hliu_mfocus Absent Member.
Absent Member.
845 views

SSPR 4.0 enable http

Greetings,

Due to some requirements, we need to enable http for SSPR 4.0
The product came with https enabled by default, therefore we modified the following file

apache-tomcat-8\conf\server.xml

adding the http connector:

 <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />


It worked great, but once the tomcat restarted, server.xml recovers the previous state before the chages. So it won't enable http after next restart.

Is there any way to make it persistent?

thanks
0 Likes
5 Replies
AutomaticReply Absent Member.
Absent Member.

Re: SSPR 4.0 enable http

hliu,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

These forums are peer-to-peer, best effort, volunteer run and that if your issue
is urgent or not getting a response, you might try one of the following options:

- Visit https://www.microfocus.com/support-and-services and search the knowledgebase and/or check
all the other self support options and support programs available.
- Open a service request: https://www.microfocus.com/support
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.microfocus.com)
- You might consider hiring a local partner to assist you.
https://www.partnernetprogram.com/partnerfinder/find.html

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.microfocus.com/faq.php

Sometimes this automatic posting will alert someone that can respond.

If this is a reply to a duplicate posting or otherwise posted in error, please
ignore and accept our apologies and rest assured we will issue a stern reprimand
to our posting bot.

Good luck!

Your Micro Focus Forums Team
http://forums.microfocus.com



0 Likes
Micro Focus Contributor
Micro Focus Contributor

Re: SSPR 4.0 enable http

You didn't mention your platform, but I'm assuming this is for windows. For both windows and the appliance versions, SSPR will overwrite the tomcat server xml on startup, and so modifications are not supported, and neither is HTTP. Your best option is to use an upstream webserver or proxy to downgrade the connection to HTTP.

I can't help but mention that allowing password changes over HTTP is a terrible idea and essentially eliminates any notion of security for the passwords of your system.
0 Likes
Knowledge Partner
Knowledge Partner

Re: SSPR 4.0 enable http

jrivard wrote:

> I can't help but mention that allowing password changes over HTTP is a
> terrible idea and essentially eliminates any notion of security for the
> passwords of your system.


Absolutely agree with your here.

But then I've been using SSPR (or PWM) myself exclusively for it's non-password
functionality myself. It's great as a simple people search tool for example or
to allow users to maintain their own contact data.
In such use cases, HTTP might not only be considered safe enough but even be
required if the portal you want to embed it into is not yet HTTPS enabled.
Certificates do cost money in the end (except LetsEncrypt.org maybe) and need
to be covered by a renewal process even big vendors (liek MF, IIRC) do not get
right often enough. I'd use HTTP in such a case myself simply to save time,
risk and money in a place HTTPS is simply not required.

--
http://www.is4it.de/en/solution/identity-access-management/

(If you find this post helpful, please click on the star below.)
______________________________________________
https://www.is4it.de/identity-access-management
0 Likes
Knowledge Partner
Knowledge Partner

Re: SSPR 4.0 enable http

jrivard wrote:

> Your best option is to use an upstream webserver
> or proxy to downgrade the connection to HTTP.


How about making the server xml file read only for the server process? Would
that prevent SSPR from loading or only add line to the error log?

--
http://www.is4it.de/en/solution/identity-access-management/

(If you find this post helpful, please click on the star below.)
______________________________________________
https://www.is4it.de/identity-access-management
0 Likes
hliu_mfocus Absent Member.
Absent Member.

Re: SSPR 4.0 enable http

Already tried the read only option with no luck. Thank you for the ideas!
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.