Bug #7819
Metacat always shows the https protocol on the dataone base url even it is configured without supporting ssl
100%
Description
NEON Metacat is joining Dataone network as a tier one mn without supporting https . However, we found that mn.getCapacities always return the baseURL with https rather than http.
I looked at the code and found in mn.getCapacities:
String serviceName = SystemUtil.getSecureContextURL() + "/" + PropertyService.getProperty("dataone.serviceName");
Node node = new Node();
node.setBaseURL(serviceName + "/" + nodeTypeString);
So it always returns a base url with https.
However, they hesitate to configure ssl on their server. So we shouldn't assume it is always https.
History
#1 Updated by Matthew Jones over 8 years ago
While I support changing/fixing this, I also think that NEON should be using SSL. Our base infrastructure at a minimum requires identification of MN and CN nodes to one another (even at Tier 1), and SSL is required for that. Running a Metacat server without SSL is just not a very good idea. We might even want to consider removing support for non-SSL metacat deployments.
#2 Updated by Jing Tao over 8 years ago
- Target version set to CCI-2.2.0
I agree. Even though I will change it, we will persuade them to use the ssl configuration.
#3 Updated by Jing Tao over 8 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
We use the getContextURL method to replace the getSecureContextURL method. It will decide to use http or https. I tested and it worked.
The change was committed to branch 2.7 (release for cci 2.2.0) or trunk.
