angular (development vs production) and anubis (login not possible)
61 views
Skip to first unread message
Armin Wenz
Mar 24, 2026, 9:55:52 AM (10 days ago) Mar 24
to dspac...@googlegroups.com
Hi all,
I am testing DSpace 9.2 (no CRIS) with anubis in front of it. I use
apache as proxy.
When running the back- and frontend without anubis in front everything
works fine.
When I put anubis between the proxy and the frontend I encounter a
different behaviour when running the frontend in development or in
production mode.
For development mode I build the frontend via 'npm run build:dev' and
start it via
NODE_ENV="development" node ./dist/server/main.js
In this case everything is working as expected. I got no relevant errors
(apart from 404 for google-analytics we don't use). When clicking on the
Login Button I see the modal showing the options for password or OIDC
Login. I can login as expected and everything's fine.
When I build the frontend via 'npm run build:prod' and start it via
NODE_ENV="production" node ./dist/server/main.js
at first everything seems to be fine. The frontend is loading, I can
browse just fine.
In the terminal I got errors saying
ERROR Error: undefined doesn't contain the link sites
at /opt/local/openscience-ui/dist/server/main.js:1:1622049
at /opt/local/openscience-ui/dist/server/main.js:1:4685635
at OperatorSubscriber2._this._next
(/opt/local/openscience-ui/dist/server/main.js:1:309020)
at OperatorSubscriber2.Subscriber2.next
(/opt/local/openscience-ui/dist/server/main.js:1:3771406)
at /opt/local/openscience-ui/dist/server/main.js:1:4685622
at OperatorSubscriber2._this._next
(/opt/local/openscience-ui/dist/server/main.js:1:309020)
at OperatorSubscriber2.Subscriber2.next
(/opt/local/openscience-ui/dist/server/main.js:1:3771406)
at /opt/local/openscience-ui/dist/server/main.js:1:4200924
at OperatorSubscriber2._this._next
(/opt/local/openscience-ui/dist/server/main.js:1:309020)
at OperatorSubscriber2.Subscriber2.next
(/opt/local/openscience-ui/dist/server/main.js:1:3771406)
which doesn't tell me much.
I see a similar error in the browser console
ERROR Error: undefined doesn't contain the link authn
After clicking on the Login button I only get a white rectangle. The
Login options do not show. In the browser console no errors are shown.
Same in the terminal.
Because neither the apache nor the anubis config is changed while
running the frontend in dev or prod mode I assume there are some
differences in dev and prod I do not know or understand. Or maybe a
missing Header in apache I need for prod mode but not for dev mode.
Does anybody have a glue where to look or can point me to any
documentation I may find a solution? Or you may already have a solution?
If you need any configs I use, just tell me.
Thanks so far
--
Armin Wenz
Universitätsbibliothek Mainz
Leitung Bibliotheksanwendungen
Jakob-Welder-Weg 12
55128 Mainz
Tel.: +49 6131 39-29830
http://www.ub.uni-mainz.de
I am testing DSpace 9.2 (no CRIS) with anubis in front of it. I use
apache as proxy.
When running the back- and frontend without anubis in front everything
works fine.
When I put anubis between the proxy and the frontend I encounter a
different behaviour when running the frontend in development or in
production mode.
For development mode I build the frontend via 'npm run build:dev' and
start it via
NODE_ENV="development" node ./dist/server/main.js
In this case everything is working as expected. I got no relevant errors
(apart from 404 for google-analytics we don't use). When clicking on the
Login Button I see the modal showing the options for password or OIDC
Login. I can login as expected and everything's fine.
When I build the frontend via 'npm run build:prod' and start it via
NODE_ENV="production" node ./dist/server/main.js
at first everything seems to be fine. The frontend is loading, I can
browse just fine.
