[
https://issues.apache.org/jira/browse/FELIX-4330?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13999655#comment-13999655
]
Carsten Ziegeler commented on FELIX-4330:
-----------------------------------------
[~jajans] I basically agree with you. So you suggest to replace the current
option property from Felix patch with two string props, right? Could you update
the patch? Maybe we could add the known configuration setups to the
description, so people see right away in the web console how they can configure
it?
> [HTTP SSL Filter] Make SSL header(s) configurable
> -------------------------------------------------
>
> Key: FELIX-4330
> URL: https://issues.apache.org/jira/browse/FELIX-4330
> Project: Felix
> Issue Type: Bug
> Components: HTTP Service
> Affects Versions: http-2.2.1
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
> Fix For: http-2.3.0, http-sslfilter-1.0.0
>
> Attachments: FELIX-4330-fme.patch, FELIX-4330-fme2.patch,
> FELIX-4330.patch
>
>
> The request header indicating a proxy terminating an HTTPS connection is
> currently hard coded to be "X-Forwarded-SSL" with the only value supported to
> be "on" -- based on the assumption of this being the most commonly used
> header value.
> It looks that Amazon's Elastice Load Balancer uses a different header and
> value: X-Forwarded-Proto whose value is the actual protocol by which the
> client talks to the load balancer. The filter should kick in if the protocol
> is https (or maybe if it is just not the same as the one which the servlet
> container reports).
> [1]
> http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#x-forwarded-proto
--
This message was sent by Atlassian JIRA
(v6.2#6252)
