openSuSE 10.1 and Scalix 11 Error 403

SirAdam · Postby **SirAdam** » Sun Feb 18, 2007 5:50 am

Hello,

I get a 403 error when I try to connect to www.my-domain.info/sac.
Installation worked fine for me, but I can't access anything.

error_log from apache2 [client 81.132.***.***] client denied by server configuration: proxy:ajp://suse10164lamp.site:8009/

Apache is set to Listen on port 8009 on all ips.

Hope there is a solution or a hint.

Regards

florian · Postby **florian** » Sun Feb 18, 2007 1:06 pm

I'd reckon that you're using different hostnames internally and externally - maybe even multiple IP addresses for the box? Please note that Scalix 11 supports virtual hosts and multiple instances (in Enterprise Edition), so we bind to a specific virtual host by default now.

Florian.

SirAdam · Postby **SirAdam** » Sun Feb 18, 2007 1:24 pm

When I understand you right I should create a virtualhost for my domain to run scalix properly?

And yes I have multiple IPs and different hostname internally and externally.

florian · Postby **florian** » Sun Feb 18, 2007 1:37 pm

Well, no, the virtual host is created automatically during your Scalix installation, based on your hosts main hostname. I assume you're trying to access the Scalix web applications using a different of your hostnames. So I believe your virtual host configuration needs to be adjusted to reflect this.....

Florian.

SirAdam · Postby **SirAdam** » Sun Feb 18, 2007 1:54 pm

Where do I find the configuration file.

Is it in the virtuals hosts directory under apache2?

florian · Postby **florian** » Sun Feb 18, 2007 3:14 pm

On SLES9, is is a combination of scalix-tomcat-connector.conf in /etc/apache2/conf.d and the file(s) that are included from this config file. This might vary with the OS platform in use.

Florian.

SirAdam · Postby **SirAdam** » Sun Feb 18, 2007 4:15 pm

I have changed all files to the right dns.

my-domain.info

instance-***.conf.
I have changed it to my-domain.info:80 and the the following error:
www.my-domain.info needs to long to send an answer.

Still get the same error [error] [client 81.132.176.175] client denied by server configuration: proxy:ajp://my-domain.info:8009/sac

florian · Postby **florian** » Sun Feb 18, 2007 4:24 pm

well, this is clearly an Apache configuration problem, not sure what you want me to do...

maybe you can post your /etc/opt/scalix-tomcat/connector/*/*.conf

and also the output of hostname --fqdn, hostname, hostname -s and also ifconfig -a

cheers,
Florian.

SirAdam · Postby **SirAdam** » Sun Feb 18, 2007 5:16 pm

Hostname --fqdn = suse10164lamp.site
hostname, hostname -s = suse10164lamp

Code: Select all

eth1      Protokoll:Ethernet  Hardware Adresse 00:16:17:EA:FD:10
          inet Adresse:88.198.**.***  Bcast:88.198.**.***  Maske:255.255.255.224
          inet6 Adresse: fe80::216:17ff:feea:fd10/64 GÃ¼ltigkeitsbereich:Verbindung
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1186 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1000 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 SendewarteschlangenlÃ¤nge:1000
          RX bytes:240121 (234.4 Kb)  TX bytes:233179 (227.7 Kb)
          Interrupt:177 Basisadresse:0xc000
eth1:zusa Protokoll:Ethernet  Hardware Adresse 00:16:17:EA:FD:10
          inet Adresse:88.198.*****  Bcast:88.198.**.***  Maske:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:177 Basisadresse:0xc000

eth1:zusa Protokoll:Ethernet  Hardware Adresse 00:16:17:EA:FD:10
          inet Adresse:88.198.**.***  Bcast:88.198.**.***  Maske:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:177 Basisadresse:0xc000

eth1:zusa Protokoll:Ethernet  Hardware Adresse 00:16:17:EA:FD:10
          inet Adresse:88.198.**.***  Bcast:88.198.**.***  Maske:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:177 Basisadresse:0xc000

