I'm having trouble deploying a non-backend project to Heroku.
This is a three.js project without any files that contain any server setup or backend handling what so ever.
I know Heroku expects you to handle the backend of your project.
I have followed a guide that supposably resolves this issue with a simple PHP one-line-code.
(guide in the following link)
https://www.geeksforgeeks.org/how-to-deploy-a-basic-static-html-website-to-heroku/
yet i am still receiving the following error:
2022-08-21T15:07:42.323670+00:00 heroku[router]: at=error code=H10 desc="App crashed" method=GET path="/" host=aviv-shleyfman.herokuapp.com request_id=489ae888-d2bf-4e44-ad3e-69571e21d73a fwd="79.177.54.115" dyno= connect= service= status=503 bytes= protocol=https
2022-08-21T15:07:43.040882+00:00 heroku[router]: at=error code=H10 desc="App crashed" method=GET path="/favicon.ico" host=aviv-shleyfman.herokuapp.com request_id=3e95892f-9879-42e7-9960-cbff8ed98835 fwd="79.177.54.115" dyno= connect= service= status=503 bytes= protocol=https
2022-08-21T15:07:52.543530+00:00 heroku[router]: at=error code=H10 desc="App crashed" method=GET path="/" host=aviv-shleyfman.herokuapp.com request_id=1244f5f5-d0ce-4015-8136-7bf183e15a18 fwd="79.177.54.115" dyno= connect= service= status=503 bytes= protocol=https
2022-08-21T15:07:52.952393+00:00 heroku[router]: at=error code=H10 desc="App crashed" method=GET path="/favicon.ico" host=aviv-shleyfman.herokuapp.com request_id=2de52081-a70f-479f-99d1-2a07ce03c4d7 fwd="79.177.54.115" dyno= connect= service= status=503 bytes= protocol=https
I have tried to find a solution online - but I have encountered only suggestions regarding backend problems.
Any suggestions why possibly am I receiving this error?
Related
I have recently upgraded a web application from JSF 1.2 to JSF 2.2 as well as RF 3.3.3 to RF 4.5.7. I'm currently experiencing console errors when loading the first login.html page. This only happens when either the page is first loaded or when I refresh (F5 or shift F5). When I log in and log out again I don't receive these errors! The URL is exactly the same, e.g. host:port/xxx/login.html
This issue only occurs on this page. I'm using Spring (3.1.0) for the login although not sure if the issue is related. Security config in applicationContext.xml is:
<sec:http auto-config='true' pattern="/login.html*" security="none"/>
<sec:http pattern="/a4j/**" security="none"/>
<sec:http pattern="/css/**" security="none"/>
<sec:http pattern="/img/**" security="none"/>
<sec:http realm="Name goes here">
<sec:form-login login-processing-url="/j_spring_security_check"
login-page="/login.html"
authentication-failure-url="/login.html?fail"
default-target-url="/main.html"
always-use-default-target="true"/>
<sec:logout logout-url="/logout.html"/>
<sec:intercept-url pattern="/**" access="ROLE_USER"/>
</sec:http>
and in login.xhtml:
<form id="frm-login" action="j_spring_security_check" method="post">
<label class="above">Username<h:inputText id="j_username" /></label>
<rich:jQuery selector="#j_username" query="focus()"/><br/>
<label class="above">Password<h:inputSecret id="j_password" /></label><br/>
<h:commandButton id="submit" name="submit" type="submit" value="Login"> </h:commandButton>
</form>
Before the upgrade this was fine. Using Firebug I have compared the generated HTML between the times where I see console errors and times I don't.
Bad
Good
I believe I have applied all necessary updates such as removing old jar files (including removal of redundant Facelets 1.1.14, view handler references), updating RF code, XHTML page code and namespaces as well as web.xml and faces-config.xml updates.
One thing I do know is that when I comment out the following config I do not receive the error. So somehow this is interfering with the loading of resources on this page.
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
Any ideas how to resolve this? Apologies in advance if I have missed some vital information required in helping resolve this.
