerrit/login/>
AuthType Basic
AuthName "Gerrit Code Review"
Require valid-user
...
</Location>
AllowEncodedSlashes On
ProxyPass /gerrit/ http://.../gerrit/ nodecode </VirtualHost>
apache_errorlog.log
[Tue Jul 19 20:18:39.067497 2016] [proxy:warn] [pid 6382:tid 140713740175104] [client x.x.x.x:27949] AH01144: No protocol handler was valid for the URL /gerrit/login/. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
卡塔琳娜,出去
[2016-07-19 20:18:18,855] [http-bio-4432-exec-6] ERROR com.google.gerrit.httpd.auth.container.HttpLoginServlet : Unable to authenticate user by Authorization request header. Check container or server configuration.
我做错了什么?我需要更改哪些设置
谢谢您需要将canonocalWebUrl更改为外部url
canonicalWebUrl = https://my_gerrit_site:82/gerrit
您需要将canonocalWebUrl更改为外部url
canonicalWebUrl = https://my_gerrit_site:82/gerrit
您不需要将Tomcat与Gerrit一起使用,请参见此处的更多信息:
如果您的目标是配置反向代理,请查看此处:您不需要将Tomcat与Gerrit一起使用,请参阅此处的更多信息: 如果您的目标是配置反向代理,请查看以下内容: 当我尝试启用代理、代理http、代理ajp、ssl(a2enmod)时,我遇到了一些与两个虚拟主机之一相关的错误(当我尝试为gerrit创建http身份验证时,创建并启用了它们的配置文件)。 所以,当我禁用了配置错误的虚拟主机时,我没有出现错误 使用apache2配置进行http验证:
LoadModule ssl_module modules/mod_ssl.so
Listen 4433
<VirtualHost *:4433>
ServerName localhost
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
#AllowEncodedSlashes On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /gerrit/login/>
AuthType Basic
AuthName "Gerrit Code Review"
AuthBasicProvider file
AuthUserFile /var/opt/gerrit/users/passwords
Require valid-user
</Location>
ProxyPass /gerrit/ https://localhost:4432/gerrit/
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog /var/opt/gerrit/apache_errorlog.log
CustomLog /var/opt/gerrit/apache_customlog.log combined
</VirtualHost>
LoadModule ssl\u module modules/mod\u ssl.so
听着,4433
服务器名本地主机
代理请求关闭
ProxyVia关闭
代理主机
SSLProxyEngine打开
SSLProxyVerify无
SSLProxyCheckPeerCN关闭
SSLProxyCheckPeerName关闭
SSLProxycheckpeer关闭
#SSL引擎交换机:
#为此虚拟主机启用/禁用SSL。
斯伦金安
#通过安装,可以创建自签名(snakeoil)证书
#ssl证书包。看见
#/usr/share/doc/apache2/README.Debian.gz了解更多信息。
#如果密钥和证书都存储在同一个文件中,则只有
#需要SSLCertificateFile指令。
SSLCertificateFile/etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile/etc/ssl/private/ssl-cert-snakeoil.key
#AllowEncodesOn
命令拒绝,允许
通融
AuthType Basic
AuthName“Gerrit代码审查”
AuthBasicProvider文件
AuthUserFile/var/opt/gerrit/users/passwords
需要有效用户
ProxyPass/gerrit/https://localhost:4432/gerrit/
#可用日志级别:trace8、…、trace1、调试、信息、通知、警告、,
#错误、暴击、警报、紧急情况。
#还可以为特定应用程序配置日志级别
#模块,例如。
#日志级别信息ssl:警告
ErrorLog/var/opt/gerrit/apache_ErrorLog.log
CustomLog/var/opt/gerrit/apache_CustomLog.log组合
当我尝试启用代理、代理http、代理ajp、ssl(a2enmod)时,我遇到了一些与两个虚拟主机之一相关的错误(当我尝试为gerrit创建http身份验证时,创建并启用了它们的配置文件)。
所以,当我禁用了配置错误的虚拟主机时,我没有出现错误
使用apache2配置进行http验证:
LoadModule ssl_module modules/mod_ssl.so
Listen 4433
<VirtualHost *:4433>
ServerName localhost
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
#AllowEncodedSlashes On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /gerrit/login/>
AuthType Basic
AuthName "Gerrit Code Review"
AuthBasicProvider file
AuthUserFile /var/opt/gerrit/users/passwords
Require valid-user
</Location>
ProxyPass /gerrit/ https://localhost:4432/gerrit/
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog /var/opt/gerrit/apache_errorlog.log
CustomLog /var/opt/gerrit/apache_customlog.log combined
</VirtualHost>
LoadModule ssl\u module modules/mod\u ssl.so
听着,4433
服务器名本地主机
代理请求关闭
ProxyVia关闭
代理主机
SSLProxyEngine打开
SSLProxyVerify无
SSLProxyCheckPeerCN关闭
SSLProxyCheckPeerName关闭
SSLProxycheckpeer关闭
#SSL引擎交换机:
#为此虚拟主机启用/禁用SSL。
斯伦金安
#通过安装,可以创建自签名(snakeoil)证书
#ssl证书包。看见
#/usr/share/doc/apache2/README.Debian.gz了解更多信息。
#如果密钥和证书都存储在同一个文件中,则只有
#需要SSLCertificateFile指令。
SSLCertificateFile/etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile/etc/ssl/private/ssl-cert-snakeoil.key
#AllowEncodesOn
命令拒绝,允许
通融
AuthType Basic
AuthName“Gerrit代码审查”
AuthBasicProvider文件
AuthUserFile/var/opt/gerrit/users/passwords
需要有效用户
ProxyPass/gerrit/https://localhost:4432/gerrit/
#可用日志级别:trace8、…、trace1、调试、信息、通知、警告、,
#错误、暴击、警报、紧急情况。
#还可以为特定应用程序配置日志级别
#模块,例如。
#日志级别信息ssl:警告
ErrorLog/var/opt/gerrit/apache_ErrorLog.log
CustomLog/var/opt/gerrit/apache_CustomLog.log组合
为什么要使用Tomcat?需要吗?最好让gerrit自己工作。是的,我使用tomcat是因为它是必需的。你为什么要使用tomcat?需要吗?最好让gerrit自己工作。是的,我使用tomcat是因为它是必需的。不幸的是,它不工作。所有错误都相同,Internet Explorer无法显示网页(和/gerrit)。据我所知,apache使用http(而不是https)很不幸,它不起作用。所有错误都相同,Internet Explorer无法显示网页(和/gerrit)。据我所知,apache使用
canonicalWebUrl = https://my_gerrit_site:82/gerrit
Problem was with apache2 and virtual host configuration.
LoadModule ssl_module modules/mod_ssl.so
Listen 4433
<VirtualHost *:4433>
ServerName localhost
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
#AllowEncodedSlashes On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /gerrit/login/>
AuthType Basic
AuthName "Gerrit Code Review"
AuthBasicProvider file
AuthUserFile /var/opt/gerrit/users/passwords
Require valid-user
</Location>
ProxyPass /gerrit/ https://localhost:4432/gerrit/
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog /var/opt/gerrit/apache_errorlog.log
CustomLog /var/opt/gerrit/apache_customlog.log combined
</VirtualHost>