Port 80 appearing while secure is an odd behavior for sure. You can see a little bit more on how that works here.
https://github.com/apache/tapestry-5/blob/e087cad11d609bc251727be91bf3d523811d541d/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/BaseURLSourceImpl.java As far as your infinite loop goes, I'm afraid we're going to have to wait for someone with a little bit more knowledge on that behavior than me. I can't say that I've ever experienced it, so I'm not exactly sure what it's doing. I generally let the application run in both https and http and have apache handle the redirection, but then again, I run my entire app in https, so that may not be a feasible solution for you. On Wed, Feb 18, 2015 at 12:45 PM, Ben Titmarsh <ben.titma...@hotmail.co.uk> wrote: > That's right and if I don't add > configuration.add(SymbolConstants.HOSTPORT_SECURE, "443"); then all links > to @Secure pages are generated with port 80 too. Not sure why that is.. > > > Date: Wed, 18 Feb 2015 12:40:51 -0500 > > Subject: Re: Weird behaviour generating URLs for HTTPS pages > > From: gchrist...@cardaddy.com > > To: users@tapestry.apache.org > > > > My bad Ben, I was thinking this was something related to > Tapestry-Security > > when I seen your login url example. > > > > So your saying your capable of accessing the pages directly with https:// > > without the use of @Secure, but with @Secure it puts you in an infinite > > loop while trying to access the page? > > > > On Wed, Feb 18, 2015 at 11:56 AM, Ben Titmarsh < > ben.titma...@hotmail.co.uk> > > wrote: > > > > > Hi George, > > > > > > I don't have that property set to anything. My login page is just > called > > > "login" though! This problem is also happening on other pages that I > have > > > marked as secure, for example "register". > > > > > > Links aside I can't even hit those pages without getting caught in a > > > redirect loop, but I can happily hit any other page over https that > does > > > not have the @Secure annotation. I've been looking around trying to > find a > > > filter or something in the Tapestry source that uses this @Secure > > > annotation but can't seem to find it. I'm on Tapestry 5.3.7 for what > > > that's worth. > > > > > > Thanks, > > > Ben. > > > > > > > Date: Wed, 18 Feb 2015 11:47:16 -0500 > > > > Subject: Re: Weird behaviour generating URLs for HTTPS pages > > > > From: gchrist...@cardaddy.com > > > > To: users@tapestry.apache.org > > > > > > > > Hi Ben, what is your LOGIN_URL set too? Your not trying to secure the > > > same > > > > page your LOGIN_URL is set to right? > > > > > > > > Example > > > > configuration.add(SecuritySymbols.LOGIN_URL, "/login"); > > > > > > > > On Wed, Feb 18, 2015 at 11:20 AM, Ben Titmarsh < > > > ben.titma...@hotmail.co.uk> > > > > wrote: > > > > > > > > > Hey Guys, > > > > > > > > > > I've just got my web server set up for SSL and it's working, but am > > > > > experiencing some odd behaviour from Tapestry. I've added the > @Secure > > > > > annotation to one of my pages but by default the link is generated > > > thus: > > > > > > > > > > https://[DOMAIN]:80/login > > > > > > > > > > I tried adding: > > > > > > > > > > configuration.add(SymbolConstants.HOSTPORT_SECURE, "443"); > > > > > > > > > > The link is now generated correctly like this (without a port): > > > > > > > > > > https://[DOMAIN]/login > > > > > > > > > > However when I hit that link, it gets caught in an infinite 302 > > > redirect > > > > > loop. > > > > > > > > > > I can quite happily hit any page without the @Secure annotation > over > > > https > > > > > and it loads fine. > > > > > > > > > > Any pointers? > > > > > > > > > > Thanks, > > > > > Ben. > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > George Christman > > > > CEO > > > > www.CarDaddy.com > > > > P.O. Box 735 > > > > Johnstown, New York > > > > > > > > > > > > > > -- > > George Christman > > CEO > > www.CarDaddy.com > > P.O. Box 735 > > Johnstown, New York > > -- George Christman CEO www.CarDaddy.com P.O. Box 735 Johnstown, New York
