I added a CORS filter to my /sgs/WEB-INF/web.xml. [1]
In hopes of getting some logs out of tomcat I have added a Valve to
/sgs/META-INF/context.xml [2]
Neither of these has had in affect. I see no logs and I still hit the
maybe-cors problem.
I have two tomcat connectivity checks: one is a anonymous servlet at
"/monitor" and the other is a servlet in my webapp doing helloWorld duty
on "/sgs/webmonitor". Both localhost and k1 still happy on http, not
https for both endpoints, with and without the lastest xml additions.
rjs
[1]
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>https://www.apache.org</param-value>
</init-param>
<init-param>
<!-- TODO: will need to make this aws-vpn -->
<param-name>cors.allowed.origins</param-name>
<param-value>https://hci.utah.edu</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/sgs/*</url-pattern>
</filter-mapping>
[2]
<context-param>
<description>Enable debugging for the application</description>
<param-name>debug</param-name>
<param-value>true</param-value>
</context-param>
<Valve
className="org.apache.catalina.valves.AccessLogValve"
prefix="sgs_access">
</Valve>
On 2/15/21 4:26 PM, Rob Sargent wrote:
Thanks again, Chris,
On 2/15/21 1:32 PM, Christopher Schultz wrote:
Try this:
$ openssl s_client -showcerts -connect k1:16004 -tls1_2
