You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@openmeetings.apache.org by Marcello Lorenzi <ce...@hotmail.it> on 2015/07/09 13:46:09 UTC

OM + Moodle plugin call /openmeetings/swf

Hi All,
we have configured the openmeetings installation with the HTTPS connectivity provided by a HAproxy reverse proxy that terminates the SSL connectivity and pass to OM the HTTP request. All works fine if I'm logged from the admin console, but we noticed issue with the moodle plugin.

In fact the moodle plugin call the URL

https://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....

But the OM instance redirects the call to the same URI adding an ID in HTTP and the browser blocks the call for security reason.

http://xxx.xxx.xxx.xxx/openmeetings/swf2?&secureHash=....

Could we mitigate the issue in order to have a redirect to HTTPS protocol?

Thanks,
Marcello

R: Re: OM + Moodle plugin call /openmeetings/swf

Posted by ce...@hotmail.it.
Yes i can

Marcello
Le mail ti raggiungono ovunque con BlackBerry® from Vodafone!

-----Original Message-----
From: Maxim Solodovnik <so...@gmail.com>
Date: Fri, 10 Jul 2015 13:07:09 
To: Openmeetings user-list<us...@openmeetings.apache.org>
Reply-To: user@openmeetings.apache.org
Subject: Re: OM + Moodle plugin call /openmeetings/swf

So you believe the issue is caused by OM
it is get request to
http://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
then internally redirects it to
http://xxx.xxx.xxx.xxx/openmeetings/swf?2&secureHash=....

I can remove this behavior and create custom version for you, can you then
test it?

On Thu, Jul 9, 2015 at 5:46 PM, Marcello Lorenzi <ce...@hotmail.it> wrote:

> Hi All,
> we have configured the openmeetings installation with the HTTPS
> connectivity provided by a HAproxy reverse proxy that terminates the SSL
> connectivity and pass to OM the HTTP request. All works fine if I'm logged
> from the admin console, but we noticed issue with the moodle plugin.
>
> In fact the moodle plugin call the URL
>
> https://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
>
> But the OM instance redirects the call to the same URI adding an ID in
> HTTP and the browser blocks the call for security reason.
>
> http://xxx.xxx.xxx.xxx/openmeetings/swf2?&secureHash=....
>
> Could we mitigate the issue in order to have a redirect to HTTPS protocol?
>
> Thanks,
> Marcello
>



-- 
WBR
Maxim aka solomax

R: Re: OM + Moodle plugin call /openmeetings/swf

Posted by ce...@hotmail.it.
Yes i can test for you this change
Le mail ti raggiungono ovunque con BlackBerry® from Vodafone!

-----Original Message-----
From: Maxim Solodovnik <so...@gmail.com>
Date: Fri, 10 Jul 2015 13:07:09 
To: Openmeetings user-list<us...@openmeetings.apache.org>
Reply-To: user@openmeetings.apache.org
Subject: Re: OM + Moodle plugin call /openmeetings/swf

So you believe the issue is caused by OM
it is get request to
http://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
then internally redirects it to
http://xxx.xxx.xxx.xxx/openmeetings/swf?2&secureHash=....

I can remove this behavior and create custom version for you, can you then
test it?

On Thu, Jul 9, 2015 at 5:46 PM, Marcello Lorenzi <ce...@hotmail.it> wrote:

> Hi All,
> we have configured the openmeetings installation with the HTTPS
> connectivity provided by a HAproxy reverse proxy that terminates the SSL
> connectivity and pass to OM the HTTP request. All works fine if I'm logged
> from the admin console, but we noticed issue with the moodle plugin.
>
> In fact the moodle plugin call the URL
>
> https://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
>
> But the OM instance redirects the call to the same URI adding an ID in
> HTTP and the browser blocks the call for security reason.
>
> http://xxx.xxx.xxx.xxx/openmeetings/swf2?&secureHash=....
>
> Could we mitigate the issue in order to have a redirect to HTTPS protocol?
>
> Thanks,
> Marcello
>



-- 
WBR
Maxim aka solomax

Re: OM + Moodle plugin call /openmeetings/swf

Posted by Maxim Solodovnik <so...@gmail.com>.
So you believe the issue is caused by OM
it is get request to
http://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
then internally redirects it to
http://xxx.xxx.xxx.xxx/openmeetings/swf?2&secureHash=....

I can remove this behavior and create custom version for you, can you then
test it?

On Thu, Jul 9, 2015 at 5:46 PM, Marcello Lorenzi <ce...@hotmail.it> wrote:

> Hi All,
> we have configured the openmeetings installation with the HTTPS
> connectivity provided by a HAproxy reverse proxy that terminates the SSL
> connectivity and pass to OM the HTTP request. All works fine if I'm logged
> from the admin console, but we noticed issue with the moodle plugin.
>
> In fact the moodle plugin call the URL
>
> https://xxx.xxx.xxx.xxx/openmeetings/swf?&secureHash=....
>
> But the OM instance redirects the call to the same URI adding an ID in
> HTTP and the browser blocks the call for security reason.
>
> http://xxx.xxx.xxx.xxx/openmeetings/swf2?&secureHash=....
>
> Could we mitigate the issue in order to have a redirect to HTTPS protocol?
>
> Thanks,
> Marcello
>



-- 
WBR
Maxim aka solomax