diff --git a/jans-linux-setup/jans_setup/setup_app/installers/jans_auth.py b/jans-linux-setup/jans_setup/setup_app/installers/jans_auth.py
index 3ac476f1805..7c555a050fe 100644
--- a/jans-linux-setup/jans_setup/setup_app/installers/jans_auth.py
+++ b/jans-linux-setup/jans_setup/setup_app/installers/jans_auth.py
@@ -15,6 +15,8 @@
from setup_app.installers.jetty import JettyInstaller
from setup_app.static import AppType, InstallOption, SetupProfiles
+Config.jans_auth_port = '8081'
+
class JansAuthInstaller(JettyInstaller):
source_files = [
diff --git a/jans-linux-setup/jans_setup/setup_app/installers/jans_lock.py b/jans-linux-setup/jans_setup/setup_app/installers/jans_lock.py
index 0142978367f..5c1243425b7 100644
--- a/jans-linux-setup/jans_setup/setup_app/installers/jans_lock.py
+++ b/jans-linux-setup/jans_setup/setup_app/installers/jans_lock.py
@@ -49,7 +49,7 @@ def __init__(self):
self.opa_dir = os.path.join(Config.opt_dir, 'opa')
self.opa_bin_dir = os.path.join(self.opa_dir, 'bin')
self.opa_log_dir = os.path.join(self.opa_dir, 'logs')
-
+ self.base_endpoint = 'jans-lock' if Config.get('install_jans_lock_as_server') else 'jans-auth'
def install(self):
if Config.get('install_jans_lock_as_server'):
@@ -71,6 +71,7 @@ def install(self):
base.current_app.ConfigApiInstaller.source_files.append(self.source_files[3])
base.current_app.ConfigApiInstaller.install_plugin('lock-plugin')
+ self.apache_lock_config()
def install_as_server(self):
self.installJettyService(self.jetty_app_configuration[self.service_name], True)
@@ -110,6 +111,27 @@ def configure_message_conf(self):
message_conf_json = self.readFile(self.message_conf_json)
self.dbUtils.set_configuration('jansMessageConf', message_conf_json)
+ def apache_lock_config(self):
+ apache_config = self.readFile(base.current_app.HttpdInstaller.https_jans_fn).splitlines()
+ if Config.get('install_jans_lock_as_server'):
+ proxy_context = 'jans-lock'
+ proxy_port = Config.jans_lock_port
+ else:
+ proxy_port = Config.jans_auth_port
+ proxy_context = 'jans-auth'
+
+ jans_lock_well_known_proxy_pass = f' ProxyPass /.well-known/lock-master-configuration http://localhost:{proxy_port}/{proxy_context}/v1/configuration'
+ jans_lock_well_known_proxy_pass += f'\n\n \n Header edit Set-Cookie ^((?!opbs|session_state).*)$ $1;HttpOnly\n ProxyPass http://localhost:{proxy_port}/{proxy_context} retry=5 connectiontimeout=60 timeout=60\n Order deny,allow\n Allow from all\n \n'
+
+
+ proyx_pass_n = 0
+ for i, l in enumerate(apache_config):
+ if l.strip().startswith('ProxyErrorOverride') and l.strip().endswith('On'):
+ proyx_pass_n = i
+
+ apache_config.insert(proyx_pass_n-1, jans_lock_well_known_proxy_pass)
+ self.writeFile(base.current_app.HttpdInstaller.https_jans_fn, '\n'.join(apache_config), backup=False)
+
def install_opa(self):
opa_fn = 'opa'
diff --git a/jans-linux-setup/jans_setup/templates/apache/https_jans.conf b/jans-linux-setup/jans_setup/templates/apache/https_jans.conf
index b0f5a23f8b1..fedda79ddfb 100644
--- a/jans-linux-setup/jans_setup/templates/apache/https_jans.conf
+++ b/jans-linux-setup/jans_setup/templates/apache/https_jans.conf
