Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-39540

force.url.secure Default Override of 0 Fails

    Details

    • Type: Feature Request
    • Status: CLOSED
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 11.0
    • Fix Version/s: 11.2, 12.0
    • Component/s: Kernel
    • Labels:
      None
    • 11 status:
      Resolved
    • Previous Issue Keys:
      KNL-1435
    • Test Plan:
      Hide

      set the Sakai.property:
      force.url.secure=0

      Ensure that sakai works. Log in. Check that RSF based tools work (i.e. go to Add Participants in Site Info in a site and ensure that adding participants works).

      Show
      set the Sakai.property: force.url.secure=0 Ensure that sakai works. Log in. Check that RSF based tools work (i.e. go to Add Participants in Site Info in a site and ensure that adding participants works).

      Description

      The documentation states the following:

      # Force all URLs out of Sakai back to Sakai to be secure, i.e. to use HTTPS, on this port.  
      # Do not enable if you plan to respond with the same transport as the request.
      # Otherwise, the URLs will reflect the attributes of the request URL. (443 | 8443 | or any other port)
      # DEFAULT: no secure port or protocol (https) will be used, setting this to 0 will have the same effect as not setting it
      # force.url.secure=443

      When setting force.url.secure to 0, this results in links in the following format:

      null://localhost:0/portal/site/!gateway/page-reset/!gateway-100

      This is what I experienced:

      1. Have force.secureurl=0
      2. Attempt to Login
      3. Nothing happens
      4. Click on a link, and go to null://HOST_ETC

      If a system like CAS is used, you are immediately taken to a null:// after logging in with a local account.

      However, setting it force.url.secure to blank does have the intended affect. Resolution of this requires either:

      1. Changing the documentation
      2. Adding the following:
        diff --git a/kernel/api/src/main/java/org/sakaiproject/util/RequestFilter.java b/kernel/api/src/main/java/org/sakaiproject/util/RequestFilter.java
        index 230fee4..b927b41 100644
        --- a/kernel/api/src/main/java/org/sakaiproject/util/RequestFilter.java
        +++ b/kernel/api/src/main/java/org/sakaiproject/util/RequestFilter.java
        @@ -278,7 +278,11 @@ public class RequestFilter implements Filter
                         transport = "https";
                         port = portNum;
                         secure = true;
        -            }
        +            } else  {
        +                               transport = req.getScheme();
        +                               port = req.getServerPort();
        +                               secure = req.isSecure();
        +                       }
                        } else {
                        // otherwise use the request scheme and port
                                transport = req.getScheme();
        
        1. Or changing the line here.

      EDIT: Setting force.url.secure to blank does not work in RSF based tools and causes a NumberFormatException in this block of code.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                k1team KERNEL TEAM (Inactive)
                Reporter:
                lcanessa Leonardo Canessa
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Git Source Code