hi all,
going through the posts i realized there is an easier solution missing.
What i do is to contribute a HttpServletRequestHandler that checks for the
X-Forwarded-Proto header and - in case its set - wraps the
HttpServletRequest with overrides to isSecure(), getScheme() and
getServerPort(). All the other stuff in Tapestry regarding https works
unchanged.
g,
Kris
public final class HttpsFilter implements HttpServletRequestHandler
{
private final HttpServletRequestHandler delegateServletHandler;
public HttpsFilter(HttpServletRequestHandler delegateServletHandler)
{
this.delegateServletHandler = delegateServletHandler;
}
@Override
public boolean service(HttpServletRequest request, HttpServletResponse
response) throws IOException
{
return delegateServletHandler.service(wrapRequest(request),
response);
}
private HttpServletRequest wrapRequest(final HttpServletRequest request)
{
final String protocolHeaderValue =
request.getHeader("X-Forwarded-Proto");
if ("HTTPS".equalsIgnoreCase(protocolHeaderValue))
return new HttpServletRequestWrapper(request)
{
@Override
public boolean isSecure()
{
return true;
}
@Override
public String getScheme()
{
return "https";
}
@Override
public int getServerPort()
{
return 443;
}
};
return request;
}
}
On Thu, Feb 20, 2014 at 1:17 AM, Ilya Obshadko <ilya.obsha...@gmail.com>wrote:
> On Thu, Feb 20, 2014 at 9:58 AM, Thiago H de Paula Figueiredo <
> thiag...@gmail.com> wrote:
>
> By the way, is there any reason preventing Tapestry team from incorporating
> >> X-Forwarded-* headers support into Tapestry itself? This kind of
> >> configuration is pretty standard nowadays.
> >>
> >
> > Feel free to post a JIRA about that.
>
>
> I have created public gist https://gist.github.com/xfyre/9104238 and
> posted
> https://issues.apache.org/jira/browse/TAP5-2291
>
> Thank you!
>
> --
> Ilya Obshadko
>
