You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-user@portals.apache.org by Woonsan Ko <wo...@yahoo.com> on 2010/02/01 10:49:33 UTC

Re: Rendered URL's don't show 'https'

Hi Brian,

I think you are totally right.
According to PLT.26.3 of the portlet specification, it reads clearly on "secure" attribute: "If the security is not set for a URL, it must stay the same as the security setting of the current request."
So, I'd like to suggest you create a JIRA issue for this.

Kind regards,

Woonsan



----- Original Message ----
> From: Brian Krispinsky <sa...@cox.net>
> To: jetspeed-user@portals.apache.org
> Sent: Sat, January 30, 2010 2:24:13 AM
> Subject: Rendered URL's don't show 'https'
> 
> I'm running Jetspeed 2 using SSL connections on Tomcat 6.  I've noticed that all 
> portlet URL's, in both my portlet application and the Jetspeed Admin application 
> are rendered showing http rather than https.  For example, a URL in a portlet 
> that should link to https://mysite.com/portal/foo instead links to 
> http://mysite/portal/foo.
> 
> I was able to fix this in my application by adding the attribute "secure='true'" 
> to every custom tag.  But this seems unwieldy, as I'd need 
> to change the code of all the Jetspeed portlets to get them working as well.  Is 
> there some kind of configuration setting I can use to default all rendered URL's 
> to https instead of http? 
> 
> Thanks!
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org



      

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org

Re: Rendered URL's don't show 'https'

Posted by Brian Krispinsky <sa...@cox.net>.

Thank you!  Setting 'portalurl.relative.only = true' worked perfectly.


---- Ate Douma <at...@douma.nu> wrote: 
> On 02/01/2010 10:49 AM, Woonsan Ko wrote:
> > Hi Brian,
> >
> > I think you are totally right.
> > According to PLT.26.3 of the portlet specification, it reads clearly on "secure" attribute: "If the security is not set for a URL, it must stay the same as the security setting of the current request."
> > So, I'd like to suggest you create a JIRA issue for this.
> I don't think that will be needed, see below :)
> 
> >
> > Kind regards,
> >
> > Woonsan
> >
> >
> >
> > ----- Original Message ----
> >> From: Brian Krispinsky<sa...@cox.net>
> >> To: jetspeed-user@portals.apache.org
> >> Sent: Sat, January 30, 2010 2:24:13 AM
> >> Subject: Rendered URL's don't show 'https'
> >>
> >> I'm running Jetspeed 2 using SSL connections on Tomcat 6.  I've noticed that all
> >> portlet URL's, in both my portlet application and the Jetspeed Admin application
> >> are rendered showing http rather than https.  For example, a URL in a portlet
> >> that should link to https://mysite.com/portal/foo instead links to
> >> http://mysite/portal/foo.
> >>
> >> I was able to fix this in my application by adding the attribute "secure='true'"
> >> to every custom tag.  But this seems unwieldy, as I'd need
> >> to change the code of all the Jetspeed portlets to get them working as well.  Is
> >> there some kind of configuration setting I can use to default all rendered URL's
> >> to https instead of http?
> 
> Brian,
> 
> We have a configuration property, portalurl.relative.only, which is by default set to false in WEB-INF/conf/jetspeed.properties.
> I think configuring this property to true (preferable in WEB-INF/conf/override.properties) will do the trick for you.
> See also JIRA issue http://issues.apache.org/jira/browse/JS2-275
> 
> 
> Regards,
> 
> Ate
> 
> >>
> >> Thanks!
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> >> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
> >
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> > For additional commands, e-mail: jetspeed-user-help@portals.apache.org
> >
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org

Re: Rendered URL's don't show 'https'

Posted by Ate Douma <at...@douma.nu>.

On 02/01/2010 10:49 AM, Woonsan Ko wrote:
> Hi Brian,
>
> I think you are totally right.
> According to PLT.26.3 of the portlet specification, it reads clearly on "secure" attribute: "If the security is not set for a URL, it must stay the same as the security setting of the current request."
> So, I'd like to suggest you create a JIRA issue for this.
I don't think that will be needed, see below :)

>
> Kind regards,
>
> Woonsan
>
>
>
> ----- Original Message ----
>> From: Brian Krispinsky<sa...@cox.net>
>> To: jetspeed-user@portals.apache.org
>> Sent: Sat, January 30, 2010 2:24:13 AM
>> Subject: Rendered URL's don't show 'https'
>>
>> I'm running Jetspeed 2 using SSL connections on Tomcat 6.  I've noticed that all
>> portlet URL's, in both my portlet application and the Jetspeed Admin application
>> are rendered showing http rather than https.  For example, a URL in a portlet
>> that should link to https://mysite.com/portal/foo instead links to
>> http://mysite/portal/foo.
>>
>> I was able to fix this in my application by adding the attribute "secure='true'"
>> to every custom tag.  But this seems unwieldy, as I'd need
>> to change the code of all the Jetspeed portlets to get them working as well.  Is
>> there some kind of configuration setting I can use to default all rendered URL's
>> to https instead of http?

Brian,

We have a configuration property, portalurl.relative.only, which is by default set to false in WEB-INF/conf/jetspeed.properties.
I think configuring this property to true (preferable in WEB-INF/conf/override.properties) will do the trick for you.
See also JIRA issue http://issues.apache.org/jira/browse/JS2-275


Regards,

Ate

>>
>> Thanks!
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
>> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org