You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by Martin Sachs <sa...@gmail.com> on 2012/11/10 14:42:36 UTC
HttpsMapper: doent work with proxy-ssl termination
Hi *,
i noticed some errors while using the httpsmapper with ssl-termination
on a proxy(nginx, bigip-F5).
Wicket redirects the following sequence:
http://domain.com/test
results in
https://domain.com/test
this url was also redirected with end ?0 but not https. Redirect to
http://domain.com/test?0
I debugged the HttpsMapper and found, that the method
mapHandler(IRequestHandler handler, Request request) causes this problem.
Original wicket-6.2 source
//**
* Creates a url for the handler. Modifies it with the correct
{@link Scheme} if necessary.
*
* @param handler
* @param request
* @return url
*/
final Url mapHandler(IRequestHandler handler, Request request)
{
Url url = delegate.mapHandler(handler);
Scheme desired = getDesiredSchemeFor(handler);
Scheme current = getSchemeOf(request);
if (!desired.isCompatibleWith(current))
{
// the generated url does not have the correct scheme, set
it (which in turn will cause
// the url to be rendered in its full representation)
url.setProtocol(desired.urlName());
url.setPort(desired.getPort(config));
}
return url;
}/
I changed the code to get it work:
/ final Url mapHandler(IRequestHandler handler, Request request)
{
Url url = delegate.mapHandler(handler);
Scheme desired = getDesiredSchemeFor(handler);
if (desired!= Scheme.ANY)
{
// the generated url does not have the correct scheme, set
it (which in turn will cause
// the url to be rendered in its full representation)
url.setProtocol(desired.urlName());
url.setPort(desired.getPort(config));
}
return url;
}/
I dont have a quickstart for this, 'cause you also need a proxy
configuration to get this bug.
What do you mean?
cya
Martin
Re: HttpsMapper: doent work with proxy-ssl termination
Posted by Bas Gooren <ba...@iswd.nl>.
Hi,
If the proxy handles ssl, I assume it forwards the request to wicket
over plain http?
In that case, wicket cannot see (with default config) that the request
was in fact an ssl request.
Have a look at XForwardedRequestWrapper to make wicket aware of the ssl
termination on your proxy.
Met vriendelijke groet,
Kind regards,
Bas Gooren
Op 10-11-2012 14:42, schreef Martin Sachs:
> Hi *,
>
> i noticed some errors while using the httpsmapper with ssl-termination
> on a proxy(nginx, bigip-F5).
>
> Wicket redirects the following sequence:
> http://domain.com/test
> results in
> https://domain.com/test
> this url was also redirected with end ?0 but not https. Redirect to
> http://domain.com/test?0
>
> I debugged the HttpsMapper and found, that the method
> mapHandler(IRequestHandler handler, Request request) causes this problem.
>
> Original wicket-6.2 source
> //**
> * Creates a url for the handler. Modifies it with the correct
> {@link Scheme} if necessary.
> *
> * @param handler
> * @param request
> * @return url
> */
> final Url mapHandler(IRequestHandler handler, Request request)
> {
> Url url = delegate.mapHandler(handler);
>
> Scheme desired = getDesiredSchemeFor(handler);
> Scheme current = getSchemeOf(request);
> if (!desired.isCompatibleWith(current))
> {
> // the generated url does not have the correct scheme, set
> it (which in turn will cause
> // the url to be rendered in its full representation)
> url.setProtocol(desired.urlName());
> url.setPort(desired.getPort(config));
> }
> return url;
> }/
>
> I changed the code to get it work:
> / final Url mapHandler(IRequestHandler handler, Request request)
> {
> Url url = delegate.mapHandler(handler);
>
> Scheme desired = getDesiredSchemeFor(handler);
> if (desired!= Scheme.ANY)
> {
> // the generated url does not have the correct scheme, set
> it (which in turn will cause
> // the url to be rendered in its full representation)
> url.setProtocol(desired.urlName());
> url.setPort(desired.getPort(config));
> }
> return url;
> }/
>
> I dont have a quickstart for this, 'cause you also need a proxy
> configuration to get this bug.
>
> What do you mean?
>
> cya
> Martin
>