AnsweredAssumed Answered

How do you configure SparkWeb to run over port 80?

Question asked by on2fl on Sep 20, 2011
Latest reply on Oct 13, 2011 by Daryl Herzmann

Right off the bat, if this is already addressed somewhere, please accept my apologies.  I've spent a LOT of time looking for it and I can't find anything that works.  http://community.igniterealtime.org/docs/DOC-1525 looked promising but I couldn't make the instructions work for me.  If I have "port:7070" in my SparkWeb index.html file, everything works fine.  If I change that to "port:80", nothing happens when I click the Login button.  I have both configurations posted right now.  Unfortunately, the network on which I want to use SparkWeb blocks access to port 7070.

 

http://openfire.srmserver.com/ is configured on with "port:80"

http://openfire.srmserver.com/7070.html is an identical file with "port:7070".

 

I'm new to xmpp in general and SparkWeb in particular but I'm not completely new to networking.  http://openfire.srmserver.com/http-bind/ brings me to the jetty "400 Bad Request" page, which I expect since it's not expecting a GET request.  I can't just forward port 80 on the gateway to port 7070 on the Openfire box because the gateway proxies for other servers on the network.  I figure it has to be something to do with my apache proxying setup but I can't seem to figure out how to fix it.  HELP!!!

 

General configuration

 

I have a gateway server (known internally as gw.entlab.local, externally as *.srmserver.com) which runs apache as a reverse proxy to internal systems.  It also uses iptables to directly forward ports to internal servers for things like email, ssh, etc.  It has three interfaces.  One goes to the internet, one to our lab network and one to our "production" network.  Our Openfire server (openfire.entlab.local) is on our production network at 192.168.0.15.

 

Configuration of gw.entlab.local

 

There are two key configuration files, the apache virtual host that points to openfire.entlab.local and the iptables entries.

 

/etc/apache2/sites-enabled/openfire

 

<VirtualHost *:80>
        ServerName openfire.srmserver.com
        ServerAdmin webmaster@localhost

        ProxyRequests off
        ProxyPreserveHost On
        ProxyPass /http-bind/ http://openfire.entlab.local:7070/http-bind/
        ProxyPassReverse /http-bind/ http://openfire.entlab.local:7070/http-bind/
        ProxyPass / http://openfire.entlab.local/
        ProxyPassReverse / http://openfire.entlab.local/

        ErrorLog ${APACHE_LOG_DIR}/openfire-error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog ${APACHE_LOG_DIR}/openfire-access.log combined

</VirtualHost>

 

/etc/firewall.d/rc.firewall (relevant portion only)

 

IPTABLES="/sbin/iptables"

[snip]

$IPTABLES -A PREROUTING -t nat -i $EXTIF -s 0/0 -p tcp --dport 5222 -j DNAT --to 192.168.0.15:5222
$IPTABLES -A FORWARD -p tcp -s 0/0 -o $PROIF -d 192.168.0.15 --destination-port 5222 -j ACCEPT
$IPTABLES -A PREROUTING -t nat -i $EXTIF -s 0/0 -p tcp --dport 7070 -j DNAT --to 192.168.0.15:7070
$IPTABLES -A FORWARD -p tcp -s 0/0 -o $PROIF -d 192.168.0.15 --destination-port 7070 -j ACCEPT
$IPTABLES -A PREROUTING -t nat -i $EXTIF -s 0/0 -p tcp --dport 7777 -j DNAT --to 192.168.0.15:7777
$IPTABLES -A FORWARD -p tcp -s 0/0 -o $PROIF -d 192.168.0.15 --destination-port 7777 -j ACCEPT

 

Configuration of openfire.entlab.local

 

I have apache installed on this server as well.  SparkWeb has been extracted to /var/www.

 

Relevant system properties

 

xmpp.httpbind.client.requests.polling   0
xmpp.httpbind.client.requests.wait      10
xmpp.httpbind.scriptSyntax.enabled      true
httpbind.enabled                        true

 

/var/www/crossdomain.xml (just copied from the admin console with port 80 added)

 

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
     <site-control permitted-cross-domain-policies="all"/>
     <allow-access-from domain="*" to-ports="80,5222,5223,7070,7443" secure="true"/>
</cross-domain-policy>

 

getConfig from /var/www/index.html

 

function jive_sparkweb_getConfig()
{
        return {
                server: "openfire.srmserver.com",
                location: window.location.href,
                port: 80,
                connectionType: "http",
                bindPath: "/http-bind/",
                autoLogin: "false",
                policyFileURL: "http://openfire.srmserver.com/crossdomain.xml"
        };
}
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
    <site-control permitted-cross-domain-policies="all"/>
    <allow-access-from domain="*" to-ports="5222,5223,7070,7443" secure="true"/>
</cross-domain-policy>

Outcomes