You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Kim Syväluoma <ki...@aland.net> on 2019/06/14 06:17:39 UTC
Accessing a page over HTTPS results in infinite 302 redirects
We have a Tapestry application which we need to use over HTTPS only. We
are using Weblogic only.
We have these set in the AppModule of the Tapestry application:
public static void contributeApplicationDefaults(
final MappedConfiguration<String, String> configuration) {
configuration.add("tapestry.supported-locales", "en");
configuration.add("tapestry.start-page-name", "start");
configuration.add(SymbolConstants.HOSTPORT_SECURE, "443");
configuration.add(SymbolConstants.SECURE_ENABLED, "true");
}
public static void contributeMetaDataLocator(final
MappedConfiguration<String, String> configuration) {
configuration.add(MetaDataConstants.SECURE_PAGE, "true");
}
In the Start page we have a redirect like this:
final Object onActivate() {
if (!this.sessionHandler.isLoggedIn()) {
return this.loginPage;
}
return this.mainFrameSet;
}
We we try to access our app by HTTPS at root or directly at the start
page, loginPage or mainFrameSet page we get infinite redirect loop (302)
to the same page we are accessing.
If we set the MetaDataConstants.SECURE_PAGE to false we can access our
app over HTTPS but all page requests/links within the app is then done
over HTTP and that does not work.
We need to have all functionality within the app to work over, and using
only, HTTPS.
What have we missed?
Br,
Kim
--
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤øø¤º°`°º¤ø,¸¸,ø¤
Name: | Kim Syväluoma |
Email: | kim.syv@aland.net |
Tel (GSM): | +358 (0)40 592 5267 |
Tel Work: | +358 (0)20 7910 666 |
=========================================================
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Accessing a page over HTTPS results in infinite 302 redirects
Posted by Kim Syväluoma <ki...@aland.net>.
It was the load balancer configuration that needed further
configurations. Now it works as it should. Thanks for all the help.
Br,
Kim
2019-06-17 11:14 skrev Dmitry Gusev:
> Show configuration of the app server for the header?
> Tomcat, for example, needs custom valve to acknowledge x-forwarded
> headers.
>
> On Mon, Jun 17, 2019 at 9:36 AM Kim Syväluoma <ki...@aland.net>
> wrote:
>
>> We have now added the X-Forwarded-Proto and X-Forwarded-For to the
>> requests but we still get 302 loop:
>>
>> GET /ngm/start HTTP/1.1
>> Host: bo-ci.eget.fi [1]
>> Connection: keep-alive
>> Upgrade-Insecure-Requests: 1
>> User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5)
>> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169
>> Safari/537.36
>> Accept:
>>
> text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3
>> Accept-Encoding: gzip, deflate, br
>> Accept-Language: en-US,en;q=0.9,sv;q=0.8,fi;q=0.7,lv;q=0.6,es;q=0.5
>> Cookie: _ga=GA1.2.2095789035.1543389393;
>>
> AMCV_A5A139F7569D5CB57F000101%40AdobeOrg=1406116232%7CMCIDTS%7C17864%7CMCMID%7C21405024211598008102491243369473793569%7CMCAAMLH-1543994214%7C6%7CMCAAMB-1543994214%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1543396614s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.5.0;
>>
>> _gcl_au=1.1.558442318.1553672462;
>> __cfduid=d3fcfc204dc54bf4c4d94a53ee955a6581557830653;
>> NGM=g49j5fJxzz-XyMWzYBJ4YoebaB8rgEwPw_gG2tEjudRZqYbykvGY!-2115956942
>> X-Forwarded-For: 10.5.128.233
>> X-Forwarded-Proto: https
>>
>> HTTP/1.1 302 Moved Temporarily
>> Connection: close
>> Date: Mon, 17 Jun 2019 06:23:19 GMT
>> Transfer-Encoding: chunked
>> Location: https://bo-ci.eget.fi/ngm/start
>>
>> 0103
>> <html><head><title>302 Moved Temporarily</title></head>
>> <body bgcolor="#FFFFFF">
>> <p>This document you requested has moved
>> temporarily.</p>
>> <p>It's now at <a
>>
> href="https://bo-ci.eget.fi/ngm/start">https://bo-ci.eget.fi/ngm/start</a>.</p>
>> </body></html>
>>
>> 0000
>>
>> Any more tips?
