Home > Software design >  How can I access to payara 5 administration on port 4848 on a fresh installation where the FQDN is u
How can I access to payara 5 administration on port 4848 on a fresh installation where the FQDN is u

Time:08-16

How can I access to payara administration on port 4848 on a fresh installation where the FQDN is used by Payara and a mail server?

I am trying to set a full new platform with Payara, I can't manage to access to the administration console on port 4848.

Environment: • OS: Debian GNU/Linux 11 (bullseye) • Java: openjdk version "11.0.16" 2022-07-19 • Payara: Payara Server 5.2022.2 #badassfish (build 306) • Ngnix: nginx/1.18.0

On a fresh Debian installation I first set ufw to be able to open necessary port. Then I started to install IredMail (1.6.0 MARIADB edition.). Once mail serveur was working I installed openjdk 11, then Payara. In Payara I created a domain with adminport set to 4848 and instance port set to 8888. change-admin-password and enable-secure-admin has been run for this domain. Taking in count that my FQDN is my.domain.com, I managed to have the Payara welcome page on https: // my.domain.com, IredMail administration on https: // my.domain.com/ireadmin and IredWebMail on https: // my.domain.com/mail. While trying to access the administation console https: // my.domain.com:4848 goes on error: This site can’t be reached - ERR_CONNECTION_TIMED_OUT After long search for a solution on the net, I created a dedicated url /gfadmin, see configuration below, where the page seems to be reached but I got a white page displayed. The console log shows:

gfadmin:18          GET .... /theme/com/sun/webui/jsf/suntheme/css/safari.css net::ERR_ABORTED 404
gfadmin:28          GET .... /theme/META-INF/prototype/prototype.js net::ERR_ABORTED 404
gfadmin:27          GET .... /theme/META-INF/json/json.js net::ERR_ABORTED 404
gfadmin:29          GET .... /theme/META-INF/com_sun_faces_ajax.js net::ERR_ABORTED 404
gfadmin:26          GET .... /theme/META-INF/dojo/dojo.js net::ERR_ABORTED 404
gfadmin:17          GET .... /theme/com/sun/webui/jsf/suntheme/css/css_master.css net::ERR_ABORTED 404
gfadmin:31 Uncaught ReferenceError: dojo is not defined
    at gfadmin:31:1
(anonymous) @ gfadmin:31
gfadmin:34          GET .... /resource/css/css_ns6up.css net::ERR_ABORTED 404
gfadmin:46          GET .... /resource/community-theme/images/login-product_name_open.png 404
gfadmin:89          GET .... /resource/js/cj.js net::ERR_ABORTED 404

as well as the nginx log shows:

0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:05:26  0000] "GET / HTTP/2.0" 304 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:05:29  0000] "GET /gfadmin HTTP/2.0" 200 1705 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:05:59  0000] "GET /theme/com/sun/webui/jsf/suntheme/css/safari.css HTTP/2.0" 404 548 ".... my.server.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:05:59  0000] "GET /theme/META-INF/prototype/prototype.js HTTP/2.0" 404 548 ".... my.server.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:05:59  0000] "GET /theme/META-INF/json/json.js HTTP/2.0" 404 548 ".... my.server.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:05:59  0000] "GET /theme/META-INF/com_sun_faces_ajax.js HTTP/2.0" 404 548 "... my.server.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:05:59  0000] "GET /theme/META-INF/dojo/dojo.js HTTP/2.0" 404 548 ".... my.server.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:05:59  0000] "GET /theme/com/sun/webui/jsf/suntheme/css/css_master.css HTTP/2.0" 404 548 ".... my.server.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:05:59  0000] "GET /resource/css/css_ns6up.css HTTP/2.0" 404 548 "... my.server.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:06:30  0000] "GET /resource/community-theme/images/login-product_name_open.png HTTP/2.0" 404 548 "... my.server.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
94.43.88.148 - - [12/Aug/2022:10:06:30  0000] "GET /resource/js/cj.js HTTP/2.0" 404 548 "... my.server.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"

Thinking that the issue could come from the added url /gfadmin, I set, in location {...} root to /opt/payara5/ with not result.