In the terminal I got errors saying
ERROR Error: undefined doesn't contain the link sites
at /opt/local/openscience-ui/dist/server/main.js:1:1622049
at /opt/local/openscience-ui/dist/server/main.js:1:4685635
at OperatorSubscriber2._this._next
(/opt/local/openscience-ui/dist/server/main.js:1:309020)
at OperatorSubscriber2.Subscriber2.next
(/opt/local/openscience-ui/dist/server/main.js:1:3771406)
at /opt/local/openscience-ui/dist/server/main.js:1:4685622
at OperatorSubscriber2._this._next
(/opt/local/openscience-ui/dist/server/main.js:1:309020)
at OperatorSubscriber2.Subscriber2.next
(/opt/local/openscience-ui/dist/server/main.js:1:3771406)
at /opt/local/openscience-ui/dist/server/main.js:1:4200924
at OperatorSubscriber2._this._next
(/opt/local/openscience-ui/dist/server/main.js:1:309020)
at OperatorSubscriber2.Subscriber2.next
(/opt/local/openscience-ui/dist/server/main.js:1:3771406)
which doesn't tell me much.
I see a similar error in the browser console
ERROR Error: undefined doesn't contain the link authn
After clicking on the Login button I only get a white rectangle. The
Login options do not show. In the browser console no errors are shown.
Same in the terminal.
Because neither the apache nor the anubis config is changed while
running the frontend in dev or prod mode I assume there are some
differences in dev and prod I do not know or understand. Or maybe a
missing Header in apache I need for prod mode but not for dev mode.
Does anybody have a glue where to look or can point me to any
documentation I may find a solution? Or you may already have a solution?
If you need any configs I use, just tell me.
Thanks so far
--
Armin Wenz
Universitätsbibliothek Mainz
Leitung Bibliotheksanwendungen
Jakob-Welder-Weg 12
55128 Mainz
Tel.: +49 6131 39-29830
http://www.ub.uni-mainz.de
george veranis
Mar 24, 2026, 9:58:03 AM (10 days ago) Mar 24
to Armin Wenz, dspac...@googlegroups.com
I think you missed something in the configuration of apache
Which version of Anubis you use ?
Disclaimer: The information contained in this e-mail is intended only for the use of the individuals or entities to which it is addressed and may contain information that is privileged and confidential, the disclosure of which is prohibited by law. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify us immediately on webm...@dataly.gr or send an email to in...@dataly.gr and delete this e-mail from your system. Company with distinctive title Dataly Tech Single Member P.C., cannot accept any responsibility for the accuracy or completeness of this message and does not accept any liability for any errors or omissions in the context of this message as it has been transmitted over a public network. Internet communications cannot be guaranteed to be secure or error free as information could be intercepted, corrupted, or contain viruses. Attachments to this e-mail are checked for viruses; however, we do not accept any liability for any damage sustained by viruses and therefore you are kindly requested to check for viruses upon receipt.
George Veranis
Dataly Tech
Tel: +30 6936 35 14 03
Email: gver...@gmail.com
SkypeId: gveranis
Disclaimer: The information contained in this e-mail is intended only for the use of the individuals or entities to which it is addressed and may contain information that is privileged and confidential, the disclosure of which is prohibited by law. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify us immediately on webm...@dataly.gr or send an email to in...@dataly.gr and delete this e-mail from your system. Company with distinctive title Dataly Tech Single Member P.C., cannot accept any responsibility for the accuracy or completeness of this message and does not accept any liability for any errors or omissions in the context of this message as it has been transmitted over a public network. Internet communications cannot be guaranteed to be secure or error free as information could be intercepted, corrupted, or contain viruses. Attachments to this e-mail are checked for viruses; however, we do not accept any liability for any damage sustained by viruses and therefore you are kindly requested to check for viruses upon receipt.
--
All messages to this mailing list should adhere to the Code of Conduct: https://lyrasis.org/code-of-conduct/
---
You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/dspace-tech/7f9f15ba-6441-4b14-8a8a-c95ef9f329dc%40ub.uni-mainz.de.
Armin Wenz
Mar 25, 2026, 7:16:07 AM (9 days ago) Mar 25
to george veranis, dspac...@googlegroups.com
Hi George,
that's my guess, too. But I don't have a glue what it may be.
For anubis we are using 1.25.0
And here is the apache.conf (stripped off unrelevant stuff)
# the vhost proxying to anubis
<VirtualHost *:443>
ServerAdmin ...
ServerName ...
Protocols h2 http/1.1
SSLEngine on
SSLProxyEngine on
SSLCertificateFile ...
SSLCertificateKeyFile ...