UPDATE 1:
Images taken when loading page using Network tab on google chrome:
Bad
Good
UPDATE 2:
Good
Bad
Ok I found it (with some helpful pointers from BallusC). After the upgrade I had to update the security config in applicationContext.xml as follows:
<sec:http auto-config='true' pattern="/login.html*" security="none"/>
<sec:http pattern="/a4j/**" security="none"/>
<sec:http pattern="/css/**" security="none"/>
<sec:http pattern="/img/**" security="none"/>
<sec:http realm="name goes here">
<sec:form-login login-processing-url="/j_spring_security_check"
login-page="/login.html"
authentication-failure-url="/login.html?fail"
default-target-url="/main.html"
always-use-default-target="true"/>
<sec:logout logout-url="/logout.html"/>
<sec:intercept-url pattern="/login.html*" access="ROLE_USER"/>
<sec:intercept-url pattern="/a4j/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<sec:intercept-url pattern="/css/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<sec:intercept-url pattern="/img/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
</sec:http>
The root cause of my issue above was having the following entry in applicationContext.xml:
<sec:intercept-url pattern="/**" access="ROLE_USER"/>
I have successfully setup an application using Spring Security. When users request the secured pages, Spring automatically redirects these users to a HTTPS page.
<http auto-config="true" use-expressions="true" once-per-request="true" >
<intercept-url pattern="/login" access="permitAll" requires-channel="https"/>
<intercept-url pattern="/my-account" access="isAuthenticated()" requires-channel="https"/>
<logout />
<form-login login-page="/login" />
<port-mappings>
<port-mapping http="8080" https="8443"/>
<port-mapping http="80" https="443"/>
</port-mappings>
</http>
But when the users navigate, the next other pages that does not have sensitive information are still using HTTPS. I would like these normal pages accessed using just HTTP.
Is any intelligent way to do that? All the other pages that I do not configured as HTTPS channel I would like to be accessed using just HTTP. I tried to use some wildcards but without success.
Extra detail:
HTTPS uses more server CPU. I have a lot of requests on some pages and I would like to avoid this extra cost.
Make your entire site HTTPS. Performance change is minimal these days and you won't screw over your users by exposing their session cookies over HTTP.
https://istlsfastyet.com/
In Spring-Security, you can do this way -
<http auto-config="true" use-expressions="true" once-per-request="true" >
<intercept-url pattern="/login" access="permitAll" requires-channel="https"/>
<intercept-url pattern="/my-account" access="isAuthenticated()" requires-channel="https"/>
<intercept-url pattern="/**" access="permitAll" requires-channel="http"/>
All other url's besides "/login" and "/my-account" will be served over http.
In addition to this, you must set the secure flag for the cookie.
By setting the secure flag, the browser will prevent the transmission of a cookie over an unencrypted channel.
https://www.owasp.org/index.php/SecureFlag
Dear All,
We have added Spring Security for our web application. Login url seems like this
https://www.xyz.com/app/login.do
after login it should redirect to other urls with same https protocol. Right now SpringSecurity redirect us to other urls but with http not https.
Please tell us any specific settings are needed.
Thanks,
Op
Within your spring security definitions, inside your intercept-url tag you need to add requires-channel="https"
For example:
<sec:intercept-url pattern="/login.jsp*" requires-channel="https" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<sec:intercept-url pattern="/j_spring_security_check*" requires-channel="https" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<sec:intercept-url pattern="/**" requires-channel="https" access="IS_AUTHENTICATED_FULLY"/>
I am working on a Spring MVC web application. Last week I started adding Sping Secuirty to my project. The problem I am facing concerns session management.