>>
>> Br,
>> Kim
>>
>> 2019-06-14 12:24 skrev Kim Syväluoma:
>>> Thanks for the answers. We will try adding the "X-Forwarded-Proto:
>>> https" header to our requests.
>>>
>>> /Kim
>>>
>>> 2019-06-14 11:34 skrev Chris Poulsen:
>>>> Hi,
>>>>
>>>> We use:
>>>>
>>>> // default to non-secure pages (allows us to support both http
>> and
>>>> https
>>>> based on the request)
>>>> configuration.add( SymbolConstants.SECURE_ENABLED, "false" );
>>>>
>>>> And always have an upstream proxy for performing SSL termination.
>> This
>>>> relies on the X-Forward-* headers being set and handled correctly
>> by
>>>> the
>>>> various servers.
>>>>
>>>> --
>>>> Chris
>>>>
>>>> On Fri, Jun 14, 2019 at 10:06 AM Dmitry Gusev
>> <dm...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> I'd suggest to check value of `Request#isSecure()`, it looks
>> like
>>>>> it's
>>>>> false.
>>>>>
>>>>> It can happen if your WebSphere is behind a proxy/load balancer
>> which
>>>>> terminates SSL,
>>>>> in this case you may need to configure WebSphere to acknowledge
>> the
>>>>> x-forwarded-proto HTTP header.
>>>>>
>>>>> On Fri, Jun 14, 2019 at 9:17 AM Kim Syväluoma
>> <ki...@aland.net>
>>>>> wrote:
>>>>>
>>>>>> We have a Tapestry application which we need to use over HTTPS
>> only. We
>>>>>> are using Weblogic only.
>>>>>>
>>>>>> We have these set in the AppModule of the Tapestry
>> application:
>>>>>>
>>>>>> public static void contributeApplicationDefaults(
>>>>>> final MappedConfiguration<String, String>
>> configuration) {
>>>>>> configuration.add("tapestry.supported-locales", "en");
>>>>>> configuration.add("tapestry.start-page-name", "start");
>>>>>> configuration.add(SymbolConstants.HOSTPORT_SECURE,
>> "443");
>>>>>> configuration.add(SymbolConstants.SECURE_ENABLED,
>> "true");
>>>>>> }
>>>>>>
>>>>>> public static void contributeMetaDataLocator(final
>>>>>> MappedConfiguration<String, String> configuration) {
>>>>>> configuration.add(MetaDataConstants.SECURE_PAGE, "true");
>>>>>> }
>>>>>>
>>>>>> In the Start page we have a redirect like this:
>>>>>>
>>>>>> final Object onActivate() {
>>>>>> if (!this.sessionHandler.isLoggedIn()) {
>>>>>> return this.loginPage;
>>>>>> }
>>>>>> return this.mainFrameSet;
>>>>>> }
>>>>>>
>>>>>> We we try to access our app by HTTPS at root or directly at
>> the start
>>>>>> page, loginPage or mainFrameSet page we get infinite redirect
>> loop (302)
>>>>>> to the same page we are accessing.
>>>>>>
>>>>>> If we set the MetaDataConstants.SECURE_PAGE to false we can
>> access our
>>>>>> app over HTTPS but all page requests/links within the app is
>> then done
>>>>>> over HTTP and that does not work.
>>>>>> We need to have all functionality within the app to work over,
>> and using
>>>>>> only, HTTPS.
>>>>>>
>>>>>> What have we missed?
