Thank you so much, Kalle. I was already thinking that the BaseURLSource code
wasn't being used, but I didn't know why.
I added a new tomcat server to our production environment and set the proxyName
and proxyPort to the values I needed them to be. Still wasn't quite right, but
adding scheme="ht
Took the s out, and it still doesn't appear to be using my BaseURLSource
implementation. I made a standalone class and tried with that as well, and it
made no difference, as expected.
I don't understand why this is not working like the documentation says that it
should.
--Michael
On Sep 19, 2
Sorry, I only did cursory reading of your problem but not sure the
solutions given do anything for you. Your BaseURLSource override looks
ok but are you using container managed security? Because if you are,
baseurlsource never even enters the picture. You get the ip address as
the servername becaus
Indeed, your BaseURLSource solution should have worked fine.
I see you accidentally typed an extra "s" at the end of
"contributeServiceOverrides" but it should have worked anyway since you
used a @Contribute annotation... try removing the extra "s" ?
On Mon, 19 Sep 2011 20:44:13 +0200, Mich
I will look into this because I'm getting desperate. If I can't get this to
work, I'm going to have to rewrite the app using JSPs over the next week.
Obviously, I don't want to do that.
I understand that this comes at it from the apache/tomcat side, and as I said,
I will look into it. However,
This applies to any situation involving a proxy, regardless of SSL.
As I understand your problem, Tomcat does not know its own publicly
exposed protocol/hostname/port, and therefore produces erroneous
links/redirects.
The cause of this is that Tomcat only sees the request sent by the Apache
Made some progress in our staging system. Unfortunately, I don't think it is
going to work in production.
I added the following virtual host configuration to Apache:
Redirect /test_site https://stage.mysite.com/test_site
Now it seems to stay on 443, although it is really just redirecting,
k with
>> https & relative urls ...
>>
>> --
>> View this message in context:
>> http://tapestry.1045711.n5.nabble.com/Problem-pushing-application-to-production-tp4817901p4818037.html
>> Sent from the Tapestry - User mailing list archive at Nabble.com.
&g
I added
configuration.add("tapestry.secure-enabled", "false");
to AppModule.contributeApplicationDefaults.
Unfortunately, it didn't seem to make any difference. In production when the
login form submits, the url changes from
https://secure.mysite.com
to
http://10.180.54.90:8080
which is
If your load balancer handles all of your SSL, you should not worry at all
about secureEnabled (disable it)
and it should all work like a champ.
On Sep 19, 2011, at 11:08 AM, Michael Molloy wrote:
> Unless I'm misunderstanding, I don't think this would apply since all SSL is
> being handled at
Unless I'm misunderstanding, I don't think this would apply since all SSL is
being handled at the load balancer, correct? I apologize, I think I introduced
that confusion at the beginning.
--Michael
On Sep 19, 2011, at 9:52 AM, Martin Strand wrote:
> Typically, when SSL is offloaded to an Apac
The line
>
is commented out in server.xml, so I think you're right, it is the standard
HTTP listener connector.
So is there something on the Tomcat side that needs to change, or is it on the
Apache side?
--Michael
On Sep 19, 2011, at 9:52 AM, Robert Zeigler wrote:
> Looks like you're not
Typically, when SSL is offloaded to an Apache proxy, that proxy should add
a number of X-Forwarded-* headers to any requests sent to the backend.
The servlet container then uses those headers to set up request.scheme,
request.secure, request.remotAddr, etc so that they match the original
requ
Looks like you're not using AJP; that looks like the standard HTTP listener
connector, and the config in apache looks like apache doing the balancing
directly, rather than the AJP worker doing the balancing. You can check for a
line like this in your server.xml file:
The most important part
Unfortunately, the Apache expert is no longer here. Does the following code
from my tomcat server.xml file answer your question? I don't think we're using
AJP or anything else. It looks to me like the Apache server is just sending it
to Tomcat over port 8080.
The corresponding
I have a similar setup and it works without BaseURLSource override.
What I do is use AJP protocol to communicate between apache and Tomcat.
What's your communication medium between apache and tomcat?
On Sep 19, 2011, at 1:50 AM, Michael Molloy wrote:
> I have my first Tapestry application ready f
Hello,
As the SSL part is totally managed by the load balancer, you could
simply disable security check in Tapestry using the symbol
tapestry.secure-enabled = false (default value is the same as
tapestry.production-mode, this is maybe why you don't have any problem
on other servers where tapestry.
Thanks, I was too sleepy (and desperate) to remember that last night. There is
no SSL going on between the apache server and the tomcat server.
Concerning the proxy link you listed below, there are already several
production non-Tapestry apps running in this configuration, and none of them
have
e in context:
> http://tapestry.1045711.n5.nabble.com/Problem-pushing-application-to-production-tp4817901p4818037.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
> -
> To unsubscribe, e-ma
ttp://tapestry.1045711.n5.nabble.com/Problem-pushing-application-to-production-tp4817901p4818037.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
The URL for the login form does not contain the full URL to the server, so
why does Tapestry respond with the IP address?
--Michael
On Mon, Sep 19, 2011 at 1:07 AM, Michael Molloy wrote:
> One other thought. Looking over the http://tapestry.apache.org/https.htmlpage
> again, I notice that it is
One other thought. Looking over the http://tapestry.apache.org/https.html page
again, I notice that it is saying there is a need for that method if your
application has some pages that are secure and others that are not. In my case,
all of mine are secure, so I would think I could just use relat
I have my first Tapestry application ready for production, but I'm having some
problems, and I think it is Tapestry rather than Apache.
We have hardware load balancers sitting in front of two apache httpd servers.
The apache servers sit in front of 4 tomcat servers. SSL is handled by the load
b
23 matches
Mail list logo