From /etc/ngnix/sites-vailable I remove 00-default-ssl.conf and created a new file my.server.com.conf with he following content:

upstream glassfish {
    server 127.0.0.1:8888;
}
upstream gfadmin {
    server 127.0.0.1:4848;
}
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name my.server.com;
    gzip on;
    gzip_types      text/css text/javascript text/plain application/xml;
    gzip_min_length 1000;
    location ^~ /.well-known/acme-challenge/ {
        allow all;
        root /var/www/my.server.com/;
        default_type "text/plain";
        try_files $uri =404;
    }
    location / {
        proxy_pass             http: // localhost:8888;
        proxy_connect_timeout       300;
        proxy_send_timeout          300;
        proxy_read_timeout          300;
        send_timeout                300;
    }
    location ~* .(png|ico|gif|jpg|jpeg|css|js)$ {
        #proxy_pass https: // localhost:8888/$request_uri;
        proxy_pass https: // localhost:8888;
    }
    location /gfadmin {
    root /opt/payara5/;
    charset utf-8;
    proxy_set_header               Host $host;
    proxy_set_header               X-Real-IP $remote_addr;
    proxy_set_header               X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header               X-Forwarded-Proto $scheme;
    proxy_max_temp_file_size      0;
    client_max_body_size           10m;
    client_body_buffer_size        128k;
    proxy_send_timeout             90;
    proxy_read_timeout             90;
    proxy_buffering                off;
    proxy_buffer_size              4k;
    proxy_buffers                  4 32k;
    proxy_busy_buffers_size        64k;
    proxy_temp_file_write_size     64k;
        proxy_pass             https://127.0.0.1:4848;
        proxy_connect_timeout       300;
        send_timeout                300;
    }
    location /mail {
    root /var/www/html;
    index index.php index.html;
    }
    location /iredadmin {
    root /var/www/html;
    index index.php index.html;
    }
    error_page  500 502 503 504  /50x.html;
    location = /50x.html {
        #root  /usr/share/nginx/html;
        root  /usr/share/nginx/base;
    }
    #listen 80;
    #listen 4848;
    ssl_certificate /etc/letsencrypt/live/my.server.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/my.server.com/privkey.pem; # managed by Certbot
    include /etc/nginx/templates/misc.tmpl;
    include /etc/nginx/templates/ssl.tmpl;
    include /etc/nginx/templates/iredadmin.tmpl;
    include /etc/nginx/templates/roundcube.tmpl;
    include /etc/nginx/templates/sogo.tmpl;
    include /etc/nginx/templates/netdata.tmpl;
    include /etc/nginx/templates/php-catchall.tmpl;
    include /etc/nginx/templates/stub_status.tmpl;
}

I would appreciate any help that will allow me to fix this issue. Thank you

CodePudding user response:

Unfortunately the Payara web administration console uses absolute paths which leads to the problem that after loading the HTML file the browser tries to load the CSS and JS files from root directory (instead of from "/gfadmin").

There is no direct workaround for that as stated out in this answer.

However there is the possibility to use a subdomain especially for the Payara web administration console which redirects any request to the root directory to the Payara server at port 4848. Just add the following lines before your other server configuration:

# subdomain redirecting to Payara admin console
server {
    listen 443 ssl;
    listen [::]:443 ssl;

    ssl_certificate _path_to_certificate_;
    ssl_certificate_key _path_to_certificate_key_;

    ssl_protocols TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers "EECDH AESGCM:EDH AESGCM:AES256 EECDH:AES256 EDH";

    server_name _subdomain_;

    # Redirect Payara admin console
    location / {
            proxy_pass https://127.0.0.1:4848/;
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Server $host;
            proxy_http_version 1.1;
            proxy_request_buffering off;
            proxy_set_header Connection "";
            include /etc/nginx/proxy_params;
    }
}

# main server configuraion
server {
    ...
  • Related