>>>>>>
>>>>>> Br,
>>>>>> Kim
>>>>>>
>>>>>
>>>>> --
>>>>> Dmitry Gusev
>>>>>
>>>>> AnjLab Team
>>>>> http://anjlab.com
>>>>>
>>
>>
> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>
> --
> Dmitry Gusev
>
> AnjLab Team
> http://anjlab.com
>
> Links:
> ------
> [1] http://bo-ci.eget.fi
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Accessing a page over HTTPS results in infinite 302 redirects
Posted by Dmitry Gusev <dm...@gmail.com>.
Show configuration of the app server for the header?
Tomcat, for example, needs custom valve to acknowledge x-forwarded headers.
On Mon, Jun 17, 2019 at 9:36 AM Kim Syväluoma <ki...@aland.net> wrote:
> We have now added the X-Forwarded-Proto and X-Forwarded-For to the
> requests but we still get 302 loop:
>
> GET /ngm/start HTTP/1.1
> Host: bo-ci.eget.fi
> Connection: keep-alive
> Upgrade-Insecure-Requests: 1
> User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5)
> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169
> Safari/537.36
> Accept:
>
> text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3
> Accept-Encoding: gzip, deflate, br
> Accept-Language: en-US,en;q=0.9,sv;q=0.8,fi;q=0.7,lv;q=0.6,es;q=0.5
> Cookie: _ga=GA1.2.2095789035.1543389393;
> AMCV_A5A139F7569D5CB57F000101%40AdobeOrg=1406116232%7CMCIDTS%7C17864%7CMCMID%7C21405024211598008102491243369473793569%7CMCAAMLH-1543994214%7C6%7CMCAAMB-1543994214%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1543396614s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.5.0;
>
> _gcl_au=1.1.558442318.1553672462;
> __cfduid=d3fcfc204dc54bf4c4d94a53ee955a6581557830653;
> NGM=g49j5fJxzz-XyMWzYBJ4YoebaB8rgEwPw_gG2tEjudRZqYbykvGY!-2115956942
> X-Forwarded-For: 10.5.128.233
> X-Forwarded-Proto: https
>
> HTTP/1.1 302 Moved Temporarily
> Connection: close
> Date: Mon, 17 Jun 2019 06:23:19 GMT
> Transfer-Encoding: chunked
> Location: https://bo-ci.eget.fi/ngm/start
>
> 0103
> <html><head><title>302 Moved Temporarily</title></head>
> <body bgcolor="#FFFFFF">
> <p>This document you requested has moved
> temporarily.</p>
> <p>It's now at <a
> href="https://bo-ci.eget.fi/ngm/start">https://bo-ci.eget.fi/ngm/start
> </a>.</p>
> </body></html>
>
> 0000
>
>
> Any more tips?
>
> Br,
> Kim
>
>
> 2019-06-14 12:24 skrev Kim Syväluoma:
> > Thanks for the answers. We will try adding the "X-Forwarded-Proto:
> > https" header to our requests.
> >
> > /Kim
> >
> > 2019-06-14 11:34 skrev Chris Poulsen:
> >> Hi,
> >>
> >> We use:
> >>
> >> // default to non-secure pages (allows us to support both http and
> >> https
> >> based on the request)
> >> configuration.add( SymbolConstants.SECURE_ENABLED, "false" );
> >>
> >> And always have an upstream proxy for performing SSL termination. This
> >> relies on the X-Forward-* headers being set and handled correctly by
> >> the
> >> various servers.
> >>
> >> --
> >> Chris
> >>
> >> On Fri, Jun 14, 2019 at 10:06 AM Dmitry Gusev <dm...@gmail.com>
> >> wrote:
> >>
> >>> Hi,
> >>>
> >>> I'd suggest to check value of `Request#isSecure()`, it looks like
> >>> it's
> >>> false.
> >>>
> >>> It can happen if your WebSphere is behind a proxy/load balancer which
> >>> terminates SSL,
> >>> in this case you may need to configure WebSphere to acknowledge the
> >>> x-forwarded-proto HTTP header.
