Hi Dave et al,
Did you find an OK solution to this? I too am hoping to have Apache look after
https and feed only http to the web server, but any page marked @Secure will
reject http and redirect to https, so you end in a loop bouncing between
browser and webserver via Apache.
Cheers,
Geoff
On 20/05/2009, at 1:02 AM, Dave Greggory wrote:
>
> I'm attempting to contribute my own RequestSecurityManager, but if anybody
> else has a better idea where I don't have to touch internal stuff let me know.
>
>
>
> ----- Original Message ----
> From: Dave Greggory <davegregg...@yahoo.com>
> To: Tapestry users <users@tapestry.apache.org>
> Sent: Tuesday, May 19, 2009 10:51:41 AM
> Subject: Re: [t5.0.18] Secure Annotation / BaseURLSource
>
>
> Well looks like our internal network structure is pretty set and can't be
> changed.
>
> Users <-- internet (http / https connections ) --> load balancer/firewall <--
> internal network (http) --> tomcat
>
> We have a way of determining from within a tomcat application whether
> internet connection to firewall is secure. This can be done because the
> firewall adds a request header indicating SSL status. This is how we usually
> determine this. Can I get tapestry use my helper method that does this check
> to determine whether the connection was secure? How can I get secure
> connections working in this situation?
>
> Thanks so much.
> Dave
>
>
>
>
> ----- Original Message ----
> From: Dave Greggory <davegregg...@yahoo.com>
> To: Tapestry users <users@tapestry.apache.org>
> Sent: Monday, May 18, 2009 12:16:36 PM
> Subject: Re: [t5.0.18] Secure Annotation / BaseURLSource
>
>
> Don't worry about it, turns out our internal network is screwed up...
> connections between users and the load balancer is secure, but not between
> load balancer and app server.
>
>
>
> ----- Original Message ----
> From: Dave Greggory <davegregg...@yahoo.com>
> To: Tapestry users <users@tapestry.apache.org>
> Sent: Monday, May 18, 2009 11:56:56 AM
> Subject: Re: [t5.0.18] Secure Annotation / BaseURLSource
>
>
> obviously, it is.
>
>
>
> ----- Original Message ----
> From: Martin Strand <do.not.eat.yellow.s...@gmail.com>
> To: Tapestry users <users@tapestry.apache.org>
> Sent: Monday, May 18, 2009 11:40:40 AM
> Subject: Re: [t5.0.18] Secure Annotation / BaseURLSource
>
> Just a guess... perhaps baseSecureURL is not an https url?
>
>
> On Mon, 18 May 2009 15:15:50 +0200, Dave Greggory <davegregg...@yahoo.com>
> wrote:
>
>>
>> I've been using BaseURLSource(since behind a firewall/load balancer) fine
>> all this time, and recently I needed a secure page, so I added the @Secure
>> annotation on that page. But that page is no longer working because @Secure
>> annotation ends up sending continuous redirects. What am I doing wrong?
>>
>> My BaseURLSource implementation:
>>
>> BaseURLSource source = new BaseURLSource()
>> {
>> public String getBaseURL(boolean secure)
>> {
>> return (secure) ? baseURL : baseSecureURL;
>> }
>> }
>>
>> Thanks,
>> Dave
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
