[
https://issues.apache.org/jira/browse/FELIX-4923?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15401800#comment-15401800
]
Konrad Windszus commented on FELIX-4923:
----------------------------------------
[~asanso] Even in your patch you making some assumptions about the header name
and value. Is the comparison
{code}
if (cfg.sslValue.equalsIgnoreCase(httpReq.getHeader(cfg.sslHeader))) not enough
here?
{code}
In case we really want to distinguish between the 3 cases:
1) HTTPS terminated at proxy in front, Felix accessed through HTTP
2) HTTP terminated at proxy in front, Felix accessed through HTTPS
3) Felix directly accessed through HTTP or HTTPS
we need to extend the OSGi configuration with a value for use case 2) as well.
> SslFilterResponse doesn 't take in account ssl-forward.header property
> ----------------------------------------------------------------------
>
> Key: FELIX-4923
> URL: https://issues.apache.org/jira/browse/FELIX-4923
> Project: Felix
> Issue Type: Bug
> Components: HTTP Service
> Reporter: Antonio Sanso
> Priority: Minor
> Attachments: FELIX-4923-patch.txt, FELIX-4923-patch.txt
>
>
> {{SslFilterResponse}} doesn 't take in account {{ssl-forward}}.header
> property.
> Indeed the {{SslFilterResponse}} constructor hardcodes
> {{HDR_X_FORWARDED_PROTO}}.
> {code}
> ...
> request.getHeader(HDR_X_FORWARDED_PROTO);
> ...
> {code}
> the {{ssl-forward}} osgin configuration should be taken in account IMHO. The
> default is even different than {{HDR_X_FORWARDED_PROTO}} indeed is rather
> {{X-Forwarded-SSL}}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
