Closed marfrde closed 11 months ago
AFAIU hawkBit gets client host (e.g. from X-Forwarded-For or Host headers) and then do some resolution. It doesn't expect port in 1.2.3.4:48837 but just IP/host name. It strange how it worked out with M7. Do you have any changes that could lead to change of incoming requests? I wonder if this commit https://github.com/eclipse/hawkbit/commit/dafc08304ddbdd7741a22c8a27f7b08ddc6b4a4f could be related.
Dos filters are enabled conditionally with:
@ConditionalOnProperty(prefix = "hawkbit.server.security.dos.filter", name = "enabled", matchIfMissing = true)
so you could disable it by setting Spring property hawkbit.server.security.dos.filter.enabled=false. I suppose you could do that by setting it as environment property for the java process.
PS: btw if you din't want to leak the ip of the client you shall remove it from the stack trace also (near the bottom) ...
https://github.com/eclipse/hawkbit/pull/1483 shall fix your case when you have ip and port
Thank you @avgustinmm for the quick response and fix.
I did search, but did not find any mention of a plan for upcoming releases. Are there any new releases planned or is 0.3.0 such a long term release as M7 has been? Or do I have to build my own image to get this fix?
Ho @marfrde , we plan to implement Spring Boot 3 migration and UI removal (as announced at https://eclipse.dev/hawkbit/blog/2023-10-22-vaadin8_ui_discontinuation/). This release will contain significant changes. I hope it will be ready before the end of the January 2024. Not sure if there would be any intermediate release.
Hello,
I have a problem accessing a newly migrated (from 0.3.0M7-mysql to 0.3.0M9-mysql) docker instance of hawkbit that is running as an Azure App Service.
The (db-) migration as such worked without issues (did the log say). Thanks for that. The issues starts when I want to access the frontend. I only get an internal server error
and the following stack trace in the log
The issue seems to be that here
The error can be simulated in this online editor snippet https://www.online-java.com/hO7VMaWGzF
Is there any possibility that this is just a configuration issue or is there a way to disable the DosFilter ( I know, not recommended but would allow me to run it until there's a better solution and the issue seems to originate from there)? Or is there a different fix that a non-java-developer can use to get this up and finalize the migration?
Thank you.