You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@ofbiz.apache.org by Jo...@finalbeta.net, Jo...@finalbeta.net on 2018/03/29 07:39:27 UTC

Basic Q: Can ofbiz run in subdir and use HTTP auth?

Hello, We are exploring functionality of several sollutions. Ofbiz seems to qualify for most tasks. 

I have two questions I would like to make sure before we begin testing: 

For integration into our systems we require the the solution to run under a subdirectory of the root of the webserver. (http://server/ofbiz/). 
( The reason for this is that ofbiz will be reverse proxied and that http://reverseproxy/ is used for something else. A differend domain is not a option because of question two).

For integration into our systems we prefer that the application can use authentication data in the http header (Basic Authorization/Http authorization). Our reverse proxy sends the users (LDAP) credentials in the header allowing applications to automatically log the user in. 

Can these things be done with Ofbiz? 

Thanks for your responses.

[MODERATED] Basic Q: Can ofbiz run in subdir and use HTTP auth?

Posted by Michael Brohl <mi...@ecomify.de>.

Hi Jochen,

your message was moderated.

Please subscribe to the user mailing list, this would allow that your 
message directly go through: http://ofbiz.apache.org/mailing-lists.html

Thanks,

Michael


Am 29.03.18 um 10:39 schrieb Jochen.Boutens@finalbeta.net:
> Hi Taher,
>
> The reason we require a subdir is because we already have a system in place that works like this.
>
> The user goes to https://reverseproxy and is presented with a login form where he enters his LDAP credentials. These are validated and the user is presented with a menu.
> The user clicks the links in the menu which takes him for example to https://reverseproxy/helpdesk or https://reverseproxy/monitoring or https://reverseproxy/files or https://reverseproxy/ofbiz (You get the idea)
>
> As the reverse proxy sends the users credentials, the user only enters them once for all applications and he is logged in automatically. The single point of login only works when we utilise subdirectories.

Re: Basic Q: Can ofbiz run in subdir and use HTTP auth?

Posted by Jo...@finalbeta.net, Jo...@finalbeta.net.

Hi Taher, 

The reason we require a subdir is because we already have a system in place that works like this. 

The user goes to https://reverseproxy and is presented with a login form where he enters his LDAP credentials. These are validated and the user is presented with a menu. 
The user clicks the links in the menu which takes him for example to https://reverseproxy/helpdesk or https://reverseproxy/monitoring or https://reverseproxy/files or https://reverseproxy/ofbiz (You get the idea)

As the reverse proxy sends the users credentials, the user only enters them once for all applications and he is logged in automatically. The single point of login only works when we utilise subdirectories.

Re: Basic Q: Can ofbiz run in subdir and use HTTP auth?

Posted by Taher Alkhateeb <sl...@gmail.com>.

Hello Jochen, welcome to the community.

I'm sure you'll get better responses from the rest of the community,
but naturally there are many ways to go about this. For one thing,
read the section on configuring OFBiz with LDAP in [1].

Now with respect to doing something like http://yourserver/ofbiz, I
think this might be difficult to achieve because OFBiz ships with its
own Servlet Container (Tomcat). So maybe a simpler option which we
used before is to simply seek a sub-domain to map into OFBiz. So it
would be something like http://ofbiz.yourserver which is mapped from
your reverse proxy (nginx I assume?)

Would that not still work given that the sub-domain is withing your control?

[1] https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Production+Setup+Guide

On Thu, Mar 29, 2018 at 10:39 AM, Jochen.Boutens@finalbeta.net
<Jo...@finalbeta.net> wrote:
> Hello, We are exploring functionality of several sollutions. Ofbiz seems to qualify for most tasks.
>
> I have two questions I would like to make sure before we begin testing:
>
> For integration into our systems we require the the solution to run under a subdirectory of the root of the webserver. (http://server/ofbiz/).
> ( The reason for this is that ofbiz will be reverse proxied and that http://reverseproxy/ is used for something else. A differend domain is not a option because of question two).
>
> For integration into our systems we prefer that the application can use authentication data in the http header (Basic Authorization/Http authorization). Our reverse proxy sends the users (LDAP) credentials in the header allowing applications to automatically log the user in.
>
> Can these things be done with Ofbiz?
>
> Thanks for your responses.
>
>