# needed for anubis
RequestHeader set "X-Real-Ip" expr=%{REMOTE_ADDR}
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set "X-Http-Version" "%{SERVER_PROTOCOL}s"
ProxyPreserveHost On
ProxyRequests Off
ProxyVia Off
# proxy (nearly) everything to anubis
ProxyPass /status !
ProxyPass / http://localhost:8923/
ProxyPassReverse / http://localhost:8923/
</VirtualHost>
# the vhost for anubis target
<VirtualHost *:3027>
Protocols h2 http/1.1
ServerAdmin ...
ServerName ...
UseCanonicalName On
LogLevel info
ErrorLog ...
CustomLog ...
Header always set Strict-Transport-Security: "max-age=31536000;
includeSubDomains"
Header add Content-Security-Policy "default-src 'self'; script-src
'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:
w3.org/2000/svg"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-Xss-Protection "1; mode=block"
Header always set X-Content-Type-Options: "nosniff"
Header always set Referrer-Policy: "strict-origin-when-cross-origin"
Header always set Permissions-Policy: "camera=(),
fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(),
microphone=(), midi=(self), payment=(), sync-xhr=(self)"
Header always unset X-Powered-By
Header unset X-Powered-By
Header always set Server "Openscience"
RewriteEngine On
# enable old (DS6) pathes
RewriteRule "^/oai/(.*)" "/server/oai/$1" [PT]
RewriteRule "^/webjars/(.*)" "/server/webjars/$1" [PT]
ProxyPreserveHost On
ProxyIOBufferSize 65536
# Backend proxy
ProxyPass /server ajp://localhost:8009/server secret=...
ProxyPassReverse /server ajp://localhost:8009/server
# Frontend proxy
# Proxy all HTTPS requests from Apache to PM2 on port 4000
ProxyPass / http://localhost:4000/
ProxyPassReverse / http://localhost:4000/
</VirtualHost>
Maybe you see anything problematic.
On 2026-03-24 14:57, george veranis wrote:
> I think you missed something in the configuration of apache
> Which version of Anubis you use ?
>
> George Veranis
> Dataly Tech
> Tel: +30 6936 35 14 03
> Email: gver...@gmail.com <mailto:gver...@gmail.com>
> SkypeId: gveranis
> *
> Disclaimer:*The information contained in this e-mail is intended only
> an email to in...@dataly.gr <mailto:in...@dataly.gr>and delete this e-mail
> http://www.ub.uni-mainz.de <http://www.ub.uni-mainz.de>
> code-of-conduct/>
> tech/7f9f15ba-6441-4b14-8a8a-c95ef9f329dc%40ub.uni-mainz.de>.
that's my guess, too. But I don't have a glue what it may be.
For anubis we are using 1.25.0
And here is the apache.conf (stripped off unrelevant stuff)
# the vhost proxying to anubis
<VirtualHost *:443>
ServerAdmin ...
ServerName ...
Protocols h2 http/1.1
SSLEngine on
SSLProxyEngine on
SSLCertificateFile ...
SSLCertificateKeyFile ...
# needed for anubis
RequestHeader set "X-Real-Ip" expr=%{REMOTE_ADDR}
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set "X-Http-Version" "%{SERVER_PROTOCOL}s"
ProxyPreserveHost On
ProxyRequests Off
ProxyVia Off
# proxy (nearly) everything to anubis
ProxyPass /status !
ProxyPass / http://localhost:8923/
ProxyPassReverse / http://localhost:8923/
</VirtualHost>
# the vhost for anubis target
<VirtualHost *:3027>
Protocols h2 http/1.1
ServerAdmin ...
ServerName ...
UseCanonicalName On
LogLevel info
ErrorLog ...
CustomLog ...
Header always set Strict-Transport-Security: "max-age=31536000;
includeSubDomains"
Header add Content-Security-Policy "default-src 'self'; script-src
'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:
w3.org/2000/svg"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-Xss-Protection "1; mode=block"
Header always set X-Content-Type-Options: "nosniff"
Header always set Referrer-Policy: "strict-origin-when-cross-origin"
Header always set Permissions-Policy: "camera=(),
fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(),
microphone=(), midi=(self), payment=(), sync-xhr=(self)"
Header always unset X-Powered-By
Header unset X-Powered-By
Header always set Server "Openscience"
RewriteEngine On
# enable old (DS6) pathes
RewriteRule "^/oai/(.*)" "/server/oai/$1" [PT]
RewriteRule "^/webjars/(.*)" "/server/webjars/$1" [PT]
ProxyPreserveHost On
ProxyIOBufferSize 65536
# Backend proxy
ProxyPass /server ajp://localhost:8009/server secret=...
