-
Notifications
You must be signed in to change notification settings - Fork 37
Running
According to the PEPPOL specification an SMP MUST run in the root of a domain (like http://smp.example.org
) and must use port 80. Additionally the use of https for the GET requests (defined by the SMP specification) is not allowed.
Please see the special requirements for different application servers before deploying:
After starting up the SMP and navigating to the respective address in your browser (e.g. http://localhost:8080/smp
or http://localhost:80
or http://smp.example.org
- whatever address and port you are using) you will see an overview of all service groups managed on this server.
To login to the management area use the username [email protected]
and the password password
for the initial login. Afterwards modify this in the user management!
You may use the default WAR file for your SMP server if you specify the absolute paths to webapp.properties
and smp-server.properties
via the respective system properties peppol.smp.webapp.properties.path
(or smp.webapp.properties.path
) and peppol.smp.server.properties.path
(or smp.server.properties.path
) when you start your application server. See Configuration for the content of the configuration files.
Example system parameters where both files are in directory /var/smpserver/
:
-Dpeppol.smp.webapp.properties.path=/var/smpserver/webapp.properties
-Dpeppol.smp.server.properties.path=/var/smpserver/smp-server.properties
If the PEPPOL Directory integration is enabled you may want to add the path to the pd-client.properties
also via system parameters like this:
-Dpeppol.pd.client.properties.path=/var/smpserver/pd-client.properties
Please note that in case of external properties files all data paths in the configuration files must also be specified absolute.
It is possible to run the SMP on an Tomcat (or the like) that is proxied via an httpd (e.g. per mod_jk
or mod_proxy
) to the public.
In this case and the SMP runs on Tomcat in a context different than ROOT, it is important to
- set the
smp.forceroot
configuration property totrue
(see Configuration for details) and - to change the path of the SMP session cookie (usually JSESSIONID) from the original path to the destination path as well
Assuming you want to proxy the SMP from a local Tomcat (with active AJP connector on port 8009) running in context path /smp
to the domain test-smp.example.org
you might consider adding something (similar to) the following to your httpd VirtualHost
configuration:
ServerName test-smp.example.org:80
AllowEncodedSlashes NoDecode
# Remove an optional 'Secure' flag from the cookie named JSESSIONID
Header edit "Set-Cookie: JSESSIONID=" Secure " "
ProxyPass / ajp://127.0.0.1:8009/smp/ nocanon
ProxyPassReverse / ajp://127.0.0.1:8009/smp/
ProxyPassReverse / http://test-smp.example.org/smp/
# Change the path of the cookies as well (from "/smp" to "/")
ProxyPassReverseCookiePath /smp /
Note: You can also proxy to http instead of ajp. In that case replace ajp://127.0.0.1:8009/smp/
with http://127.0.0.1:8080/smp/
(assuming Tomcat running on port 8080)
Important: This must be the very first VirtualHost
element in your configuration to handle arbitrary names. See the last comment of https://github.com/phax/peppol-smp-server/issues/5 on this.
Note: For test SMPs (registering participants to the SMK) you might want to add ServerAlias *.acc.edelivery.tech.ec.europa.eu
and for production SMPs (registering to SML) you could add ServerAlias *.edelivery.tech.ec.europa.eu
. If both SMPs are on one server, make sure the test VirtualHost is before the production VirtualHost so that the .acc.
entries are surely handled by the test system.
It is possible to run the SMP on an Tomcat (or the like) that is proxied via an nginx to the public. In this case and the SMP runs on Tomcat in a context different than ROOT, it is important to
- set the
smp.forceroot
configuration property totrue
(see Configuration for details) and - to change the path of the SMP session cookie (usually JSESSIONID) from the original path to the destination path as well
By default nginx uses HTTP 1.0 so it is important to add the proxy-statement to switch to HTTP 1.1.
The name peppolXX
is just a placeholder that you can change. The XX
is just added to clearly identify where the palceholder is used. The following configuration assumes that the SMNP software is running on Tomcat on the same host on port 8080 in the context /smp
. The public DNS name of the server in the below configuration is smp.example.org
.
The second server_name
property is required to take arbitrary requests from PEPPOL SMK based requests (server_name *.acc.edelivery.tech.ec.europa.eu
). For PEPPOL production SML usage, change this to server_name *.edelivery.tech.ec.europa.eu
. Hint: when proxying test and production with the same nginx instance, ensure the order is correct, as the production URLs are a subset of the test URLs (so test must come before production).
upstream peppolXX {
server 127.0.0.1:8080;
}
server {
listen 80;
server_name smp.example.org;
server_name *.acc.edelivery.tech.ec.europa.eu;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_cookie_path /smp /;
proxy_http_version 1.1;
proxy_pass http://peppolXX/smp/;
}
}
The dynamic nature of SMP requests always lead to problems with IIS configuration, because the number of source domains can be very dynamic.
Luckily starting with IIS 10 there is a solution called "Wildcard Host Header Support". See https://docs.microsoft.com/en-us/iis/get-started/whats-new-in-iis-10/wildcard-host-header-support for details. According to this site, versions prior to IIS 10 are not supported.
See the image below for an example configuration:
It is appreciated if you star the GitHub project if you like it.
Donation link: https://paypal.me/PhilipHelger
- Home
- News and noteworthy
- Migrations
- Download
- Features
- Configuration
- Running
- Source related
- Other information
- Future plans
- License
- Release Tasks