Is jetty mode startup of Moqui not supporting HTTPS?

moqui / moqui-framework

Use Moqui Framework to build enterprise applications based on Java. It includes tools for databases (relational, graph, document), local and web services, web and other UI with screens and forms, security, file/resource access, scripts, templates, l10n, caching, logging, search, rules, workflow, multi-instance, and integration.

http://www.moqui.org

Other

284 stars 204 forks source link

Is jetty mode startup of Moqui not supporting HTTPS? #624

Closed daiagou closed 1 year ago

daiagou commented 1 year ago

I took a look at MoquiStart.java and found that it only enables the HTTP port, there is no code for enabling the HTTPS port. I would like to inquire whether this is because HTTPS is usually handled by mapping with Nginx, Ingress, or similar tools, so Moqui doesn't need to handle it. Or is there any other specific reason for this?

jonesde commented 1 year ago

Yes, it is usually better to terminate HTTPS outside the servlet container, either in a single reverse proxy like nginx-proxy in the example docker compose configurations, or even in a load balancer or web application firewall in a larger public-facing deployment. In a small deployment a reverse proxy like nginx or httpd for security and such is generally recommended.

One could modify the MoquiStart.java file to add HTTPS support with a 443 or other port listener, and one could also deploy the moqui.war file in an external servlet container like full Jetty or Tomcat (instead of embedded Jetty).

aabiabdallah commented 1 year ago

If you're still meaning to add HTTPS support to Moqui itself you may want to checkout this fork:

https://github.com/mkdecisiondev/moqui-framework/blob/master/framework/src/start/java/MoquiStart.java#L107

Closing this issue for now since both feedback and coded solution have been shared.