ProxyPassReverse /server ajp://localhost:8009/server
# Frontend proxy
# Proxy all HTTPS requests from Apache to PM2 on port 4000
ProxyPass / http://localhost:4000/
ProxyPassReverse / http://localhost:4000/
</VirtualHost>
Maybe you see anything problematic.
On 2026-03-24 14:57, george veranis wrote:
> I think you missed something in the configuration of apache
> Which version of Anubis you use ?
>
> George Veranis
> Dataly Tech
> Tel: +30 6936 35 14 03
> SkypeId: gveranis
> *
> Disclaimer:*The information contained in this e-mail is intended only
> for the use of the individuals or entities to which it is addressed and
> may contain information that is privileged and confidential, the
> disclosure of which is prohibited by law. If the reader of this message
> is not the intended recipient, you are hereby notified that any
> dissemination, distribution or copying of this communication is strictly
> prohibited. If you have received this e-mail in error, please notify us
> immediately on webm...@dataly.gr <mailto:webm...@dataly.gr> or send
> may contain information that is privileged and confidential, the
> disclosure of which is prohibited by law. If the reader of this message
> is not the intended recipient, you are hereby notified that any
> dissemination, distribution or copying of this communication is strictly
> prohibited. If you have received this e-mail in error, please notify us
> an email to in...@dataly.gr <mailto:in...@dataly.gr>and delete this e-mail
> from your system. Company with distinctive title Dataly Tech Single
> Member P.C., cannot accept any responsibility for the accuracy or
> completeness of this message and does not accept any liability for any
> errors or omissions in the context of this message as it has been
> transmitted over a public network. Internet communications cannot be
> guaranteed to be secure or error free as information could be
> intercepted, corrupted, or contain viruses. Attachments to this e-mail
> are checked for viruses; however, we do not accept any liability for any
> damage sustained by viruses and therefore you are kindly requested to
> check for viruses upon receipt.
>
>
> Στις Τρί 24 Μαρ 2026 στις 3:55 μμ ο χρήστης Armin Wenz <a.w...@ub.uni-
> mainz.de <mailto:a.w...@ub.uni-mainz.de>> έγραψε:
> Member P.C., cannot accept any responsibility for the accuracy or
> completeness of this message and does not accept any liability for any
> errors or omissions in the context of this message as it has been
> transmitted over a public network. Internet communications cannot be
> guaranteed to be secure or error free as information could be
> intercepted, corrupted, or contain viruses. Attachments to this e-mail
> are checked for viruses; however, we do not accept any liability for any
> damage sustained by viruses and therefore you are kindly requested to
> check for viruses upon receipt.
>
>
> Στις Τρί 24 Μαρ 2026 στις 3:55 μμ ο χρήστης Armin Wenz <a.w...@ub.uni-
>
> --
> All messages to this mailing list should adhere to the Code of
> Conduct: https://lyrasis.org/code-of-conduct/ <https://lyrasis.org/
> --
> All messages to this mailing list should adhere to the Code of
> code-of-conduct/>
> ---
> You received this message because you are subscribed to the Google
> Groups "DSpace Technical Support" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to dspace-tech...@googlegroups.com
> <mailto:dspace-tech%2Bunsu...@googlegroups.com>.
> You received this message because you are subscribed to the Google
> Groups "DSpace Technical Support" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to dspace-tech...@googlegroups.com
> To view this discussion visit https://groups.google.com/d/msgid/
> dspace-tech/7f9f15ba-6441-4b14-8a8a-c95ef9f329dc%40ub.uni-mainz.de
> <https://groups.google.com/d/msgid/dspace-
> dspace-tech/7f9f15ba-6441-4b14-8a8a-c95ef9f329dc%40ub.uni-mainz.de
> tech/7f9f15ba-6441-4b14-8a8a-c95ef9f329dc%40ub.uni-mainz.de>.
Armin Wenz
Mar 26, 2026, 6:34:31 AM (8 days ago) Mar 26
to dspac...@googlegroups.com
Hi,
just a follow-up:
While investigating further into that issue I disabled server-side
rendering in config.prod.yml
ssr:
enabled: false
After restarting the frontend the login modal is shown and I can login.
