Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-44249

Fix RequestFilter to respect sakai.force.url.secure property

    XMLWordPrintable

Details

    • Bug
    • Status: RESOLVED
    • Major
    • Resolution: Fixed
    • None
    • 21.0, 22.0 [Tentative]
    • Kernel
    • None
    • Merged
    • Please Merge
    • Please Merge
    • Hide

      Set Sakai up behind a load balancer...

      Show
      Set Sakai up behind a load balancer...

    Description

      Sakai has a property

      sakai.force.url.secure=443

      Which tells Sakai to "pretend" that it is running at an https URL on the given port no matter what the request object tells Sakai.

      A common use case for this is when running behind a load balancer that is doing the https termination and talking to Sakai on a non-https connection.  CloudFlare works this way.  Some load balancers carefully tell Tomcat what port and protocol are in use - but not all.

      When Sakai is in the confused state, calling ServerConfigurationServer.getServerUrl() will not return the serverUrl property (as you might expect) but reconstructs the URL using RequestFilter.  Which is pretty confusing when it happens.

      So if you want to tell Sakai to ignore what the request object contains - assume instead what we are telling it - use this property.

      The RequestFilter handles this in one of its code paths - but not all.  This needs to be fixed.

       

       

      Gliffy Diagrams

        Zeplin

          Attachments

            Issue Links

              Activity

                People

                  csev Charles Severance
                  csev Charles Severance
                  Votes:
                  0 Vote for this issue
                  Watchers:
                  8 Start watching this issue

                  Dates

                    Created:
                    Updated:
                    Resolved:

                    Git Integration