Yes thats the case, all redirects are changed to https, but thats what I need as the all pages should be ssl encoded. In fact the logic I have in there is that it actually only converts the redirects if the hostname got a specific IP, domain (which are configured using Filter Params) in order to do local development and testing without the need of a loadbalancer to be in place.
Bjoern > -----Ursprüngliche Nachricht----- > Von: Adam Hardy [mailto:[EMAIL PROTECTED] > Gesendet: Mittwoch, 7. September 2005 16:30 > An: Struts Users Mailing List > Betreff: Re: AW: Struts in loadbalanced enviroment > > Hi there, > > this approach I presume restricts you to SSL only on all your > redirects > - or do you have logic in there to determine whether any > particular URL has to be SSL encoded or not? > > Am I correct in thinking that the use of the load-balancer to > do the SSL-encoding prevents the use of container-managed > security in a distributed environment? > > > Adam > > Eickvonder Bjoern on 06/09/05 12:04, wrote: > > Hello, > > > > we solved this problem by using a "redirect"-filter over > the whole application that wraps the HttpServletResponse. > This HttpServletResponseWrapper overwrites the sendRedirect > method such that it replaces http by https. As every > redirect-request goes through this method you got what you want. > > > > Bjoern Eickvonder > > > > > >>-----Ursprüngliche Nachricht----- > >>Von: Fritsch, Andre [mailto:[EMAIL PROTECTED] > >>Gesendet: Dienstag, 6. September 2005 08:55 > >>An: user@struts.apache.org > >>Betreff: Struts in loadbalanced enviroment > >> > >>Hello to everyone in the struts user-group! > >> > >>In our productive environment we have a problem concerning struts > >>redirects behind our load balanced servers. Queries to the running > >>struts applications are sent by https protocol towards the load > >>balancer which receives the query, terminates ssl and > forwards plain > >>http to a Jboss application server in which the struts > application is > >>running. Our problem is that struts receives the query in http and > >>uses this protocol for the redirect but we would need https to > >>recontact the load balancer correctly with ssl. We have a 4 step > >>development process from the developer pc to our test > system and then > >>via our integration system to the productive environment. The > >>developer pc, our test system and our integration system > does not use > >>ssl and the test and integration system is not load balanced. To > >>support high availability our productive system is load > balanced to 4 > >>servers and uses ssl connection. We know that it is > possible to solve > >>it hard coded either by defining absolute links or define a > forward in > >>the struts config xml. But our release workflow through the > 4 steps is > >>mostly automated so that this would cause extensive administrative > >>input for every application that passes a development > phase. Therefore > >>we are looking for a possibility to specify a global > parameter so that > >>struts redirects are sent by pre defined protocol. Http: > >>on the developer pc, the test and integration system. Https: > >>on our productive system. Is it possible to specify such a > parameter > >>or is there another possibility to override the protocol not > >>restricting the use of relative links? > >> > >> > >>Kind Regards, > >> > >>André Fritsch > > > ____________ Virus checked by G DATA AntiVirusKit Version: AVK 16.355 from 07.09.2005 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