After that I enabled general SSR again and checked the
ssl.excludePathPatterns defined in config.yml.
I recognized I get the login modal and be able to login from all these
excluded URLs (like https://my.server/community-list or /search) but not
from others (like /home)
So it seems to be an issue with SSR because all URLs that use CSR are
doing fine. Does that ring any bell?
just a follow-up:
While investigating further into that issue I disabled server-side
rendering in config.prod.yml
ssr:
enabled: false
After restarting the frontend the login modal is shown and I can login.
After that I enabled general SSR again and checked the
ssl.excludePathPatterns defined in config.yml.
I recognized I get the login modal and be able to login from all these
excluded URLs (like https://my.server/community-list or /search) but not
from others (like /home)
So it seems to be an issue with SSR because all URLs that use CSR are
doing fine. Does that ring any bell?
george veranis
Mar 26, 2026, 6:57:09 AM (8 days ago) Mar 26
to Armin Wenz, dspac...@googlegroups.com
Set up in your Apache conf the following.
Do not make other changes on the Angular side, because the complexity then is huge.
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName ....
SSLEngine on
ErrorLog .....
<VirtualHost *:443>
ServerName ....
SSLEngine on
ErrorLog .....
RequestHeader set "X-Real-Ip" expr=%{REMOTE_ADDR}
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set "X-Http-Version" "%{SERVER_PROTOCOL}s"
ProxyPreserveHost On
ProxyRequests Off
ProxyVia Off
ProxyPass / http://[::1]:8923/
ProxyPassReverse / http://[::1]:8923/
ProxyPass /server http://[::1]:8923/
ProxyPassReverse /server http://[::1]:8923/
Include .....
SSLCertificateFile ......
SSLCertificateKeyFile ....
</VirtualHost>
</IfModule>
<VirtualHost *:3000>
ServerName .....
ProxyTimeout 300
ProxyRequests Off
ExpiresActive On
ExpiresDefault "access plus 30 seconds"
ErrorLog /var/log/somewhere..
LogLevel warn
ProxyPass /server http://localhost:8080/server
ProxyPassReverse /server http://localhost:8080/server
ProxyPassReverse / http://[::1]:8923/
ProxyPass /server http://[::1]:8923/
ProxyPassReverse /server http://[::1]:8923/
Include .....
SSLCertificateFile ......
SSLCertificateKeyFile ....
</VirtualHost>
</IfModule>
<VirtualHost *:3000>
ServerName .....
ProxyTimeout 300
ProxyRequests Off
ExpiresActive On
ExpiresDefault "access plus 30 seconds"
ErrorLog /var/log/somewhere..
LogLevel warn
ProxyPass /server http://localhost:8080/server
ProxyPassReverse /server http://localhost:8080/server
The same configuration we run it on DSpace 7, 8, or 9, and it is working perfectly with Anubis. Give it a try and let me know if it works with your case.
George
--
All messages to this mailing list should adhere to the Code of Conduct: https://lyrasis.org/code-of-conduct/
---
You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/dspace-tech/d265eeac-cdbc-4487-95a4-7cfb468f8e40%40ub.uni-mainz.de.
SkypeId: gveranis
Disclaimer: The information contained in this e-mail is intended only for the use of the individuals or entities to which it is addressed and may contain information that is privileged and confidential, the disclosure of which is prohibited by law. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify us immediately on webm...@dataly.gr or send an email to in...@dataly.gr and delete this e-mail from your system. Company with distinctive title Dataly Tech Single Member P.C., cannot accept any responsibility for the accuracy or completeness of this message and does not accept any liability for any errors or omissions in the context of this message as it has been transmitted over a public network. Internet communications cannot be guaranteed to be secure or error free as information could be intercepted, corrupted, or contain viruses. Attachments to this e-mail are checked for viruses; however, we do not accept any liability for any damage sustained by viruses and therefore you are kindly requested to check for viruses upon receipt.
Armin Wenz
Mar 27, 2026, 4:27:36 AM (7 days ago) Mar 27
to george veranis, dspac...@googlegroups.com
Hi George,
I reduced my apache2.conf to match yours. But with no success. The
problem remains the same.
