You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by "Arturo Durán Domínguez (JIRA)" <ji...@apache.org> on 2016/09/30 10:47:20 UTC

[jira] [Created] (OPENMEETINGS-1481) redirect http from moodle3 plugin

Arturo Durán Domínguez created OPENMEETINGS-1481:
----------------------------------------------------

             Summary: redirect http from moodle3 plugin 
                 Key: OPENMEETINGS-1481
                 URL: https://issues.apache.org/jira/browse/OPENMEETINGS-1481
             Project: Openmeetings
          Issue Type: Bug
          Components: Moodle-Plugin
    Affects Versions: 3.1.2
         Environment: Debian jessie, openmeetings 3.1.2 cluster configuration three servers
Openmeetings 3.1.2 https proxyed with lighttpd 
Openmeetings 5080 port is listen localhost
            Reporter: Arturo Durán Domínguez
            Assignee: SebastianWagner


Hi Maxim,
We've redirected 443 port and protocol https to 5080 port in localhost. We've used lighttpd proxy module and the openmeeting is running ok (http headers include X-Forwarded-For and X-Forwarded-Proto).
We are using moodle integration with openmeetings with https protocol and 443 port.
When we try go into room from moodle, browser request:

/GET /openmeetings/swf?&secureHash=b43151fb-de26-45e0-b833-d74565dcad13&scopeRoomId=11&language=8 HTTP/1.0
Host: cvom.unex.es
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:48.0) Gecko/20100101 Firefox/48.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
Referer: https://xxx.com/zonauex/evuex/mod/openmeetings/view.php?id=321072
Cookie: JSESSIONID=xxxxxxxxxxxxxxxxxxxxxxx
Upgrade-Insecure-Requests: 1
X-Forwarded-For: 158.49.197.173
X-Host: xxx.com
X-Forwarded-Proto: https

And openmeeting response:

Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Path=/openmeetings/; HttpOnly
Date: Fri, 30 Sep 2016 08:20:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store
Location: http://xxx.com/openmeetings/swf?secureHash=b43151fb-de26-45e0-b833-d74565dcad13&scopeRoomId=11&language=8&protocol=https&host=xxx.com&port=443&context=openmeetings
Content-Length: 0
Connection: close

I've found this old ticket: https://mail-archives.apache.org/mod_mbox/openmeetings-user/201507.mbox/%3CBLU436-SMTP207B0A2B5185C994D8BB9C4D49F0@phx.gbl%3E
is related to same problem, but the patch is applied from version 3.0.7 so I don't know is the same problem.

This problem blocks room access when users are using recent browsers, though they disable https protection.

Thanks by advance 





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)