Thanks for the answers. We will try adding the "X-Forwarded-Proto:
https" header to our requests.
/Kim
2019-06-14 11:34 skrev Chris Poulsen:
Hi,
We use:
// default to non-secure pages (allows us to support both http and
https
based on the request)
configuration.add( SymbolConstants.SECURE_ENABLED, "false" );
And always have an upstream proxy for performing SSL termination. This
relies on the X-Forward-* headers being set and handled correctly by
the
various servers.
--
Chris
On Fri, Jun 14, 2019 at 10:06 AM Dmitry Gusev <dmitry.gu...@gmail.com>
wrote:
Hi,
I'd suggest to check value of `Request#isSecure()`, it looks like it's
false.
It can happen if your WebSphere is behind a proxy/load balancer which
terminates SSL,
in this case you may need to configure WebSphere to acknowledge the
x-forwarded-proto HTTP header.
On Fri, Jun 14, 2019 at 9:17 AM Kim Syväluoma <kim....@aland.net>
wrote:
> We have a Tapestry application which we need to use over HTTPS only. We
> are using Weblogic only.
>
> We have these set in the AppModule of the Tapestry application:
>
> public static void contributeApplicationDefaults(
> final MappedConfiguration<String, String> configuration) {
> configuration.add("tapestry.supported-locales", "en");
> configuration.add("tapestry.start-page-name", "start");
> configuration.add(SymbolConstants.HOSTPORT_SECURE, "443");
> configuration.add(SymbolConstants.SECURE_ENABLED, "true");
> }
>
> public static void contributeMetaDataLocator(final
> MappedConfiguration<String, String> configuration) {
> configuration.add(MetaDataConstants.SECURE_PAGE, "true");
> }
>
> In the Start page we have a redirect like this:
>
> final Object onActivate() {
> if (!this.sessionHandler.isLoggedIn()) {
> return this.loginPage;
> }
> return this.mainFrameSet;
> }
>
> We we try to access our app by HTTPS at root or directly at the start
> page, loginPage or mainFrameSet page we get infinite redirect loop (302)
> to the same page we are accessing.
>
> If we set the MetaDataConstants.SECURE_PAGE to false we can access our
> app over HTTPS but all page requests/links within the app is then done
> over HTTP and that does not work.
> We need to have all functionality within the app to work over, and using
> only, HTTPS.
>
> What have we missed?
>
> Br,
> Kim
>
> --
> ¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤øø¤º°`°º¤ø,¸¸,ø¤
> Name: | Kim Syväluoma |
> Email: | kim....@aland.net |
> Tel (GSM): | +358 (0)40 592 5267 |
> Tel Work: | +358 (0)20 7910 666 |
> =========================================================
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
--
Dmitry Gusev
AnjLab Team
http://anjlab.com
--
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤øø¤º°`°º¤ø,¸¸,ø¤
Name: | Kim Syväluoma |
Email: | kim....@aland.net |
Tel (GSM): | +358 (0)40 592 5267 |
Tel Work: | +358 (0)20 7910 666 |
=========================================================
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
