You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by "Juergen Donnerstag (JIRA)" <ji...@apache.org> on 2010/11/28 14:19:37 UTC
[jira] Closed: (WICKET-3009) support X-Forwarded-Proto header in
SwitchProtocolRequestTarget
[ https://issues.apache.org/jira/browse/WICKET-3009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Juergen Donnerstag closed WICKET-3009.
--------------------------------------
Resolution: Duplicate
see WICKET-3015
> support X-Forwarded-Proto header in SwitchProtocolRequestTarget
> ---------------------------------------------------------------
>
> Key: WICKET-3009
> URL: https://issues.apache.org/jira/browse/WICKET-3009
> Project: Wicket
> Issue Type: Improvement
> Components: wicket
> Affects Versions: 1.4.10
> Reporter: Daniel Peters
> Assignee: Juergen Donnerstag
> Priority: Minor
> Attachments: SwitchProtocolRequestTarget.java.patch
>
>
> If you use the @RequireHttps annotation and HttpsRequestCycleProcessor, the currently used protocol is determined by looking at HttpServletRequest.getScheme().
> But when your (clustered) wicket-application is behind a frontend load-balancer that does all the SSL for you, this isn't enough.
> In my case the load-balancer (Apache httpd with mod_proxy) does the external http/https and ALLWAYS talks to the cluster-nodes with http. With the current wicket-code this leads to an endless redirect-loop.
> A common practice seems to be to send a request-header that says how the page has been originally requested.
> The header-name "X-Forwarded-Proto" is quite popular (do a google search), so I chose that one... It should contain one of the values "http" or "https".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.