> >>>
> >>> On Fri, Jun 14, 2019 at 9:17 AM Kim Syväluoma <ki...@aland.net>
> >>> wrote:
> >>>
> >>> > We have a Tapestry application which we need to use over HTTPS only.
> We
> >>> > are using Weblogic only.
> >>> >
> >>> > We have these set in the AppModule of the Tapestry application:
> >>> >
> >>> > public static void contributeApplicationDefaults(
> >>> > final MappedConfiguration<String, String> configuration) {
> >>> > configuration.add("tapestry.supported-locales", "en");
> >>> > configuration.add("tapestry.start-page-name", "start");
> >>> > configuration.add(SymbolConstants.HOSTPORT_SECURE, "443");
> >>> > configuration.add(SymbolConstants.SECURE_ENABLED, "true");
> >>> > }
> >>> >
> >>> > public static void contributeMetaDataLocator(final
> >>> > MappedConfiguration<String, String> configuration) {
> >>> > configuration.add(MetaDataConstants.SECURE_PAGE, "true");
> >>> > }
> >>> >
> >>> > In the Start page we have a redirect like this:
> >>> >
> >>> > final Object onActivate() {
> >>> > if (!this.sessionHandler.isLoggedIn()) {
> >>> > return this.loginPage;
> >>> > }
> >>> > return this.mainFrameSet;
> >>> > }
> >>> >
> >>> > We we try to access our app by HTTPS at root or directly at the start
> >>> > page, loginPage or mainFrameSet page we get infinite redirect loop
> (302)
> >>> > to the same page we are accessing.
> >>> >
> >>> > If we set the MetaDataConstants.SECURE_PAGE to false we can access
> our
> >>> > app over HTTPS but all page requests/links within the app is then
> done
> >>> > over HTTP and that does not work.
> >>> > We need to have all functionality within the app to work over, and
> using
> >>> > only, HTTPS.
> >>> >
> >>> > What have we missed?
> >>> >
> >>> > Br,
> >>> > Kim
> >>> >
> >>>
> >>> --
> >>> Dmitry Gusev
> >>>
> >>> AnjLab Team
> >>> http://anjlab.com
> >>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Dmitry Gusev
AnjLab Team
http://anjlab.com
Re: Accessing a page over HTTPS results in infinite 302 redirects
Posted by Kim Syväluoma <ki...@aland.net>.
We have now added the X-Forwarded-Proto and X-Forwarded-For to the
requests but we still get 302 loop:
GET /ngm/start HTTP/1.1
Host: bo-ci.eget.fi
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169
Safari/537.36
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,sv;q=0.8,fi;q=0.7,lv;q=0.6,es;q=0.5
Cookie: _ga=GA1.2.2095789035.1543389393;
AMCV_A5A139F7569D5CB57F000101%40AdobeOrg=1406116232%7CMCIDTS%7C17864%7CMCMID%7C21405024211598008102491243369473793569%7CMCAAMLH-1543994214%7C6%7CMCAAMB-1543994214%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1543396614s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.5.0;
_gcl_au=1.1.558442318.1553672462;
__cfduid=d3fcfc204dc54bf4c4d94a53ee955a6581557830653;
NGM=g49j5fJxzz-XyMWzYBJ4YoebaB8rgEwPw_gG2tEjudRZqYbykvGY!-2115956942
X-Forwarded-For: 10.5.128.233
X-Forwarded-Proto: https
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Mon, 17 Jun 2019 06:23:19 GMT
Transfer-Encoding: chunked
Location: https://bo-ci.eget.fi/ngm/start
0103
<html><head><title>302 Moved Temporarily</title></head>
<body bgcolor="#FFFFFF">
<p>This document you requested has moved
temporarily.</p>
<p>It's now at <a
href="https://bo-ci.eget.fi/ngm/start">https://bo-ci.eget.fi/ngm/start</a>.</p>
</body></html>
0000
Any more tips?
Br,
Kim
2019-06-14 12:24 skrev Kim Syväluoma:
> Thanks for the answers. We will try adding the "X-Forwarded-Proto:
> https" header to our requests.
