Can someone help how to configure marathon lb to enable session on my single packaged web application. I dont have any service. Its just an web application having session management.
I do not want to implement different caching layer to maintain session but want to enable session with some configuration change.
In the marathon-lb documentation, you can find additional information about how to enable sticky sessions within marathon-lb:
marathon_lb.py has a lot of additional functionality like sticky sessions, HTTP to HTTPS redirection, SSL offloading, virtual host support and templating capabilities.
To get the full documentation run:
$ ./marathon_lb.py --help
https://github.com/mesosphere/marathon-lb
Related
Google's CloudRun is capable of redirecting http to https without any configuration. I was not able to find any solution that would instruct CloudRun to respond 301 Permanent Redirect to all non-www requests.
I was able to instruct CloudRun to handle both www and non-www but without redirection.
I am familiar with how to set up the required logic with nginx and a traditional server. I could also do this in the application itself but since CloudRun is a serverless product, it would be better to handle this state before the app is even invoked.
Thank you.
When you reach Cloud Run, you first lands on GFE (Google Front End). This layer ensure the security (if you set your Cloud Run service in no-allow-authenticated mode, perform DDoS mitigation at Google grade, expose and manage the SSL certificates, route the request to the correct services,...). So, a lot of job for this layer but you can't customize it.
If you want to add customization, you have to add a new layer, a HTTPS Global Load Balancer. Now you can define serverless NEG backends to reach serverless product (Cloud Run, Cloud Functions, App Engine).
It doesn't offer as much as customization as a NGINX managed by yourselves, but you can perform more things.
We are developing a website using Apache Sling API. The site works good on localhost:8080. Can we change have our website served from directly from Sling instead of any middle web servers (like Apache)?
Can we change the host name in Apache Felix Http Based Http Service from 0.0.0.0 to www.domain.com ?
Is this possible?
www.domain.com --> Apache Sling --> Linux VM
Yes, of course you can. But as the commenters have pointed out, it's probably not a secure solution. We do not have our our production-readiness checklist, but you might want to study the AEM Security checklist, as many items apply to it.
Pay special attention to items such as:
Change Default Passwords For the AEM and OSGi Console Admin Accounts
Protect against Cross-Site Request Forgery
Unfortunately many of the items present under the dispatcher checklist are not applicable, since the dispatcher is only available to AEM customers. However, at a minimum I would suggest that you block access to
the web console
composum (if deployed)
the DavEx Servlet
I am working on an ASP.NET MVC 5 application (based on nopCommerce). I want to use MassTransit to communicate with another application that is used for inventory management, billing, etc. It would be easier if I could add receive endpoints directly into the web application and not have to create a Windows service for that. But the MassTransit documentation says it is not recommended and there is no explanation as to why that is.
MassTransit in a web application
Configuring a bus in a web site is typically done to publish events,
send commands, as well as engage in request/response conversations.
Hosting receive endpoints and persistent consumers is not recommended
(use a service as shown above).
Does anyone know the reasoning behind it? Is it not safe to add receive endpoints in a web application? Will they not work properly?
Hosting endpoints in a web application is not recommended because web applications often restart for various reasons. These reasons are typically outside the control of the application itself.
While using a standalone Windows service is highly recommended, as long as the bus is properly started and stopped using the Application_Start and Application_End methods, it can be okay if you have no other options available.
I understand that Spring Security's HttpSessionSecurityContextRepository makes use of HttpSession.
Furthermore, I have read that PaaS such as CloudFoundry try to avoid session replication for the purpose of scalability.
I intend to deploy an application to the CloudFoundry PaaS.
Are there issues with using HttpSessionSecurityContextRepository on CF?
CloudFoundry documentation simply says that HTTP Sessions are not replicated across instances by default. All this means is that applications deployed on multiple instances will be unable to use any sort of HTTP session clustering by default. HTTP sessions become sticky, that is, all HTTP requests in the same session will be routed to the instance on which the session for the request resides. In case an instance fails, users who had active session on that instance will be migrated to other instances but they will lose their session information, which will mean they will have to login again.
This does not mean it is unsafe to use Spring Security in such an environment. The semantics with Spring Security will be the same as those without it. Once a user has logged in, they will continue to access the CloudFoundry instance on which their session was created. If that instance crashed, they will be automatically ported to another instance but will have to login again.
If the default set up (without session replication) is a concern, it is certainly possible to share sessions across instances. CloudFoundry forums list two ways of achieving this - via Redis and using JDBC. It is also possible to implement your own solution using one of the CloudFoundry services.
can somebody list the uses of JMX in web application other than logging. I am new to JMX and logging seems to be the only good use of JMX.
Thanks in advance
You can you JMX to administer and manage components of a web application. For starters, most, if not all, Java EE web application servers register a lot of MBeans to provide monitoring and administration capabilities to several of their resources such as, connection pools, transaction managers, deployed applications, etc. You can then use a JMX client, like JConsole that comes with the JDK/JRE, to attach to a running application server and manage those components.
You can take it one step further, by creating and registering you own, custom MBeans to help manage and control portions of your applications. As an example, if your web app is using a cache of some kind to boost response times, you could create a control object that is capable of flushing the cache, change entry eviction times, disabling the cache, etc. Then you could register the control with the MBean server which in turn would make it accessible through the JMX client.
I have done this many times to provide an administration console into my web applications without the need to create any custom user interface.