Hi Rob,
We have almost the same configuration (not 443 though), and IIS7 URL
Rewrite works very well, much simpler than the Tomcat redirector. However,
it wasn't clear in the IIS documentation that you need to install more than
just URL Rewrite, particularly you need the ARR:
http://www.iis.net/download/ApplicationRequestRouting
Once I installed that, (and enabled the ARR Proxy) I used the following
rule:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="GeoServer" patternSyntax="Wildcard">
<match url="geoserver*" />
<action type="Rewrite" url="
http://204.62.18.181:8080/{R:0}"; />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
So far, so good.
Roger
On Fri, Jul 13, 2012 at 4:59 AM, uk52rob <[email protected]> wrote:
> Hi All,
>
> I know this is not the first time this has been mentioned. I have searched
> for days for a solution without success, so I am hoping someone else has
> solved this in a similar environment.
>
> System:
> Windows 2008 Web Server
> IIS 7
> Geoserver 2.1.4
>
> The main website runs via IIS on ssl port 443 (
> https://geoserver.testdomain.com:443), whereas Geoserver's Jetty
> webserver runs on port 8080, non-ssl (http://geoserver.testdomain.com:8080
> ).
>
> The issue arises when the openlayers javascript runs on the main website.
> All WMS layers are fine, but javascript will not allow the WFS (XML) layers
> from the other port. This returns Origin
> https://geoserver.testdomain.com:443 is not allowed by
> Access-Control-Allow-Origin.
>
> I have tried a number of work-arounds, including:
>
> Using IIS URL Rewrite
>
> http://cartoninjas.pl/post/2010/10/12/Installing-GeoServer-on-Windows-7-(x32-or-x64)-and-IIS-75.aspx
> (returns
> "forbidden" or "site not found" errors)
>
> Modify Jetty access control
>
> http://jetty.4.n6.nabble.com/Jetty-Access-Control-Allow-Origin-td4634198.html
> (causes
> the jetty server to fail in starting up)
>
> Using an IIS proxy
> http://code.google.com/p/iisproxy/issues/detail?id=8 (returns a 500 -
> Internal server error)
>
> General Info
>
> http://stackoverflow.com/questions/9327218/access-control-allow-origin-not-allowed-by
>
>
> This is not the entire list, as some methods have been removed from my
> browser history, but it will give you an idea of the steps taken.
>
> I have not run the HTML / javascript directly from the WWW directory in
> Geoserver, as the WFS / WMS connection strings include a username and
> password, which would then be freely available to look at in the HTML
> document. Instead, they are encapsulated within the current PHP scripts
> running on the main IIS domain, which offers them some protection.
>
> If anyone has any experience with this issue, I would be grateful to hear
> from you.
>
> Many thanks,
>
> Rob
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Geoserver-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
