Lra coordinator calls the url using HTTP and not HTTPS

[Mil Qasemi]

Hi,

I was having an issue when using the LRA coordinator with Quarkus.

Basically, my participant URL is something like this "https://api.test.com/do"  but when the coordinator tries to call the complete/compensate method it uses HTTP instead of HTTPS, so the coordinator calls "http://api.test.com/do/complete", What is the reason behind it? and is there a way to make it use https?

Thank you very much

Best

Mil

[Manuel Finelli]

Hi Mil,

Maybe this could be related to your question?

Manuel

--
You received this message because you are subscribed to the Google Groups "narayana-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to narayana-user...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/narayana-users/abc26a26-4c2a-4fe5-a96f-ff440c0be398n%40googlegroups.com.

[Mil Qasemi]

Hi,

Thanks for the link, but I didn't find any way that would solve my issue there.

Best

Milad

[Michael Musgrove]

We intercept requests to your service, using a JAX_RS filter, to obtain the JAX-RS ContainerRequestContext. The request context gives us the request URI (`containerRequestContext.getUriInfo().getBaseUri()`) and we use that to build the endpoints for your complete/compensate resource methods and we pass those to the LRA coordinator for it to use when the LRA is closed/cancelled.

Will you verify that HTTPS is being used to make calls to your JAX-RS service.

--

You received this message because you are subscribed to the Google Groups "narayana-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to narayana-user...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/narayana-users/abc26a26-4c2a-4fe5-a96f-ff440c0be398n%40googlegroups.com.

--

Michael Musgrove

mmus...@redhat.com

JBoss, by Red Hat
Registered Address: Red Hat Ltd, 6700 Cork Airport Business Park, Kinsale Road, Co. Cork.
Registered in the Companies Registration Office, Parnell House, 14 Parnell Square, Dublin 1, Ireland, No.304873
Directors:Michael Cunningham (USA), Vicky Wiseman (USA), Michael O'Neill, Keith Phelan, Matt Parson (USA)

[Mil Qasemi]

Thanks for the answer. Yes, HTTPS is used to call the JAXRS service

[Mil Qasemi]

Hi,

I guess I know why it happened. There is SSL offloading happening on the load balancer so basically Https will be turned into Http at the load balancer so what actually reaches the jax rs service would be with the Http scheme. I am checking how would I be able to fix it, one way would be to force Https scheme in the interceptor by replacing the Http with the Https scheme. But that would cause issues when Http is used in the original URL.

Best

Mil

[Michael Musgrove]

Second guessing what protocols and schemes the service supports sounds risky, and since we know it definitely supports the scheme used in the service request using that for the LRA callbacks to the service will pose the fewest surprises. And, like you suggest, the application may not support SSL. I guess another config option would be a workaround but getting the application environment right seems like a preferable solution.

[Michael Musgrove]

This issue seems related to a zulip topic we had. Mil, please can you review that topic and decide whether the mentioned JBTM-3880 issue would solve your requirement?