You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by Brian Krispinsky <sa...@cox.net> on 2010/01/30 02:24:13 UTC
Rendered URL's don't show 'https'
I'm running Jetspeed 2 using SSL connections on Tomcat 6. I've noticed that all portlet URL's, in both my portlet application and the Jetspeed Admin application are rendered showing http rather than https. For example, a URL in a portlet that should link to https://mysite.com/portal/foo instead links to http://mysite/portal/foo.
I was able to fix this in my application by adding the attribute "secure='true'" to every <portlet:renderURL> custom tag. But this seems unwieldy, as I'd need to change the code of all the Jetspeed portlets to get them working as well. Is there some kind of configuration setting I can use to default all rendered URL's to https instead of http?
Thanks!
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: Rendered URL's don't show 'https'
Posted by Brian Krispinsky <sa...@cox.net>.
Thank you! Setting 'portalurl.relative.only = true' worked perfectly.
---- Ate Douma <at...@douma.nu> wrote:
> On 02/01/2010 10:49 AM, Woonsan Ko wrote:
> > Hi Brian,
> >
> > I think you are totally right.
> > According to PLT.26.3 of the portlet specification, it reads clearly on "secure" attribute: "If the security is not set for a URL, it must stay the same as the security setting of the current request."
> > So, I'd like to suggest you create a JIRA issue for this.
> I don't think that will be needed, see below :)
>
> >
> > Kind regards,
> >
> > Woonsan
> >
> >
> >
> > ----- Original Message ----
> >> From: Brian Krispinsky<sa...@cox.net>
> >> To: jetspeed-user@portals.apache.org
> >> Sent: Sat, January 30, 2010 2:24:13 AM
> >> Subject: Rendered URL's don't show 'https'
> >>
> >> I'm running Jetspeed 2 using SSL connections on Tomcat 6. I've noticed that all
> >> portlet URL's, in both my portlet application and the Jetspeed Admin application
> >> are rendered showing http rather than https. For example, a URL in a portlet
> >> that should link to https://mysite.com/portal/foo instead links to
> >> http://mysite/portal/foo.
> >>
> >> I was able to fix this in my application by adding the attribute "secure='true'"
> >> to every custom tag. But this seems unwieldy, as I'd need
> >> to change the code of all the Jetspeed portlets to get them working as well. Is
> >> there some kind of configuration setting I can use to default all rendered URL's
> >> to https instead of http?
>
> Brian,
>
> We have a configuration property, portalurl.relative.only, which is by default set to false in WEB-INF/conf/jetspeed.properties.
> I think configuring this property to true (preferable in WEB-INF/conf/override.properties) will do the trick for you.
> See also JIRA issue http://issues.apache.org/jira/browse/JS2-275
>
>
> Regards,
>
> Ate
>
> >>
> >> Thanks!
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> >> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
> >
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> > For additional commands, e-mail: jetspeed-user-help@portals.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: Rendered URL's don't show 'https'
Posted by Ate Douma <at...@douma.nu>.
On 02/01/2010 10:49 AM, Woonsan Ko wrote:
> Hi Brian,
>
> I think you are totally right.
> According to PLT.26.3 of the portlet specification, it reads clearly on "secure" attribute: "If the security is not set for a URL, it must stay the same as the security setting of the current request."
> So, I'd like to suggest you create a JIRA issue for this.
I don't think that will be needed, see below :)
>
> Kind regards,
>
> Woonsan
>
>
>
> ----- Original Message ----
>> From: Brian Krispinsky<sa...@cox.net>
>> To: jetspeed-user@portals.apache.org
>> Sent: Sat, January 30, 2010 2:24:13 AM
>> Subject: Rendered URL's don't show 'https'
>>
>> I'm running Jetspeed 2 using SSL connections on Tomcat 6. I've noticed that all
>> portlet URL's, in both my portlet application and the Jetspeed Admin application
>> are rendered showing http rather than https. For example, a URL in a portlet
>> that should link to https://mysite.com/portal/foo instead links to
>> http://mysite/portal/foo.
>>
>> I was able to fix this in my application by adding the attribute "secure='true'"
>> to every custom tag. But this seems unwieldy, as I'd need
>> to change the code of all the Jetspeed portlets to get them working as well. Is
>> there some kind of configuration setting I can use to default all rendered URL's
>> to https instead of http?
Brian,
We have a configuration property, portalurl.relative.only, which is by default set to false in WEB-INF/conf/jetspeed.properties.
I think configuring this property to true (preferable in WEB-INF/conf/override.properties) will do the trick for you.
See also JIRA issue http://issues.apache.org/jira/browse/JS2-275
Regards,
Ate
>>
>> Thanks!
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
>> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: Rendered URL's don't show 'https'
Posted by Woonsan Ko <wo...@yahoo.com>.
Hi Brian,
I think you are totally right.
According to PLT.26.3 of the portlet specification, it reads clearly on "secure" attribute: "If the security is not set for a URL, it must stay the same as the security setting of the current request."
So, I'd like to suggest you create a JIRA issue for this.
Kind regards,
Woonsan
----- Original Message ----
> From: Brian Krispinsky <sa...@cox.net>
> To: jetspeed-user@portals.apache.org
> Sent: Sat, January 30, 2010 2:24:13 AM
> Subject: Rendered URL's don't show 'https'
>
> I'm running Jetspeed 2 using SSL connections on Tomcat 6. I've noticed that all
> portlet URL's, in both my portlet application and the Jetspeed Admin application
> are rendered showing http rather than https. For example, a URL in a portlet
> that should link to https://mysite.com/portal/foo instead links to
> http://mysite/portal/foo.
>
> I was able to fix this in my application by adding the attribute "secure='true'"
> to every custom tag. But this seems unwieldy, as I'd need
> to change the code of all the Jetspeed portlets to get them working as well. Is
> there some kind of configuration setting I can use to default all rendered URL's
> to https instead of http?
>
> Thanks!
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org