In front of this stack, I have setup a haproxy which is listening on HTTPS and serve the certificate. If I try to log in using the public url, I am redirected to an error. In the logs of alfresco-share I can see a CSRF problem:
2020-04-01 22:50:38,427 ERROR [alfresco.web.site] [http-nio-8080-exec-4] javax.servlet.ServletException: Possible CSRF attack noted when asserting referer header 'https://xxxxx/share/page/'. Request: POST /share/page/dologin, FAILED TEST: Assert referer POST /share/page/dologin :: referer: 'https://xxxxxx/share/page/' vs server & context: http://xxxx/ (string) or (regexp)
If I try to log in directly on the tomcat, no problem.
How could I add a HTTPS connector to the share container ? The tomcat on share container is listening on HTTP/8080. I can't find any configuration for docker over the internet.
found tRe: Fresh install of alfresco: CSRF problem
@angelborroy , no need to generate a new web-proxy on the docker if I already have one with ssl terminaison in a DMZ network.
I'd like to secure all communications betweend networks with SSL, but I can't find anyting how to enable an HTTPS connector on the share module with docker. I have done this manually for my first install (generate a keystore and add a new connector to tomcat). But how should I do this with docker ??
Automatically there is a script in te share image that verify one of these two variables exists and do the replacement in the correctfile before starting the share module. I've put the two values car it is not working with juste one filled.