@@ -76,7 +76,7 @@
Header edit Set-Cookie ^((?!opbs|session_state).*)$ $1;HttpOnly
- ProxyPass http://localhost:8081/jans-auth retry=5 connectiontimeout=60 timeout=60
+ ProxyPass http://localhost:%(jans_auth_port)s/jans-auth retry=5 connectiontimeout=60 timeout=60
# Header set Access-Control-Allow-Origin "*"
Order deny,allow
Allow from all
@@ -96,13 +96,6 @@
Allow from all
-
- Header edit Set-Cookie ^((?!opbs|session_state).*)$ $1;HttpOnly
- ProxyPass http://localhost:%(jans_lock_port)s/jans-lock retry=5 connectiontimeout=60 timeout=60
- Order deny,allow
- Allow from all
-
-
SSLVerifyClient optional_no_ca
SSLVerifyDepth 10
@@ -118,13 +111,13 @@
Allow from all
- ProxyPass /.well-known/openid-configuration http://localhost:8081/jans-auth/.well-known/openid-configuration
- ProxyPass /.well-known/webfinger http://localhost:8081/jans-auth/.well-known/webfinger
- ProxyPass /.well-known/uma2-configuration http://localhost:8081/jans-auth/restv1/uma2-configuration
+ ProxyPass /.well-known/openid-configuration http://localhost:%(jans_auth_port)s/jans-auth/.well-known/openid-configuration
+ ProxyPass /.well-known/webfinger http://localhost:%(jans_auth_port)s/jans-auth/.well-known/webfinger
+ ProxyPass /.well-known/uma2-configuration http://localhost:%(jans_auth_port)s/jans-auth/restv1/uma2-configuration
ProxyPass /.well-known/fido2-configuration http://localhost:8073/jans-fido2/restv1/configuration
ProxyPass /.well-known/scim-configuration http://localhost:8087/jans-scim/restv1/scim-configuration
- ProxyPass /firebase-messaging-sw.js http://localhost:8081/jans-auth/firebase-messaging-sw.js
- ProxyPass /device-code http://localhost:8081/jans-auth/device_authorization.htm
+ ProxyPass /firebase-messaging-sw.js http://localhost:%(jans_auth_port)s/jans-auth/firebase-messaging-sw.js
+ ProxyPass /device-code http://localhost:%(jans_auth_port)s/jans-auth/device_authorization.htm
ProxyErrorOverride On
diff --git a/jans-linux-setup/jans_setup/templates/jans-lock/dynamic-conf.json b/jans-linux-setup/jans_setup/templates/jans-lock/dynamic-conf.json
index f9b46fe325a..1fc541a8f3f 100644
--- a/jans-linux-setup/jans_setup/templates/jans-lock/dynamic-conf.json
+++ b/jans-linux-setup/jans_setup/templates/jans-lock/dynamic-conf.json
@@ -1,5 +1,5 @@
{
- "baseEndpoint" : "https://%(hostname)s/jans-lock/v1",
+ "baseEndpoint" : "https://%(hostname)s/%(base_endpoint)s/v1",
"tokenChannels":[
"jans_token"
diff --git a/jans-linux-setup/jans_setup/templates/jetty/jans-auth b/jans-linux-setup/jans_setup/templates/jetty/jans-auth
index dbd17a1d924..6acfd674184 100644
--- a/jans-linux-setup/jans_setup/templates/jetty/jans-auth
+++ b/jans-linux-setup/jans_setup/templates/jetty/jans-auth
@@ -5,7 +5,7 @@ JAVA_OPTIONS="-server -Xms%(jans-auth_min_heap_mem)sm -Xmx%(jans-auth_max_heap_m
JETTY_HOME=%(jetty_home)s
JETTY_BASE=%(jetty_base)s/jans-auth
JETTY_USER=%(jetty_user)s
-JETTY_ARGS="jetty.http.host=localhost jetty.http.port=8081"
+JETTY_ARGS="jetty.http.host=localhost jetty.http.port=%(jans_auth_port)s"
TMPDIR=%(jetty_dist)s/temp
export PYTHON_HOME=%(jython_home)s