Thanks. That is what Bob Simons has always told me.
-Roy
> On Nov 20, 2017, at 2:17 PM, Ben Caradoc-Davies <ben@xxxxxxxxxxxx> wrote:
>
> It is a security "feature" that core Java libraries do not honour protocol
> change on redirect:
>
> "After discussion among Java Networking engineers, it is felt that we
> shouldn't automatically follow redirect from one protocol to another, for
> instance, from http to https and vise versa, doing so may have serious
> security consequences. Thus the fix is to return the server responses for
> redirect. Check response code and Location header field value for redirect
> information. It's the application's responsibility to follow the redirect."
> http://bugs.java.com/bugdatabase/view_bug.do?bug_id=4620571
>
> Your update likely included a third-party library with a workaround to allow
> redirect from http to https.
>
> Kind regards,
> Ben.
>
> On 21/11/17 11:03, Roy Mendelssohn - NOAA Federal wrote:
>> Well, I think that is what did it. I had an old version of thredds I just
>> did a download of the thredds.war, and after a lot of re-settings,
>> everything worked.
>> But we have found generally that forced redirects of http do not work
>> correctly in a lot of languages. I just wasted most of today on this.
>> Soo..., more importantly, what should the start of the catalog.xml look
>> like? At present I have:
>>> <?xml version="1.0" encoding="UTF-8"?>
>>> <catalog
>>> xmlns="http://www.unidata.ucar.edu/namespaces/thredds/InvCatalog/v1.0";
>>> xmlns:xlink="http://www.w3.org/1999/xlink";
>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>>>
>>> xsi:schemaLocation="http://www.unidata.ucar.edu/namespaces/thredds/InvCatalog/v1.0
>>> http://www.unidata.ucar.edu/schem
>>> as/thredds/InvCatalog.1.0.6.xsd"
>>> name="ERD THREDDS Data Server"
>>> version="1.0.1" >
>> What should it be? The default that comes with the .war file is:
>>> <?xml version="1.0" encoding="UTF-8"?>
>>> <catalog name="THREDDS Server Default Catalog : You must change this to fit
>>> your server!"
>>>
>>> xmlns="http://www.unidata.ucar.edu/namespaces/thredds/InvCatalog/v1.0";
>>> xmlns:xlink="http://www.w3.org/1999/xlink";
>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>>>
>>> xsi:schemaLocation="http://www.unidata.ucar.edu/namespaces/thredds/InvCatalog/v1.0
>>>
>>> http://www.unidata.ucar.edu/schemas/thredds/InvCatalog.1.0.6.xsd";>
>>>
>> And fair warning to all - please don't make such changes without telling
>> people beforehand.
>> Thanks,
>> -Roy
>>> On Nov 20, 2017, at 1:44 PM, Sean Arms <sarms@xxxxxxxx> wrote:
>>>
>>> Roy,
>>>
>>> It looks like, just today, we started forcing all network traffic to our
>>> main site, www.undiata.ucar.edu, to use https. I am wondering if the
>>> version of the TDS you are using isn't handling the redirect. Can you try
>>> to update the xmlns attribute in the catalog elements for your config
>>> catalogs to use https instead of http? For example, from this
>>>
>>> <catalog
>>> xmlns="http://www.unidata.ucar.edu/namespaces/thredds/InvCatalog/v1.0";
>>>
>>> to
>>>
>>> <catalog
>>> xmlns="https://www.unidata.ucar.edu/namespaces/thredds/InvCatalog/v1.0";
>>>
>>> Thanks!
>>>
>>> Sean
>>>
>>>
>>> On Mon, Nov 20, 2017 at 2:10 PM, Sean Arms <sarms@xxxxxxxx> wrote:
>>> Greetings Roy,
>>>
>>> I am unable to reproduce locally or on any of our systems. Which version of
>>> the TDS are you using? How long has it been since it was last rebooted? I
>>> just checked on our webserver, and the InvCatalog.1.0.6.xsd has not been
>>> touched since July 24, 2014.
>>>
>>> Cheers,
>>>
>>> Sean
>>>
>>>
>>> On Mon, Nov 20, 2017 at 1:27 PM, Roy Mendelssohn - NOAA Federal
>>> <roy.mendelssohn@xxxxxxxx> wrote:
>>> Hi All:
>>>
>>> I had a TDS that was running just fine. I did a reboot, with no other
>>> changes and it failed. The error message I get ins the catalog.init.log is:
>>>
>>>> Catalog init catalog.xml
>>>> [2017-11-20T20:14:39.799Z]
>>>>
>>>> -------readCatalog(): full
>>>> path=/usr/local/apache-tomcat-8.5.23/content/thredds/catalog.xml;
>>>> path=catalog.xml
>>>> *** ERROR invalid catalog -- ----Catalog Validation
>>>> **Fatal: InvCatalogFactory.readXML failed
>>>> Exception= org.jdom2.input.JDOMParseException Error on line 1 of document
>>>> http://www.unidata.ucar.edu/schemas/thredds/InvCat
>>>> alog.1.0.6.xsd: White spaces are required between publicId and systemId.
