hi all, going through the posts i realized there is an easier solution missing.
What i do is to contribute a HttpServletRequestHandler that checks for the X-Forwarded-Proto header and - in case its set - wraps the HttpServletRequest with overrides to isSecure(), getScheme() and getServerPort(). All the other stuff in Tapestry regarding https works unchanged. g, Kris public final class HttpsFilter implements HttpServletRequestHandler { private final HttpServletRequestHandler delegateServletHandler; public HttpsFilter(HttpServletRequestHandler delegateServletHandler) { this.delegateServletHandler = delegateServletHandler; } @Override public boolean service(HttpServletRequest request, HttpServletResponse response) throws IOException { return delegateServletHandler.service(wrapRequest(request), response); } private HttpServletRequest wrapRequest(final HttpServletRequest request) { final String protocolHeaderValue = request.getHeader("X-Forwarded-Proto"); if ("HTTPS".equalsIgnoreCase(protocolHeaderValue)) return new HttpServletRequestWrapper(request) { @Override public boolean isSecure() { return true; } @Override public String getScheme() { return "https"; } @Override public int getServerPort() { return 443; } }; return request; } } On Thu, Feb 20, 2014 at 1:17 AM, Ilya Obshadko <ilya.obsha...@gmail.com>wrote: > On Thu, Feb 20, 2014 at 9:58 AM, Thiago H de Paula Figueiredo < > thiag...@gmail.com> wrote: > > By the way, is there any reason preventing Tapestry team from incorporating > >> X-Forwarded-* headers support into Tapestry itself? This kind of > >> configuration is pretty standard nowadays. > >> > > > > Feel free to post a JIRA about that. > > > I have created public gist https://gist.github.com/xfyre/9104238 and > posted > https://issues.apache.org/jira/browse/TAP5-2291 > > Thank you! > > -- > Ilya Obshadko >