>
> /Kim
>
> 2019-06-14 11:34 skrev Chris Poulsen:
>> Hi,
>>
>> We use:
>>
>> // default to non-secure pages (allows us to support both http and
>> https
>> based on the request)
>> configuration.add( SymbolConstants.SECURE_ENABLED, "false" );
>>
>> And always have an upstream proxy for performing SSL termination. This
>> relies on the X-Forward-* headers being set and handled correctly by
>> the
>> various servers.
>>
>> --
>> Chris
>>
>> On Fri, Jun 14, 2019 at 10:06 AM Dmitry Gusev <dm...@gmail.com>
>> wrote:
>>
>>> Hi,
>>>
>>> I'd suggest to check value of `Request#isSecure()`, it looks like
>>> it's
>>> false.
>>>
>>> It can happen if your WebSphere is behind a proxy/load balancer which
>>> terminates SSL,
>>> in this case you may need to configure WebSphere to acknowledge the
>>> x-forwarded-proto HTTP header.
>>>
>>> On Fri, Jun 14, 2019 at 9:17 AM Kim Syväluoma <ki...@aland.net>
>>> wrote:
>>>
>>> > We have a Tapestry application which we need to use over HTTPS only. We
>>> > are using Weblogic only.
>>> >
>>> > We have these set in the AppModule of the Tapestry application:
>>> >
>>> > public static void contributeApplicationDefaults(
>>> > final MappedConfiguration<String, String> configuration) {
>>> > configuration.add("tapestry.supported-locales", "en");
>>> > configuration.add("tapestry.start-page-name", "start");
>>> > configuration.add(SymbolConstants.HOSTPORT_SECURE, "443");
>>> > configuration.add(SymbolConstants.SECURE_ENABLED, "true");
>>> > }
>>> >
>>> > public static void contributeMetaDataLocator(final
>>> > MappedConfiguration<String, String> configuration) {
>>> > configuration.add(MetaDataConstants.SECURE_PAGE, "true");
>>> > }
>>> >
>>> > In the Start page we have a redirect like this:
>>> >
>>> > final Object onActivate() {
>>> > if (!this.sessionHandler.isLoggedIn()) {
>>> > return this.loginPage;
>>> > }
>>> > return this.mainFrameSet;
>>> > }
>>> >
>>> > We we try to access our app by HTTPS at root or directly at the start
>>> > page, loginPage or mainFrameSet page we get infinite redirect loop (302)
>>> > to the same page we are accessing.
>>> >
>>> > If we set the MetaDataConstants.SECURE_PAGE to false we can access our
>>> > app over HTTPS but all page requests/links within the app is then done
>>> > over HTTP and that does not work.
>>> > We need to have all functionality within the app to work over, and using
>>> > only, HTTPS.
>>> >
>>> > What have we missed?
>>> >
>>> > Br,
>>> > Kim
>>> >
>>>
>>> --
>>> Dmitry Gusev
>>>
>>> AnjLab Team
>>> http://anjlab.com
>>>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Accessing a page over HTTPS results in infinite 302 redirects
Posted by Kim Syväluoma <ki...@aland.net>.
Thanks for the answers. We will try adding the "X-Forwarded-Proto:
https" header to our requests.
/Kim
2019-06-14 11:34 skrev Chris Poulsen:
> Hi,
>
> We use:
>
> // default to non-secure pages (allows us to support both http and
> https
> based on the request)
> configuration.add( SymbolConstants.SECURE_ENABLED, "false" );
>
> And always have an upstream proxy for performing SSL termination. This
> relies on the X-Forward-* headers being set and handled correctly by
> the
> various servers.
>
> --
> Chris
>
> On Fri, Jun 14, 2019 at 10:06 AM Dmitry Gusev <dm...@gmail.com>
> wrote:
>
>> Hi,
>>
>> I'd suggest to check value of `Request#isSecure()`, it looks like it's
>> false.