eth1:zusa Protokoll:Ethernet  Hardware Adresse 00:16:17:EA:FD:10
          inet Adresse:88.198.**.***  Bcast:88.198.**.***  Maske:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:177 Basisadresse:0xc000

eth1:zusa Protokoll:Ethernet  Hardware Adresse 00:16:17:EA:FD:10
          inet Adresse:88.198.**.***  Bcast:88.198.**.***  Maske:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:177 Basisadresse:0xc000

lo        Protokoll:Lokale Schleife
          inet Adresse:127.0.0.1  Maske:255.0.0.0
          inet6 Adresse: ::1/128 GÃ¼ltigkeitsbereich:Maschine
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:195 errors:0 dropped:0 overruns:0 frame:0
          TX packets:195 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 SendewarteschlangenlÃ¤nge:0
          RX bytes:18657 (18.2 Kb)  TX bytes:18657 (18.2 Kb)

sit0      Protokoll:IPv6-nach-IPv4
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 SendewarteschlangenlÃ¤nge:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

ajp-folder
app-suse10164lamp.*.conf

Code: Select all

ProxyPass /m ajp://my-domain:8009/*

instance-suse10164lamp.conf

Code: Select all

<VirtualHost my-domain.info:80>
    Include /etc/opt/scalix-tomcat/connector/ajp/app-suse10164lamp.*.conf
</VirtualHost>

jk-folder
workers.conf

Code: Select all

JkWorkerProperty worker.list=server

instance-suse10164lamp.conf

Code: Select all

<VirtualHost my-domain.info:80>
    Include /etc/opt/scalix-tomcat/connector/jk/app-suse10164lamp.*.conf
</VirtualHost>
JkWorkerProperty worker.server.type=ajp13
JkWorkerProperty worker.server.host=my-domain.info
JkWorkerProperty worker.server.port=8009
JkWorkerProperty worker.server.lbfactor=50
JkWorkerProperty worker.server.cachesize=10
JkWorkerProperty worker.server.cache_timeout=600
JkWorkerProperty worker.server.socket_keepalive=1
JkWorkerProperty worker.server.recycle_timeout=300

app-suse10164lamp.api.conf

Code: Select all

JkMount /api* server

I see, that the hostname an my-domain.info are not matching.
But I am not sure if I can just change my hostname (I think not).

I have had changed everything to my entry in the /etc/hosts but it seems like that was a wrong thing to do.

Cheers

Michael[/quote]

florian · Postby **florian** » Sun Feb 18, 2007 5:20 pm

You will need to change lines reading

Code: Select all

<VirtualHost my-domain.info:80>

to match the hostname/ip address that you try to access apache through. This does not necessarily have to be the actual hostname or anything. If you need this to be accessible through multiple IP addresses/hostnames, you will need to duplicate the whole Virtual Host block accordingly.

Hope this helps,
Florian.

SirAdam · Postby **SirAdam** » Sun Feb 18, 2007 5:46 pm

What with the lines in the app-suse10164lamp.*.conf

ProxyPass /api ajp://my-domain:8009/*

Do they have to be changed to the DNS/IP I am trying to access through or to the hostname which is set as hostname --fqdn?

Just want to get it right this time

Cheers

Michael

florian · Postby **florian** » Sun Feb 18, 2007 5:55 pm

I don't think so - please check on which IP address your tomcat is listening using

Code: Select all

lsof -i :8009

- this should match whatever you see there, however I believe the installershould have made sure that that is the case.

F.

