Two application servers on one web server? - web-services

I have a Rails app which provides service through Nginx server(with thin). Now I want to build another app in Node.js on the same machine.
My question is, can I have Nginx redirect users' reqeusts? e.g. when a user access 'foo.mydomain.com' it will be processed by Rails app, and when she visit 'bar.mydomain.com' it can be processed by Node app.
(I'm not sure whether it's related to the type of apps, i.e. Rails, Nodejs, etc)

You can set up two serverblocks in your nginx config; One listening for bar.mydomain.com and the other one for foo.mydomain.com and then use the proxy_pass module in nginx to pass forward the requests to your Node or Rails app.

Related

How to host SPA in CloudFront with webserver as backend?

I am working on a home project which consists of two parts: web server (Java) and SPA application (Angular + Webpack) that communicate with each other via REST and websockets. At the moment the UI is served by NGINX as static content, and webserver is hosted on the same server as NGINX. It means when user makes request to mydomain.com NGINX provides angular static content to user's browser (js, html, css). In these js files I have several services that communicate with webserver using relative paths (e.g. /getPriceList, browser makes request to mydomain.com/getPriceList). So I wonder if it's possible to use something like Amazon CloudFront (CDN) for serving static content and get rid of NGINX? I've just started reading documentation and can't catch how should I configure my UI app in order to work with webserver that is located on separate machine. The desired scenario is when user requests mydomain.com he will get all static content (UI app) from CDN. But it's not clear how the UI app should be configured in order to have access to my web server (where should it be hosted, should I still use relative paths and so on). I hope that you caught my question.

Rails - How can I remove the :3000 from the URL in rails thin server?

I have binded my rails thin server to a local IP. which I have given the domain name as project1. But when I am changing the hostname to project1 sometimes it goes to project1:3000. How can I remove the :3000 from the URL?
Web standards are:
http is port 80.
https is port 443.
When you go to http://stackoverflow.com, it is the same as http://stackoverflow.com:80 or https://www.google.com is the same as https://www.google.com:443
So, the :3000 at the end of the url is the port where your development server is pointing, this is normal behavior for web development. All modern frameworks will serve up the development site on a different port, 3000 being the most common. This is done for a lot of reasons, two good ones are.
Don't need to change any permission to run on port 3000, like you do if you want to run on 80, and you don't need to us an ssl certificate if you run on 443.
You can tell when you are in development.
You are trying to do something you shouldn't. If you haven't used the correct helper methods to build your links in rails you could run into some issue.
Now that you know why you shouldn't do it. You can just change the port in the rails server command like this rails server -b THEIPYOUWANTTOUSE -p 80. You will have to have the correct permissions.
First of all.You need proxy server, because rails have their app server lika thin, puma, rack and you need server that will accept requests to your IP (nginx, apache) and give them to rails server. There is a lot of guides how to deploy rails app in production mode. Try this guide or this one . This will help you run your application in production mode.

Is it possible to make Django send data over tls protocol?

I am currently working on a web project in django and there is a requirement to ensure the safety of transmitting data over a network (passwords, usernames etc.).
I've read on owasp cheat sheet about authenication that for safety reasons all passwords should be sent from a client to a server over tsl protocol.
https://www.owasp.org/index.php/Authentication_Cheat_Sheet#Transmit_Passwords_Only_Over_TLS_or_Other_Strong_Transport
Django framework sends these over http protocol. Is it possible to make django send it over tsl or work around it in another way?
When you run a Django application on the Internet, it's usually looking something like this:
[Django Application] <-> [uWSGI] <-> [nginx] <-> [web browser]
You can use different components, e.g. Gunicorn instead of uWSGI or Apache instead of nginx.
The thing is, you simply configure the webserver (Apache or nginx or whatever) with an SSL certificate and listen for https instead of http.
I think you're using Django runserver command for server your app over HTTP. It is absolutely not made for production and is a really HTTP (only) server for development.
For serve your app across SSL/TLS, you must use a frontend as described in henrikstroem's response

limit access of webservice to localhost using jetty 9 configuration

I am using jetty 9 to run my web app. Basically, there is a web app( abc) which runs on port 8443.This webapp abc.war is deployed in jetty 9 server.
Now,there was a requirement to come up with a new web service(say xyzWebService). This new web service runs in the same jetty server as above.We actually created xyzWebService.jar and added it to the abc.war.(lib folder). Now, the problem is that this webservice should be accessed by local host clients only.But the war can be accessed by any client.
I thought of adding connector to jetty, and now my jetty listens on two ports. one is 8443 and another is 9797.But, i am not able to figure out a way , where in , say, I can restrict 9797 port for localhost web service clients only .
I actually explored adding below content to jetty-web.xml. Virtual hosts, according to my understanding, expects both contexts to be a separate web app. But in our case, webservice is a jar and part of the abc webapp.
127.0.0.1
localhost
www.acme.com
PS: i CANNOT expose my WebService as a war ,because this webservice and "abc" app shares some singleton classes.
Please let me know what can be done. I want to take a configuration approach.

authenticate play 1.2.x application running on separate server from another play 1.2.x application implemented with secure module

I have developed a play 1.2.5 application and implemented secure module module for authentication.Its working fine. Now I have developed another play 1.2.5 application which is running on a separate server. I have maintained a href tag in my first play application which has the link to second application.On loging in through my first application, I want the username to be passed to the second application because i am using the logged username. As soon as I log out from the first application, The session (username) should be removed from the second application too.
How can i achieve this ...Plz help!
If you run both of servers on 1 domain (such as www.example.com), and using load balancer (like nginx) to transfer requests to 2 server. You just make sure the config application.secret is the same for both.
If you run on different sub-domain (Recommend), you MUST do like that:
Server should use sub-domain, for example login server is login.example.com and application server is app.example.com
Use config application.defaultCookieDomain=.example.com for both server, then they can use the cookie each others
Make sure both servers have same config application.secret
If you really want to put 2 difference domain, like example.com and example.net. You should implement OAuth on login server and provide API to call from application server.