>>
>> It can happen if your WebSphere is behind a proxy/load balancer which
>> terminates SSL,
>> in this case you may need to configure WebSphere to acknowledge the
>> x-forwarded-proto HTTP header.
>>
>> On Fri, Jun 14, 2019 at 9:17 AM Kim Syväluoma <ki...@aland.net>
>> wrote:
>>
>> > We have a Tapestry application which we need to use over HTTPS only. We
>> > are using Weblogic only.
>> >
>> > We have these set in the AppModule of the Tapestry application:
>> >
>> > public static void contributeApplicationDefaults(
>> > final MappedConfiguration<String, String> configuration) {
>> > configuration.add("tapestry.supported-locales", "en");
>> > configuration.add("tapestry.start-page-name", "start");
>> > configuration.add(SymbolConstants.HOSTPORT_SECURE, "443");
>> > configuration.add(SymbolConstants.SECURE_ENABLED, "true");
>> > }
>> >
>> > public static void contributeMetaDataLocator(final
>> > MappedConfiguration<String, String> configuration) {
>> > configuration.add(MetaDataConstants.SECURE_PAGE, "true");
>> > }
>> >
>> > In the Start page we have a redirect like this:
>> >
>> > final Object onActivate() {
>> > if (!this.sessionHandler.isLoggedIn()) {
>> > return this.loginPage;
>> > }
>> > return this.mainFrameSet;
>> > }
>> >
>> > We we try to access our app by HTTPS at root or directly at the start
>> > page, loginPage or mainFrameSet page we get infinite redirect loop (302)
>> > to the same page we are accessing.
>> >
>> > If we set the MetaDataConstants.SECURE_PAGE to false we can access our
>> > app over HTTPS but all page requests/links within the app is then done
>> > over HTTP and that does not work.
>> > We need to have all functionality within the app to work over, and using
>> > only, HTTPS.
>> >
>> > What have we missed?
>> >
>> > Br,
>> > Kim
>> >
>> > --
>> > ¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤øø¤º°`°º¤ø,¸¸,ø¤
>> > Name: | Kim Syväluoma |
>> > Email: | kim.syv@aland.net |
>> > Tel (GSM): | +358 (0)40 592 5267 |
>> > Tel Work: | +358 (0)20 7910 666 |
>> > =========================================================
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> > For additional commands, e-mail: users-help@tapestry.apache.org
>> >
>> >
>>
>> --
>> Dmitry Gusev
>>
>> AnjLab Team
>> http://anjlab.com
>>
--
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤øø¤º°`°º¤ø,¸¸,ø¤
Name: | Kim Syväluoma |
Email: | kim.syv@aland.net |
Tel (GSM): | +358 (0)40 592 5267 |
Tel Work: | +358 (0)20 7910 666 |
=========================================================
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Accessing a page over HTTPS results in infinite 302 redirects
Posted by Chris Poulsen <ma...@nesluop.dk>.
Hi,
We use:
// default to non-secure pages (allows us to support both http and https
based on the request)
configuration.add( SymbolConstants.SECURE_ENABLED, "false" );
And always have an upstream proxy for performing SSL termination. This
relies on the X-Forward-* headers being set and handled correctly by the
various servers.
--
Chris
On Fri, Jun 14, 2019 at 10:06 AM Dmitry Gusev <dm...@gmail.com>
wrote:
> Hi,
>
> I'd suggest to check value of `Request#isSecure()`, it looks like it's
> false.
>
> It can happen if your WebSphere is behind a proxy/load balancer which
> terminates SSL,
> in this case you may need to configure WebSphere to acknowledge the
> x-forwarded-proto HTTP header.
>
> On Fri, Jun 14, 2019 at 9:17 AM Kim Syväluoma <ki...@aland.net> wrote:
>
> > We have a Tapestry application which we need to use over HTTPS only. We
> > are using Weblogic only.
