This is surely a gap in my understanding so I am hoping someone could help clarify.
Over here in the phoenix docs, it says:
# If you are doing OTP releases, you need to instruct Phoenix
# to start the server for all endpoints:
#
config :phoenix, :serve_endpoints, true
I am not quite sure, what effect this has on a simple app, but actually not setting this also seems to work. In fact, enabling this is causing the below error:
"phoenix cookie store expects conn.secret_key_base to be set"
What is this setting for and why is it needed? If it is not enabled, everything seems to work ok.
Phoenix docs are outdated.
As I can see you'v forgot your prod.secret.exs while compiling.
In case you are building that for test purpose and it's not recommended to be in production but could be set like that:
# Configures the endpoint
config :hello_phoenix, HelloPhoenix.Endpoint,
secret_key_base: "SECRET_KEY"
Related
I realized my first WebApp with Vaadin 14 and deployed it to Tomcat 9 on the production server.
So far everything is working great, but when I'm using a non-existing route in the client browser the system responds with a plain text list of all available routes and shows even the following line on the bottom:
"This detailed message is only shown when running in development mode."
I have created the WAR-file with "-pProduction" and the startup-log of Tomcat does not show any dev-mode-message.
Any ideas what happens here? Thanks for reading my first question on this platform!
I worked my way through the Vaadin docs and tried the following entry in application.properties:
vaadin.productionMode=true
But nothing changed?
This is a known vulnetability CVE-2021-31413 in Vaadin 14.6.1 and older versions. The resolution is to update the Vaadin version to 14.6.2. The latest version is 14.9.1 as of writing this. Naturally I recommend that.
https://vaadin.com/security/cve-2021-31412
I' trying to execute the OAuth 2.0 PKCE demo with a VueJs app outlined here:
https://developer.okta.com/blog/2019/08/22/okta-authjs-pkce
https://github.com/oktadeveloper/okta-auth-js-pkce-example
Once in the Heroku App I have these Environment Variables:
Everything appears to be running fine except for the fact that the variables OKTA_CLIENT_ORGURL and OKTA_OAUTH2_ISSUER were refering to an incorrect dev-XXXXXX address, the correct one is the one shown on the picture (dev-371167), before it was someone else's url (dev-739491) for some reason.
The problem is that after making the changes shown in the image to the correct dev url, it's still making the calls to the old dev-739491 url.
Heroku doesn't seem to be refreshing or making the desired changes in the app.
Am I missing an option to refresh? Is it possible to rebuild so it reads the new changes? Could the problem be in the code/build itself?
Thanks.
EDIT: As per the suggestion in the comment I turned the app off then on again and it still didn't make the changes.
This is what my screen looks like:
EDIT 2: I have since deployed the same app two more times and reading the build logs it assigns a random CLIENT_ID and URls. Each deployed app has a different pair of these. I don't know where they come from.
I wrote the Okta Heroku Add-On. I'm looking into the behavior you're seeing.
When you change the environment variables, heroku should restart your app automatically.
So, the two issues are that the environment variables didn't match you saw in Heroku didn't match with what you expected them to be and that the app doesn't seem to be picking up on the environment variables.
How did you know that dev-371167 was the correct org and that dev-739491 was incorrect?
When you say you deployed the app two more times, what exactly are you doing to deploy? Are you using the Heroku cli?
I am using UAA "cloudfoundry-identity-uaa-4.14.0.war" and could see there are no where i can change the log level. Few places i have changed but that does not work. Even tried using the latest version which is 4.30.0, but still it doesn't work. Can anyone please suggest some solutions?
uaa.logging_level appears to be in reference to a property supported by the BOSH release. There is no direct equivalent in the UAA.
In application.properties i've specified :
vaadin.servlet.productionMode=true
and relaunched application server. However, I still can relaunch app via adding ?restartApplication at the end of url. According to documentation, productionMode=true is cure for this.
The question is - did i miss something?
Thanks
You didn't miss anything, ?restartApplication works also in production mode.
it is the first time I ask for something so sorry if I'm not enough precise!
I tried to upload my rails app on heroku using enabling the user-env-compile to manage my secret keys but I have an error "No such feature: user-env-compile".
I checked on Heroku devcenter and seems that user-env-compile has been deprecated and replaced by the ENV_DIR argument.
Here the link:
https://devcenter.heroku.com/articles/labs-user-env-compile
I cant really get what to do! can someone explain better to me what I'm supposed to do?
thank you,
Federico
You don't have to do anything (the labs is deprecated and you should delete it), by default now heroku is exporting your environement variables during slug compilation.
Be careful, it is not recommended to use the environement variable during slug compilation (you can check http://12factor.net/ for more informations)
Hope it helps.