Setting tapestry.secure-enabled to "false" and removing @Secure annotations
solved my problem.
Internal users can acces Tomcat directly via HTTP.
External users can access Apache httpd via HTTPS, which handles SSL and
forwards the request to Tomcat (via AJP).
Works nicely now when Tapestry does no
On Thu, Feb 5, 2015 at 5:01 PM, Martin Nagl wrote:
> Aha, sorry for the "hardcoded" part, I can see that the number 80 is only
> used to determine whether to include port in URL or not :) Will try to
> provide HOSTPORT instead.
>
> M.
>
> On Thu, Feb 5, 2015 at 4:53 PM, Martin Nagl wrote:
>
>> I
Martin,
Have you tried setting the tapestry.secure-enabled symbol to "false" in
your AppModule.java? That prevents Tapestry from redirecting to https (and
you won't have to have @Secure annotations on your pages).
On Feb 5, 2015 11:30 AM, "Norman Franke" wrote:
> While not addressing your proble
While not addressing your problem exactly, I have found issues with cookies
doing things like this. You try to login via HTTPS. Your session is created as
a secure cookie, and when you go back to regular HTTP after login, you have no
session cookie. I created a new, non-secure cookie, but that’s
Aha, sorry for the "hardcoded" part, I can see that the number 80 is only
used to determine whether to include port in URL or not :) Will try to
provide HOSTPORT instead.
M.
On Thu, Feb 5, 2015 at 4:53 PM, Martin Nagl wrote:
> I am using Tapestry 5.3.6.
>
> I have not overridden BaseURLSource o
I am using Tapestry 5.3.6.
I have not overridden BaseURLSource or anything simmilar.
I have not provided HOSTPORT or HOSTPORT_SECURE.
Looking at the code in BaseURLSourceImpl, maybe my problem is that http
communication goes on port 8080, not 80 as expected (hardcoded in
BaseURLSourceImpl). I wil
I've faced similar issues in the past (see TAP5-167), but these days I
just access everything through https.
It does sound like you were using @Secure on your login page, but
nowhere else. I seem to recall that if you use @Secure on one page,
then it will try to use http on pages NOT marked with
Hi all,
we have a Tapesty5 application deployed on Tomcat + Apache httpd. In
production environment at our customer, the application should be deployed
/ accessed like this:
- Tomcat is running on a server in internal network on port 8080.
- There is an Apache HTTP server with reverse proxy to