But I have a question anyway:
You are proxying both '/' and '/server' to [::1]:8923. Is there a reason
for that or wouldn't "ProxyPass / http://[::1]:8923/" etc be enough?
> ProxyPass /server http://localhost:8080/server <http://localhost:8080/
> server>
> ProxyPassReverse /server http://localhost:8080/server <http://
> localhost:8080/server>
>
> ProxyPass / http://localhost:4000/ <http://localhost:4000/>
> ProxyPassReverse / http://localhost:4000/ <http://localhost:4000/>
> my.server/community-list> or /search) but not
> code-of-conduct/>
> cdbc-4487-95a4-7cfb468f8e40%40ub.uni-mainz.de>.
> an email to in...@dataly.gr <mailto:in...@dataly.gr>and delete this e-mail
I reduced my apache2.conf to match yours. But with no success. The
problem remains the same.
But I have a question anyway:
You are proxying both '/' and '/server' to [::1]:8923. Is there a reason
for that or wouldn't "ProxyPass / http://[::1]:8923/" etc be enough?
> server>
> ProxyPassReverse /server http://localhost:8080/server <http://
> localhost:8080/server>
>
> ProxyPass / http://localhost:4000/ <http://localhost:4000/>
> ProxyPassReverse / http://localhost:4000/ <http://localhost:4000/>
>
> </VirtualHost>
>
> The same configuration we run it on DSpace 7, 8, or 9, and it is working
> perfectly with Anubis. Give it a try and let me know if it works with
> your case.
>
> George
>
>
> Στις Πέμ 26 Μαρ 2026 στις 12:34 μ.μ., ο/η Armin Wenz <a.w...@ub.uni-
> mainz.de <mailto:a.w...@ub.uni-mainz.de>> έγραψε:
> </VirtualHost>
>
> The same configuration we run it on DSpace 7, 8, or 9, and it is working
> perfectly with Anubis. Give it a try and let me know if it works with
> your case.
>
> George
>
>
> Στις Πέμ 26 Μαρ 2026 στις 12:34 μ.μ., ο/η Armin Wenz <a.w...@ub.uni-
>
> Hi,
>
> just a follow-up:
>
> While investigating further into that issue I disabled server-side
> rendering in config.prod.yml
> ssr:
> enabled: false
>
> After restarting the frontend the login modal is shown and I can login.
>
> After that I enabled general SSR again and checked the
> ssl.excludePathPatterns defined in config.yml.
>
> I recognized I get the login modal and be able to login from all these
> excluded URLs (like https://my.server/community-list <https://
> Hi,
>
> just a follow-up:
>
> While investigating further into that issue I disabled server-side
> rendering in config.prod.yml
> ssr:
> enabled: false
>
> After restarting the frontend the login modal is shown and I can login.
>
> After that I enabled general SSR again and checked the
> ssl.excludePathPatterns defined in config.yml.
>
> I recognized I get the login modal and be able to login from all these
> my.server/community-list> or /search) but not
> > dist/server/main.js:1:3771406)
> > at /opt/local/openscience-ui/dist/server/main.js:1:4200924
> > at OperatorSubscriber2._this._next (/opt/local/openscience-
> ui/dist/
> > at /opt/local/openscience-ui/dist/server/main.js:1:4200924
> > at OperatorSubscriber2._this._next (/opt/local/openscience-
> ui/dist/
> > server/main.js:1:309020)
> > at OperatorSubscriber2.Subscriber2.next (/opt/local/
> openscience-ui/
> > at OperatorSubscriber2.Subscriber2.next (/opt/local/
> openscience-ui/
> > dist/server/main.js:1:3771406)
> >
> > which doesn't tell me much.
> >
> > I see a similar error in the browser console
> >
> > ERROR Error: undefined doesn't contain the link authn
> >
> >
> > After clicking on the Login button I only get a white rectangle. The
> > Login options do not show. In the browser console no errors are
> shown.
> > Same in the terminal.
> >
> > Because neither the apache nor the anubis config is changed while
> > running the frontend in dev or prod mode I assume there are some
> > differences in dev and prod I do not know or understand. Or maybe a
> > missing Header in apache I need for prod mode but not for dev mode.
> >
> > Does anybody have a glue where to look or can point me to any
> > documentation I may find a solution? Or you may already have a
> solution?
