My feeling is that it's for SSL/HTTPS set up in Jetty/Tomcat etc (no proxy in
front needed) use:
public void contributeMetaDataLocator(MappedConfiguration
configuration) {
configuration.add(MetaDataConstants.SECURE_PAGE, "true");
}
-- or secure pages with
Forgot to mention that i also have tapestry.security-enabled= false in my
app setings
On Fri, Jul 22, 2016 at 3:50 PM, Dimitris Zenios
wrote:
> This is a snippet of nginx configuration that proxies the request to
> jetty on port 8080.Via this configuration i am able
This is a snippet of nginx configuration that proxies the request to jetty
on port 8080.Via this configuration i am able to have ssl and non ssl
versions of the tapestry application.If i want to enforce only ssl version
of tapestry i enforce it via nginx.Hope that was helpful
location / {
With my configuration with -Dtapestry.secure-enabled=true the private String
org.apache.tapestry5.internal.services. LinkImpl::buildURI(LinkSecurity
security) return the absolute URI.
Using:
public void contributeMetaDataLocator(MappedConfiguration configuration) {
It has been a while since we looked into this, but as far as I can remember
we needed SECURE_ENABLED=false in order to have our apps supporting both
http and https at the same time. None of our app servers are configured to
use ssl that is always handled before the requests hit tapestry.
--
When you say you are avoiding absolute URLs, where have you noticed this? I
can’t recall this being a problem.
Now, I’m no expert on this kind of configuration, and its a while since I set
this all up, so forgive me if I have my wires crossed. Also, our site’s load is
small so far but growing
We are always setting tapestry.secure-enabled = false
--
Chris
On Fri, Jul 22, 2016 at 11:29 AM, Dimitris Zenios wrote:
> When i am doing ssl out of the servlet container (eg jetty,apache etc) i
> always set secure enables to false.
>
> On 21 Jul 2016 12:07,
When i am doing ssl out of the servlet container (eg jetty,apache etc) i
always set secure enables to false.
On 21 Jul 2016 12:07, "Svein-Erik Løken" wrote:
> Using HAProxy or Apache HTTP Server as a TLS termination proxy I found
> that setting X-Forwarded-Proto="https" in the