SirAdam · Postby **SirAdam** » Sun Feb 18, 2007 6:19 pm

lsof -i :8009

Code: Select all

COMMAND     PID   USER   FD   TYPE DEVICE SIZE NODE NAME
httpd2-pr 10140   root    6u  IPv6  41248       TCP *:8009 (LISTEN)
httpd2-pr 10141 wwwrun    6u  IPv6  41248       TCP *:8009 (LISTEN)
httpd2-pr 10142 wwwrun    6u  IPv6  41248       TCP *:8009 (LISTEN)
httpd2-pr 10143 wwwrun    6u  IPv6  41248       TCP *:8009 (LISTEN)
httpd2-pr 10144 wwwrun    6u  IPv6  41248       TCP *:8009 (LISTEN)
httpd2-pr 10145 wwwrun    6u  IPv6  41248       TCP *:8009 (LISTEN)
httpd2-pr 10422 wwwrun    6u  IPv6  41248       TCP *:8009 (LISTEN)

Tomcat seems to be running

Code: Select all

 /usr/java/jre1.5.0_06/bin/java -server -Djava.net.preferIPv4Stack=true -Xms256m -Xmx256m -Dscalix.instance=/var/opt/scalix/sp -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=/var/opt/scalix/sp/tomcat/conf/logging.properties -Djava.endorsed.dirs=/opt/scalix-tomcat/common/endorsed -classpath /usr/java/jre1.5.0_06/lib/tools.jar:/opt/scal

That's not the whole line, but there was no more space to the right hand site on my putty agent.

After I have changed my listen.conf from the apache2 server.

I get nothing:

Code: Select all

suse10164lamp:/home/loginuser # lsof -i :8009
suse10164lamp:/home/loginuser #

Cheers

Michael

florian · Postby **florian** » Sun Feb 18, 2007 6:48 pm

This is very strange.

1. Normally, tomcat (i.e. the java proces) should be listening on 8009, not the httpd.

2. This is the first time you mention your listen.conf - what was in there before and after? Did you put anything in there to listen on 8009?

3. Can you, in the state where there is noone listening on 8009, restart your tomcat process (possibly will need to kill the java process) and check again?

Florian.

SirAdam · Postby **SirAdam** » Mon Feb 19, 2007 1:20 pm

I just reinstalled the whole scalix system and get the following scenario:

Code: Select all

Scalix Installer - cleaning up...
Scalix Installer - done.
suse10164lamp:~/dl/scalix-11.0.1-GA # ps -ef | grep tomcat
root     20729     1 57 18:18 pts/2    00:00:10 /usr/java/jre1.5.0_06/bin/java -server -Djava.net.preferIPv4Stack=true -Xms256m -Xmx256m -Dscalix.instance=/var/opt/scalix/sp -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=/var/opt/scalix/sp/tomcat/conf/logging.properties -Djava.endorsed.dirs=/opt/scalix-tomcat/common/endorsed -classpath /usr/java/jre1.5.0_06/lib/tools.jar:/opt/scalix-tomcat/bin/bootstrap.jar:/opt/scalix-tomcat/bin/commons-logging-api.jar -Dcatalina.base=/var/opt/scalix/sp/tomcat -Dcatalina.home=/opt/scalix-tomcat -Djava.io.tmpdir=/var/opt/scalix/sp/tomcat/temp org.apache.catalina.startup.Bootstrap start
root     20761 14581  0 18:18 pts/2    00:00:00 grep tomcat
suse10164lamp:~/dl/scalix-11.0.1-GA # lsof -i :8009
suse10164lamp:~/dl/scalix-11.0.1-GA #

catalina.out

Code: Select all

suse10164lamp:/var/opt/scalix/sp/tomcat/logs # vi catalina.out
19.02.2007 18:18:11 org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.
library.path: /usr/java/jre1.5.0_06/lib/amd64/server:/usr/java/jre1.5.0_06/lib/amd64:/usr/java/jre1.5.0_06/../lib/amd64
19.02.2007 18:18:11 org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 1330 ms
19.02.2007 18:18:11 org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
19.02.2007 18:18:11 org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.16
19.02.2007 18:18:12 org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
RES: Initializing log4j using file /var/opt/scalix/sp/res/config/log4j.properties
SIS received contextInitialized event
SIS initialized with config from /var/opt/scalix/sp/sis/sis.properties

Scalix Forums

openSuSE 10.1 and Scalix 11 Error 403

openSuSE 10.1 and Scalix 11 Error 403

Who is online