> > If you need any configs I use, just tell me.
> >
> > Thanks so far
> >
> >
>
> --
> Armin Wenz
> Universitätsbibliothek Mainz
> Leitung Bibliotheksanwendungen
> Jakob-Welder-Weg 12
> 55128 Mainz
> Tel.: +49 6131 39-29830
> http://www.ub.uni-mainz.de <http://www.ub.uni-mainz.de>
> >
> > which doesn't tell me much.
> >
> > I see a similar error in the browser console
> >
> > ERROR Error: undefined doesn't contain the link authn
> >
> >
> > After clicking on the Login button I only get a white rectangle. The
> > Login options do not show. In the browser console no errors are
> shown.
> > Same in the terminal.
> >
> > Because neither the apache nor the anubis config is changed while
> > running the frontend in dev or prod mode I assume there are some
> > differences in dev and prod I do not know or understand. Or maybe a
> > missing Header in apache I need for prod mode but not for dev mode.
> >
> > Does anybody have a glue where to look or can point me to any
> > documentation I may find a solution? Or you may already have a
> solution?
> > If you need any configs I use, just tell me.
> >
> > Thanks so far
> >
> >
>
> --
> Armin Wenz
> Universitätsbibliothek Mainz
> Leitung Bibliotheksanwendungen
> Jakob-Welder-Weg 12
> 55128 Mainz
> Tel.: +49 6131 39-29830
>
> --
> All messages to this mailing list should adhere to the Code of
> Conduct: https://lyrasis.org/code-of-conduct/ <https://lyrasis.org/
> --
> All messages to this mailing list should adhere to the Code of
> code-of-conduct/>
> ---
> You received this message because you are subscribed to the Google
> Groups "DSpace Technical Support" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to dspace-tech...@googlegroups.com
> <mailto:dspace-tech%2Bunsu...@googlegroups.com>.
> You received this message because you are subscribed to the Google
> Groups "DSpace Technical Support" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to dspace-tech...@googlegroups.com
> To view this discussion visit https://groups.google.com/d/msgid/
> dspace-tech/d265eeac-cdbc-4487-95a4-7cfb468f8e40%40ub.uni-mainz.de
> <https://groups.google.com/d/msgid/dspace-tech/d265eeac-
> dspace-tech/d265eeac-cdbc-4487-95a4-7cfb468f8e40%40ub.uni-mainz.de
> cdbc-4487-95a4-7cfb468f8e40%40ub.uni-mainz.de>.
>
>
>
> --
> George Veranis
> Dataly Tech
> Tel: +30 6936 35 14 03
> Disclaimer:*The information contained in this e-mail is intended only
>
>
> --
> George Veranis
> Dataly Tech
> Tel: +30 6936 35 14 03
> for the use of the individuals or entities to which it is addressed and
> may contain information that is privileged and confidential, the
> disclosure of which is prohibited by law. If the reader of this message
> is not the intended recipient, you are hereby notified that any
> dissemination, distribution or copying of this communication is strictly
> prohibited. If you have received this e-mail in error, please notify us
> immediately on webm...@dataly.gr <mailto:webm...@dataly.gr> or send
> may contain information that is privileged and confidential, the
> disclosure of which is prohibited by law. If the reader of this message
> is not the intended recipient, you are hereby notified that any
> dissemination, distribution or copying of this communication is strictly
> prohibited. If you have received this e-mail in error, please notify us
> an email to in...@dataly.gr <mailto:in...@dataly.gr>and delete this e-mail
> from your system. Company with distinctive title Dataly Tech Single
> Member P.C., cannot accept any responsibility for the accuracy or
> completeness of this message and does not accept any liability for any
> errors or omissions in the context of this message as it has been
> transmitted over a public network. Internet communications cannot be
> guaranteed to be secure or error free as information could be
> intercepted, corrupted, or contain viruses. Attachments to this e-mail
> are checked for viruses; however, we do not accept any liability for any
> damage sustained by viruses and therefore you are kindly requested to
> check for viruses upon receipt.
