[ https://issues.apache.org/jira/browse/FELIX-4420?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
J.W. Janssen resolved FELIX-4420. --------------------------------- Resolution: Fixed Committed a fix in rev #1635470: now we also override sendRedirect and do rewriting of URLs based on the given input. Added test case as provided by [~chetanm] and extended it. [~chetanm]: could you verify this fix is working for you? > [HTTP SSLFilter] Implement sendRedirect > --------------------------------------- > > Key: FELIX-4420 > URL: https://issues.apache.org/jira/browse/FELIX-4420 > Project: Felix > Issue Type: Improvement > Components: HTTP Service > Affects Versions: http-2.2.1, http-2.2.2 > Reporter: Felix Meschberger > Assignee: J.W. Janssen > Fix For: http-2.3.2 > > Attachments: FELIX-4420-jetty.patch, FELIX-4420.patch > > > The HTTP SSL Filter service implemented in FELIX-3693 supports revealing the > actual protocol used by the client side browser by inspecting a request > header and exposing the proper scheme through its ServletRequest.getScheme() > implementation if the actual server is operated behind an SSL terminating > proxy (i.e. client connects with HTTPS to proxy, proxy forwards request to > server over plain HTTP) > The HttpServletRequest.sendRedirect() method is declared to set the Location > header to the absolute redirect URL which includes the scheme. In an SSL > terminating proxy situation, the servlet container does not know about this > fact and hence uses the actual server scheme (HTTP) for the redirect instead > of the scheme used by client. > To fix this situation the SSL filter response should implement the > HttpServletResponse.sendRedirect() method to use use the client side scheme > as extracted from the request instead of the actual server request. -- This message was sent by Atlassian JIRA (v6.3.4#6332)