Here is http part of my spring-security.xml
<http auto-config="true">
<intercept-url pattern="/css" filters="none"/>
<intercept-url pattern="/js" filters="none"/>
<intercept-url pattern="/logout" filters="none"/>
<intercept-url pattern="/loginfailed" filters="none"/>
<intercept-url pattern="/login" filters="none"/>
<intercept-url pattern="/**" access="ROLE_USER" />
<form-login login-page="/login" default-target-url="/hello"
authentication-failure-url="/loginfailed" />
<session-management invalid-session-url="/login.jsp?error=sessionExpired" session-authentication-error-url="/login.jsp?error=alreadyLogin">
<concurrency-control max-sessions="1" expired-url="/login.jsp?error=sessionExpiredDuplicateLogin" error-if-maximum-exceeded="false"/>
</session-management>
</http>
Login/logout works fine, but when I try to invalidate user session by trying to login from different browser invalid-session-url="/login.jsp?error=sessionExpired" fails. Browser get redirected, because I see that GET request to login.jsp?error=sessionExpired is being sent. However, web page shows error saying that resource is not available. I suspect that it has something to do with
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass">
<value>org.springframework.web.servlet.view.JstlView</value>
</property>
<property name="prefix">
<value>/WEB-INF/pages/</value>
</property>
<property name="suffix">
<value>.jsp</value>
</property>
</bean>
in my dispatcher-servlet.xml. However, I don't know exactly how to fix this issue. login.jsp is located in WEB-INF/pages/
It seems to me Spring MVC DispatcherServlet couldn't find a mapping for /login.jsp because it's not set as a view that accessible without controller. I'm also assuming you had /login mapped to login.jsp (you did not provide enough info to confirm this), but if this is the case, just use expired-url="/login?error=sessionExpiredDuplicateLogin
You are redirecting to the jsp not the mapped url.
session management tag should be :
<session-management invalid-session-url="/login?error=sessionExpired" session-authentication-error-url="/login?error=alreadyLogin">
<concurrency-control max-sessions="1" expired-url="/login?error=sessionExpiredDuplicateLogin" error-if-maximum-exceeded="false"/>
</session-management>
I am using the technique described in this answer: https://stackoverflow.com/a/7167198/22399 to set up multi-project areas in MVC3. My issue, though, seems to be in configuring IIS Express, not in the technique itself.
I am doing something wrong in Step 7 (using IIS Express.) I keep getting an error saying that it cannot find the views (my test area is called "Sample") Here is the error:
The view 'Index' or its master was not found or no view engine supports the searched locations. The following locations were searched:
~/Areas/Sample/Views/Index/Index.aspx<br />
~/Areas/Sample/Views/Index/Index.ascx<br />
~/Areas/Sample/Views/Shared/Index.aspx<br />
~/Areas/Sample/Views/Shared/Index.ascx<br />
~/Views/Index/Index.aspx<br />
~/Views/Index/Index.ascx<br />
~/Views/Shared/Index.aspx<br />
~/Views/Shared/Index.ascx<br />
~/Areas/Sample/Views/Index/Index.cshtml<br />
~/Areas/Sample/Views/Index/Index.vbhtml<br />
~/Areas/Sample/Views/Shared/Index.cshtml<br />
~/Areas/Sample/Views/Shared/Index.vbhtml<br />
~/Views/Index/Index.cshtml<br />
~/Views/Index/Index.vbhtml<br />
~/Views/Shared/Index.cshtml<br />
~/Views/Shared/Index.vbhtml
My IIS Express applicationhost.config is set up this way:
<site name="Vo.MainSite" id="5">
<application path="/" applicationPool="Clr4IntegratedAppPool">
<virtualDirectory path="/" physicalPath="D:\{LONG PATH}\MainSite\MainSite\MainSite" />
</application>
<application path="/Areas/Sample" applicationPool="Clr4IntegratedAppPool">
<virtualDirectory path="/" physicalPath="D:\{LONG PATH}\Modules\SampleModule\SampleModule.Web" />
</application>
<bindings>
<binding protocol="http" bindingInformation="*:47001:localhost" />
</bindings>
</site>
Which, from everything I am googling, it should be correct. I have the post build process copying the DLL just fine. I can put a breakpoint in the SampleController and the breakpoint gets hit. Everything looks good, except finding the views. Any suggestions?
Be sure your views are marked as embedded resources.