Hello,

As the SSL part is totally managed by the load balancer, you could
simply disable security check in Tapestry using the symbol
tapestry.secure-enabled = false (default value is the same as
tapestry.production-mode, this is maybe why you don't have any problem
on other servers where tapestry.production-mode is false).

http://tapestry.apache.org/configuration.html#Configuration-tapestry.secureenabled

If this doesn't correct it, you could try something like this as all
your site is under https (if I understood correctly)

public static void
contributeServiceOverride(MappedConfiguration<Class,Object>
configuration)
    {
        BaseURLSource source = new BaseURLSource()
        {
            public String getBaseURL(boolean secure)
            {
                return https://secure.mysite.com;
            }
        };


Denis

2011/9/19 Michael Molloy <tapestrya...@gmail.com>:
> Thanks, I was too sleepy (and desperate) to remember that last night. There 
> is no SSL going on between the apache server and the tomcat server.
>
> Concerning the proxy link you listed below, there are already several 
> production non-Tapestry apps running in this configuration, and none of them 
> have this problem. In addition, I'm having the exact same problem on both a 
> staging server and in my production servers. That's why I thought it was 
> something peculiar to Tapestry that I'm just not familiar with yet. Worst 
> case, I can set up a new Tomcat specifically for this application and try to 
> configure it differently than the other ones, but I would prefer not to, of 
> course.
>
> Do you see what I might be doing wrong with the BaseUrlSource method I added 
> to AppModule? I was really hoping that this would take care of it.
>
> public static void 
> contributeServiceOverride(MappedConfiguration<Class,Object> configuration)
>    {
>        BaseURLSource source = new BaseURLSource()
>        {
>            public String getBaseURL(boolean secure)
>            {
>                String protocol = secure ? "https" : "http";
>
>                int port = secure ? 443 : 8080;
>
>                return String.format("%s://secure.mysite.com:%d", protocol, 
> port);
>            }
>        };
>
>        configuration.add(BaseURLSource.class, source);
>    }
>
> Thank you for your help.
>
> --Michael
>
> On Sep 19, 2011, at 4:26 AM, Denis Delangle wrote:
>
>> Hello,
>>
>> As https is managed by your load balancer, you don't think you need to
>> add @secure annotations on Tapestry pages. Communication between load
>> balancer and tomcat is done in HTTP
>> Even if you stay all the time in https, Tapestry needs to send
>> redirects to clients on form submissions (GET after POST). To do that,
>> it needs the full url to redirect to.
>>
>> You can either contribute expected serveur name in tapestry with 
>> BaseUrlSource
>> or in Tomcat using proxy information
>> http://tomcat.apache.org/tomcat-7.0-doc/proxy-howto.html
>>
>> Hope that helps,
>>
>> Denis
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org

Reply via email to