changing administrative port makes console inaccessible

[phreakadelle]

Hello Team,

maybe its my bad and the issue can be closed quickly: I am running my WAS traditional container and have mapped the administrative port from inside the container 9060 to outside 80. When i am trying to open a browser on my IP on port 80 i get a redirect to port 9060 again and so the console is not showing up. Same occurs with wget

Can you help me how to access the IBM console on a different port outside the container?

[phreakadelle]

Ok... as i've created my own WAS base image with an insecure profile i can directly modify the URL and add the "unsecureLogon.jsp" page, so that the redirect does not happen. Than i am able to login and use the console. For me this is a valid workaround.

Do you have a more official way?

[arthurdm]

Hey @phreakadelle - I have created a mapping from 80 to 9043 and I have observed that https://localhost:80/ibm/console/login.do?action=secure renders fine, but then after entering the credentials I got a redirect back to https://localhost:9043/ibm/console/login.do?action=secure, while failed. But then manually changing the port back to 80 got me access to the admin console page and then everything else worked from there.

is this the behaviour you're seeing too?

[phreakadelle]

Hey @arthurdm Thats not the same behaviour but very similiar. I've tried to browse to "http://localhost:**80**/ibm/console" and got redirected to "http://localhost:**9060**/ibm/console/unsecureLogin.jsp". This fails!

When i try to open "http://localhost:80/ibm/console/unsecureLogin.jsp" and enter the credentials it works.

If it helps i can give you permission on our insecure-profile image which is hosted on DockerHub. Just give me your account name on DockerHub.

[tienhngnguyen]

Hi @phreakadelle, I would be interested in that image as well :) I had the same problem, but I fixed this issue by changing the internet WebSphere port meaning that you have to change the websphere port from 9060 to 80 as well that I redirects you to the right port. However, that does not work if using a HA proxy (e.g. OpenShift) in front of WebSphere. I opened another thread for this case https://github.com/WASdev/ci.docker.websphere-traditional/issues/87

[phreakadelle]

I've uploaded those WAS traditional images with an insecure profile on DockerHub: https://hub.docker.com/r/psinfra/websphere-traditional/tags/

Here are the Source Files: https://github.com/phreakadelle/ci.docker.websphere-traditional

[tienhngnguyen]

What have you changed in that image? Could I see the Dockerfile that image?

[phreakadelle]

Here are the source files: https://github.com/phreakadelle/ci.docker.websphere-traditional

[tienhngnguyen]

Thank you :)

2018-05-24 14:37 GMT+02:00 Stephan notifications@github.com:

Here are the source files: https://github.com/phreakadelle/ci.docker.websphere-traditional

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/WASdev/ci.docker.websphere-traditional/issues/82#issuecomment-391699048, or mute the thread https://github.com/notifications/unsubscribe-auth/AYjgJUt5tA0Cw-F-3uPs_SyklB3CYssOks5t1qmggaJpZM4TYZ6I .

[tienhngnguyen]

So basically, you were just disabling the security of the websphere server which enables you to use HTTP instead of HTTPS in front of the URL?

[phreakadelle]

Yes, easily like this.

[YuLimin]

docker run --name wasbase -h wasbase -v $(pwd)/PASSWORD:/tmp/PASSWORD -p 9044:9043 -p 9444:9443 -d ibmcom/websphere-traditional:install

1. Add two custom properties under WebContainer trusthostheaderport = true com.ibm.ws.webcontainer.extractHostHeaderPort = true

2. Add your new ports on Virtual hosts under Environment. such as 9044 under admin_host for admin console and 9444 under default_host for default host that you exposed them.

Finally, we can add these setting into shell and rebuild WAS images for expose customize ports then run smoothly.