>>>> fatalMessages= *** XML parser fatalError (1:50)= White spaces are
>>>> required between publicId and systemId.
>>>>
>>>> errMessages=
>>>> warnMessages=
>>>>
>>>> *** ERROR initCatalog(): failed to read catalog
>>>> </usr/local/apache-tomcat-8.5.23/content/thredds/catalog.xml>.
>>>
>>> Just to be certain, I got the latest tomcat, set that up, copied over the
>>> tomcat.war file - so this is a clean install with none of my files, and it
>>> failed with the same error.
>>>
>>> If I read the error message correct it says there is a problem with:
>>>
>>>> http://www.unidata.ucar.edu/schemas/thredds/InvCatalog.1.0.6.xsd
>>>
>>> Please could you look into this, because or give some other suggestion
>>> because i can't do a successful restart if I get this error.
>>>
>>> Thanks,
>>>
>>> -Roy
>>>
>>> **********************
>>> "The contents of this message do not reflect any position of the U.S.
>>> Government or NOAA."
>>> **********************
>>> Roy Mendelssohn
>>> Supervisory Operations Research Analyst
>>> NOAA/NMFS
>>> Environmental Research Division
>>> Southwest Fisheries Science Center
>>> ***Note new street address***
>>> 110 McAllister Way
>>> Santa Cruz, CA 95060
>>> Phone: (831)-420-3666
>>> Fax: (831) 420-3980
>>> e-mail: Roy.Mendelssohn@xxxxxxxx www: http://www.pfeg.noaa.gov/
>>>
>>> "Old age and treachery will overcome youth and skill."
>>> "From those who have been given much, much will be expected"
>>> "the arc of the moral universe is long, but it bends toward justice" -MLK
>>> Jr.
>>>
>>> _______________________________________________
>>> NOTE: All exchanges posted to Unidata maintained email lists are
>>> recorded in the Unidata inquiry tracking system and made publicly
>>> available through the web. Users who post to any of the lists we
>>> maintain are reminded to remove any personal information that they
>>> do not want to be made public.
>>>
>>>
>>> thredds mailing list
>>> thredds@xxxxxxxxxxxxxxxx
>>> For list information or to unsubscribe, visit:
>>> http://www.unidata.ucar.edu/mailing_lists/
>>>
>>>
>> **********************
>> "The contents of this message do not reflect any position of the U.S.
>> Government or NOAA."
>> **********************
>> Roy Mendelssohn
>> Supervisory Operations Research Analyst
>> NOAA/NMFS
>> Environmental Research Division
>> Southwest Fisheries Science Center
>> ***Note new street address***
>> 110 McAllister Way
>> Santa Cruz, CA 95060
>> Phone: (831)-420-3666
>> Fax: (831) 420-3980
>> e-mail: Roy.Mendelssohn@xxxxxxxx www: http://www.pfeg.noaa.gov/
>> "Old age and treachery will overcome youth and skill."
>> "From those who have been given much, much will be expected"
>> "the arc of the moral universe is long, but it bends toward justice" -MLK Jr.
>> _______________________________________________
>> NOTE: All exchanges posted to Unidata maintained email lists are
>> recorded in the Unidata inquiry tracking system and made publicly
>> available through the web. Users who post to any of the lists we
>> maintain are reminded to remove any personal information that they
>> do not want to be made public.
>> thredds mailing list
>> thredds@xxxxxxxxxxxxxxxx
>> For list information or to unsubscribe, visit:
>> http://www.unidata.ucar.edu/mailing_lists/
>
> --
> Ben Caradoc-Davies <ben@xxxxxxxxxxxx>
> Director
> Transient Software Limited <http://transient.nz/>
> New Zealand
>
**********************
"The contents of this message do not reflect any position of the U.S.
Government or NOAA."
**********************
Roy Mendelssohn
Supervisory Operations Research Analyst
NOAA/NMFS
Environmental Research Division
Southwest Fisheries Science Center
***Note new street address***
110 McAllister Way
Santa Cruz, CA 95060
Phone: (831)-420-3666
Fax: (831) 420-3980
e-mail: Roy.Mendelssohn@xxxxxxxx www: http://www.pfeg.noaa.gov/
"Old age and treachery will overcome youth and skill."
"From those who have been given much, much will be expected"
"the arc of the moral universe is long, but it bends toward justice" -MLK Jr.