> Member P.C., cannot accept any responsibility for the accuracy or
> completeness of this message and does not accept any liability for any
> errors or omissions in the context of this message as it has been
> transmitted over a public network. Internet communications cannot be
> guaranteed to be secure or error free as information could be
> intercepted, corrupted, or contain viruses. Attachments to this e-mail
> are checked for viruses; however, we do not accept any liability for any
> damage sustained by viruses and therefore you are kindly requested to
> check for viruses upon receipt.
george veranis
Mar 27, 2026, 4:29:40 AM (7 days ago) Mar 27
to Armin Wenz, dspac...@googlegroups.com
You need both
Also check the conf from Anubis service
Can you share it ?
SkypeId: gveranis
Disclaimer: The information contained in this e-mail is intended only for the use of the individuals or entities to which it is addressed and may contain information that is privileged and confidential, the disclosure of which is prohibited by law. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify us immediately on webm...@dataly.gr or send an email to in...@dataly.gr and delete this e-mail from your system. Company with distinctive title Dataly Tech Single Member P.C., cannot accept any responsibility for the accuracy or completeness of this message and does not accept any liability for any errors or omissions in the context of this message as it has been transmitted over a public network. Internet communications cannot be guaranteed to be secure or error free as information could be intercepted, corrupted, or contain viruses. Attachments to this e-mail are checked for viruses; however, we do not accept any liability for any damage sustained by viruses and therefore you are kindly requested to check for viruses upon receipt.
Armin Wenz
Mar 27, 2026, 5:46:35 AM (7 days ago) Mar 27
to george veranis, dspac...@googlegroups.com
On 2026-03-27 09:29, george veranis wrote:
> You need both
> Also check the conf from Anubis service
> Can you share it ?
>
Sure.
> You need both
> Also check the conf from Anubis service
> Can you share it ?
>
Here's my .env file
BIND=localhost:8923
BIND_NETWORK=tcp
DIFFICULTY=4
METRICS_BIND=127.0.0.1:9090
METRICS_BIND_NETWORK=tcp
POLICY_FNAME=/etc/anubis/openscience.yaml
REDIRECT_DOMAINS="..."
SERVE_ROBOTS_TXT=0
TARGET=http://localhost:3027
# openssl rand -hex 32
ED25519_PRIVATE_KEY_HEX=...
LOG_LEVEL=INFO
And my .yaml file. It's pretty much the standard config
bots:
- name: FIS
action: ALLOW
remote_addresses:
- ...
- name: DNB
action: ALLOW
remote_addresses:
- ...
- import: (data)/bots/aggressive-brazilian-scrapers.yaml
- import: (data)/meta/ai-block-aggressive.yaml
- import: (data)/crawlers/_allow-good.yaml
# Aggressively block AI/LLM related bots/agents by default
- import: (data)/meta/ai-block-aggressive.yaml
# Allow common "keeping the internet working" routes (well-known,
favicon, robots.txt)
- import: (data)/common/keep-internet-working.yaml
# Challenge Firefox AI previews
- import: (data)/clients/x-firefox-ai.yaml
# Generic catchall rule
- name: generic-browser
user_agent_regex: >-
Mozilla|Opera
action: WEIGH
weight:
adjust: 10
dnsbl: false
openGraph:
enabled: false
considerHost: false
ttl: 24h
status_codes:
CHALLENGE: 200
DENY: 200
store:
backend: valkey
parameters:
url: "redis://127.0.0.1:6379/0"
logging:
sink: file
level: "INFO"
parameters:
...
sink: stdio
level: INFO
parameters: {}
holds:
- name: minimal-suspicion # This client is likely fine, its soul is
lighter than a feather
expression: weight <= 0 # a feather weighs zero units
action: ALLOW # Allow the traffic through
- name: mild-suspicion
expression:
all:
- weight > 0
- weight < 10
action: CHALLENGE
challenge:
algorithm: metarefresh
difficulty: 1
- name: moderate-suspicion
expression:
all:
- weight >= 10
- weight < 20
action: CHALLENGE
challenge:
algorithm: fast
difficulty: 2 # two leading zeros, very fast for most clients
- name: mild-proof-of-work
expression:
all:
- weight >= 20
- weight < 30
action: CHALLENGE
challenge:
algorithm: fast
difficulty: 4
- name: extreme-suspicion
expression: weight >= 30
action: CHALLENGE
challenge:
algorithm: fast
--
Armin Wenz
Reply all
Reply to author
Forward
0 new messages