> >
> > We have these set in the AppModule of the Tapestry application:
> >
> > public static void contributeApplicationDefaults(
> > final MappedConfiguration<String, String> configuration) {
> > configuration.add("tapestry.supported-locales", "en");
> > configuration.add("tapestry.start-page-name", "start");
> > configuration.add(SymbolConstants.HOSTPORT_SECURE, "443");
> > configuration.add(SymbolConstants.SECURE_ENABLED, "true");
> > }
> >
> > public static void contributeMetaDataLocator(final
> > MappedConfiguration<String, String> configuration) {
> > configuration.add(MetaDataConstants.SECURE_PAGE, "true");
> > }
> >
> > In the Start page we have a redirect like this:
> >
> > final Object onActivate() {
> > if (!this.sessionHandler.isLoggedIn()) {
> > return this.loginPage;
> > }
> > return this.mainFrameSet;
> > }
> >
> > We we try to access our app by HTTPS at root or directly at the start
> > page, loginPage or mainFrameSet page we get infinite redirect loop (302)
> > to the same page we are accessing.
> >
> > If we set the MetaDataConstants.SECURE_PAGE to false we can access our
> > app over HTTPS but all page requests/links within the app is then done
> > over HTTP and that does not work.
> > We need to have all functionality within the app to work over, and using
> > only, HTTPS.
> >
> > What have we missed?
> >
> > Br,
> > Kim
> >
> > --
> > ¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤øø¤º°`°º¤ø,¸¸,ø¤
> > Name: | Kim Syväluoma |
> > Email: | kim.syv@aland.net |
> > Tel (GSM): | +358 (0)40 592 5267 |
> > Tel Work: | +358 (0)20 7910 666 |
> > =========================================================
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: users-help@tapestry.apache.org
> >
> >
>
> --
> Dmitry Gusev
>
> AnjLab Team
> http://anjlab.com
>
Re: Accessing a page over HTTPS results in infinite 302 redirects
Posted by Dmitry Gusev <dm...@gmail.com>.
Hi,
I'd suggest to check value of `Request#isSecure()`, it looks like it's
false.
It can happen if your WebSphere is behind a proxy/load balancer which
terminates SSL,
in this case you may need to configure WebSphere to acknowledge the
x-forwarded-proto HTTP header.
On Fri, Jun 14, 2019 at 9:17 AM Kim Syväluoma <ki...@aland.net> wrote:
> We have a Tapestry application which we need to use over HTTPS only. We
> are using Weblogic only.
>
> We have these set in the AppModule of the Tapestry application:
>
> public static void contributeApplicationDefaults(
> final MappedConfiguration<String, String> configuration) {
> configuration.add("tapestry.supported-locales", "en");
> configuration.add("tapestry.start-page-name", "start");
> configuration.add(SymbolConstants.HOSTPORT_SECURE, "443");
> configuration.add(SymbolConstants.SECURE_ENABLED, "true");
> }
>
> public static void contributeMetaDataLocator(final
> MappedConfiguration<String, String> configuration) {
> configuration.add(MetaDataConstants.SECURE_PAGE, "true");
> }
>
> In the Start page we have a redirect like this:
>
> final Object onActivate() {
> if (!this.sessionHandler.isLoggedIn()) {
> return this.loginPage;
> }
> return this.mainFrameSet;
> }
>
> We we try to access our app by HTTPS at root or directly at the start
> page, loginPage or mainFrameSet page we get infinite redirect loop (302)
> to the same page we are accessing.
>
> If we set the MetaDataConstants.SECURE_PAGE to false we can access our
> app over HTTPS but all page requests/links within the app is then done
> over HTTP and that does not work.
> We need to have all functionality within the app to work over, and using
> only, HTTPS.
>
> What have we missed?
>
> Br,
> Kim
>
> --
> ¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤øø¤º°`°º¤ø,¸¸,ø¤
> Name: | Kim Syväluoma |
> Email: | kim.syv@aland.net |
> Tel (GSM): | +358 (0)40 592 5267 |
> Tel Work: | +358 (0)20 7910 666 |
> =========================================================
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Dmitry Gusev
AnjLab Team
http://anjlab.com