Announcement Announcement Module
No announcement yet.
SSL + mod_proxy + acegi redirect error Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • SSL + mod_proxy + acegi redirect error

    My setup:

    Firewall only lets SSL traffic come through.
    Apache accepts traffic and proxies to Tomcat (that way isSecure() returns true).

    Now, tomcat is embedded, however that shouldn't matter. It's essentially the same thing, just configured differently.

    The Problem:

    After logging in using acegi, it attempts to redirect to what should be the previous page. HOWEVER, instead of https:// it uses http://.

    Also, if on the test box, I just connect directly into tomcat instead of through apache, it redirects to the right place (https://).

    Additional Info

    I wrote a JSP page that just prints whether isSecure() is set, and as expected, through the proxied request it is.

    I also wrote a jsp that simply calls response.sendRedirect("/page.jsp"); and that works correctly through the proxy.

    Finally, I used the debugger to make sure that the connector was using https as its scheme and that secure is set.

    Any help solving this mystery would be greatly appreciated.


  • #2
    More Info

    On my login page, I decided to print out the value of:

    request.getSession().getAttribute("ACEGI_SAVED_REQ UEST_KEY");

    and it returned:


    So acegi knows it came from an https. However it still insists on redirecting to a http:// not a https://