I think the whole thing is not Tapestry related - I guess it's some misconfiguration in your load-balancer, Apache httpd or Tomcat.
The browser is redirected to a HTTP-protocol URL on a HTTPS port (e.g. "http://demo-ccbo.gecko.aw.atos.net:443/";). So somewhere in your config - i guess Tomcat servlet.xml - there has to be something like "HTTP port is 443". Chris 2014/1/15 Dragan Sahpaski <dragan.sahpa...@gmail.com>: > Try putting this in web.xml to force the container to redirect to https. I > have successfully used this couple of years ago but can't remember if I > even knew then about the tapestry approach. > > <security-constraint> > <web-resource-collection> > <web-resource-name>Security</web-resource-name> > <url-pattern>/*</url-pattern> > </web-resource-collection> > <user-data-constraint> > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > </user-data-constraint> > </security-constraint> > > http://stackoverflow.com/questions/7790141/security-constraint-configuration-inside-web-xml-for-tomcat > > Cheers, > Dragan Sahpaski > > > On Wed, Jan 15, 2014 at 2:49 PM, Athneria, Mahendra < > mahendra.athne...@atos.net> wrote: > >> I have checked the spelling, and it is fine. >> >> We are using Tapestry 5.1.0.5 version. Does it work in Tapestry 5.1.0.5 >> version?? >> >> -----Original Message----- >> From: dragan.sahpas...@gmail.com [mailto:dragan.sahpas...@gmail.com] On >> Behalf Of Dragan Sahpaski >> Sent: Wednesday, January 15, 2014 6:29 PM >> To: Tapestry users >> Subject: Re: HTTPS enabled Application >> >> Look for a spelling mistake or use the @Contribute annotation. I don't >> have ANY extra configuration for forcing ssl. >> @Contribute(MetaDataLocator.class) >> public void contributeMetaDataLocator(MappedConfiguration<String, Object> >> configuration) >> { >> configuration.add(MetaDataConstants.SECURE_PAGE, true); } >> >> Assuming tapestry 5.3.7 but as far as i remember it was the same in 5.2. >> >> >> Cheers, >> Dragan Sahpaski >> >> >> On Wed, Jan 15, 2014 at 1:49 PM, Athneria, Mahendra < >> mahendra.athne...@atos.net> wrote: >> >> > Hi Dragan, >> > >> > Thanks for your reply. I have done the same thing. Below is the code >> > from my appmodule.java file. >> > >> > public void contributeMetaDataLocator( >> > MappedConfiguration<String, String> >> > configuration) { >> > configuration.add(MetaDataConstants.SECURE_PAGE, "true"); >> > } >> > >> > Still facing the same issue :( >> > >> > Regards, >> > Mahendra >> > >> > -----Original Message----- >> > From: dragan.sahpas...@gmail.com [mailto:dragan.sahpas...@gmail.com] >> > On Behalf Of Dragan Sahpaski >> > Sent: Wednesday, January 15, 2014 6:14 PM >> > To: Tapestry users >> > Subject: Re: HTTPS enabled Application >> > >> > If you want to force https for ALL pages then the following is simpler >> > then manually putting @Secure on each page. >> > >> > public void contributeMetaDataLocator(MappedConfiguration<String, >> > Object> >> > configuration) >> > { >> > configuration.add(MetaDataConstants.SECURE_PAGE, true); } >> > >> > This is all very well documented here: >> > http://tapestry.apache.org/https.html#HTTPS-SecuringMultiplePages >> > >> > >> > Cheers, >> > Dragan Sahpaski >> > >> > >> > On Wed, Jan 15, 2014 at 1:12 PM, Dmitry Gusev <dmitry.gu...@gmail.com >> > >wrote: >> > >> > > What I suggest is to put @Secure annotation to your pages so that >> > > your links to that pages started with https:// Also if you open >> > > these pages with HTTP Tapestry will do automatic redirect to HTTPS >> > > >> > > >> > > >> > > On Wed, Jan 15, 2014 at 4:02 PM, Athneria, Mahendra < >> > > mahendra.athne...@atos.net> wrote: >> > > >> > > > Hi Dmirty, >> > > > >> > > > Thanks for your reply. I have already made the full application >> > > > secure by adding >> > > > configuration.add(SymbolConstants.*SECURE_ENABLED*, "true") into >> > appmodule.java. >> > > > >> > > > What you are suggesting is to make the one page secure. >> > > > >> > > > Regards, >> > > > Mahendra >> > > > >> > > > -----Original Message----- >> > > > From: Dmitry Gusev [mailto:dmitry.gu...@gmail.com] >> > > > Sent: Wednesday, January 15, 2014 5:20 PM >> > > > To: Tapestry users >> > > > Subject: Re: HTTPS enabled Application >> > > > >> > > > Try putting @org.apache.tapestry5.annotations.Secure annotations >> > > > on your pages. >> > > > >> > > > >> > > > On Wed, Jan 15, 2014 at 3:02 PM, Athneria, Mahendra < >> > > > mahendra.athne...@atos.net> wrote: >> > > > >> > > > > Hi, >> > > > > >> > > > > >> > > > > >> > > > > I am facing issue related to HTTPS in tapestry. My tomcat server >> > > > > is HTTPS enabled. When I try to access the login page of my >> > > > > tapestry application I got below message. >> > > > > >> > > > > >> > > > > "Bad Request >> > > > > >> > > > > Your browser sent a request that this server could not understand. >> > > > > Reason: You're speaking plain HTTP to an SSL-enabled server port. >> > > > > Instead use the HTTPS scheme to access this URL, please. >> > > > > >> > > > > Hint: >> > > > > *https://demo-ccbo.gecko.aw.atos.net/*<https://demo-ccbo.gecko.aw. >> > > > > atos >> > > > > .net/> >> > > > > >> > > > > " >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > My application is secured, I have configured below in >> > > > > appmodule.java >> > > > > >> > > > > >> > > > > >> > > > > "configuration.add(SymbolConstants.*SECURE_ENABLED*, "true")"; >> > > > > >> > > > > >> > > > > >> > > > > Still all the pageLinks and actionLinks generating http request. >> > > > > >> > > > > >> > > > > >> > > > > Any idea guys why it is happening? >> > > > > >> > > > > >> > > > > >> > > > > Regards >> > > > > >> > > > > Mahendra >> > > > > >> > > > >> > > > >> > > > >> > > > -- >> > > > Dmitry Gusev >> > > > >> > > > AnjLab Team >> > > > http://anjlab.com >> > > > >> > > > ------------------------------------------------------------------ >> > > > -- >> > > > - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >> > > > For additional commands, e-mail: users-h...@tapestry.apache.org >> > > > >> > > > >> > > >> > > >> > > -- >> > > Dmitry Gusev >> > > >> > > AnjLab Team >> > > http://anjlab.com >> > > >> > >> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
