Disable authentication for search interface on https (admin web server port)

Managed by | Updated .

Info
These steps are only applicable for Funnelback versions 14.2 to 15.0
  • Funnelback versions 14.0 and lower provide access to the Search UI 's/search.html' via http and https without authentication by default.
  • In Funnelback 15+ search UI binds to both HTTP 80 and HTTPS 443 with admin UI on port 8443 meaning by default no authentication is required for HTTPS access to search UI.

Web server configuration details

If the web server port is 8443 for https then accessing https://<server>:8443/s/search.html?collection=..... would require the user to enter a username and password.

Funnelback have 2 web servers running; usually on 8443 (admin/https) and 8080 (search/http).

  • Admin: Usually on port 8443 and restricted to the https protocol. This requires authentication to access the Funnelback Admin UI (/search/admin) and the Funnelback Search UI (/s/search.html).  
  • Public: Usually on port 8080 or 80 and restricted to http protocol. This requires no authentication and has no access only to the Funnelback Search UI (s/search.html).  

Remove Authentication to https

To remove the authentication required for https to the Public UI (s/search.html), edit web/conf/contexts-https/funnelback-publicui.xml and remove sections; 

  • securityHandler
  • overrideDescriptor  

Restart Jetty.

web/conf/contexts-https/funnelback-publicui.xml
<?xml version="1.0"  encoding="ISO-8859-1"?>

<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">

<Configure class="org.eclipse.jetty.webapp.WebAppContext">

    <Set name="contextPath">/s</Set>
    <Set name="war"><SystemProperty name="funnelback.installdir" />/web/webapps/funnelback-publicui.war</Set>

    <Set name="copyWebDir">false</Set>

    <Call name="setAttribute">
        <Arg>ExecutionContext</Arg>
        <Arg>Admin</Arg>
    </Call>

<!-- Delete from here to ... -->
    <!-- Set auth. constraints on the Modern UI deployed on the Admin context -->
    <Set name="overrideDescriptor"><SystemProperty name="funnelback.installdir" />/web/conf/modernui-auth.xml</Set>
    <Set name="securityHandler">
        <New class="org.eclipse.jetty.security.ConstraintSecurityHandler">
            <Set name="realmName">Funnelback Administration</Set>
            <Set name="loginService">
                 <New class="org.eclipse.jetty.jaas.JAASLoginService">
                     <Set name="name">Funnelback Administration</Set>
                     <Set name="loginModuleName">authentication</Set>
                 </New>
            </Set>
            <Call name="addConstraintMapping">
                <Arg>
                    <New class="org.eclipse.jetty.security.ConstraintMapping">
                        <Set name="pathSpec">/*</Set>
                        <Set name="constraint">
                            <New class="org.eclipse.jetty.util.security.Constraint" id="DefaultSecurityConstraint">
                                <Set name="authenticate">true</Set>
                                <Set name="name">BASIC</Set>
                                <Set name="roles">
                                    <Array type="java.lang.String">
                                        <Item>admin</Item>
                                    </Array>
                                </Set>
                            </New>
                        </Set>
                    </New>
                </Arg>
            </Call>
        </New>
    </Set>
<!-- ... to here -->

    <Set name="errorHandler">
        <New class="org.eclipse.jetty.servlet.ErrorPageErrorHandler">
            <Set name="showStacks">false</Set>
        </New>
    </Set>

    <Ref id="Server">
        <Get id="sessionManager" name="sessionIdManager" />
    </Ref>
   <Set name="sessionHandler">
        <New class="org.eclipse.jetty.server.session.SessionHandler">
            <Arg>
                <New class="org.eclipse.jetty.server.session.HashSessionManager">
                    <Set name="storeDirectory"><SystemProperty name="funnelback.installdir" />/web/work/sessions-https/publicui</Set>
                </New>

                <!-- Distributed sessions
                <New class="org.eclipse.jetty.server.session.JDBCSessionManager">
                    <Set name="idManager"><Ref id="sessionManager" /></Set>
                </New>
                -->
            </Arg>
        </New>
    </Set>

</Configure>
Was this artcle helpful?

Comments