This is getting urgent! Can someone tell me what handles the return types from an event handler? I urgently have to fix it to ensure it returns HTTPS.
BTW, I have a custom BaseURLSource in AppModule: public static void contributeServiceOverride(@SuppressWarnings("rawtypes") MappedConfiguration<Class, Object> configuration) { configuration.add(BaseURLSource.class, new ConfiguredBaseURLSource()); } and I’ve determined that every time it is called it returns an https URL. It is NOT called when the 2 event handlers of my example are involved, which seems a bit odd. Geoff > On 14 Apr 2017, at 11:17 AM, JumpStart <geoff.callender.jumpst...@gmail.com> > wrote: > > Hi, > > I’ve found 2 situations where an HTTP URL is returned despite having set the > whole application to “secure”. > > * The 2 event handlers below are not correct - they return HTTP URLs (in, of > course, a 302 redirect), not HTTPS URLs. > > public class Page1 { > > @InjectPage > private Page2 page2; > > Object onToPage2InjectPage() { > return page2; > } > > Object onToPage2Class() { > return Page2.class; > } > > } > > * Whereas PageLink and EventLink are correct - in Page1 they generated HTTPS > URLs. > > <body> > <h1>Page 1</h1> > > <t:pagelink page="page2">To Page 2 (PageLink)</t:pagelink> > <p/> > <t:eventlink event="toPage2InjectPage">To Page 2 > (InjectPage)</t:eventlink> > <p/> > <t:eventlink event="toPage2Class">To Page 2 (Class)</t:eventlink> > </body> > > This DID work in my previous setup, which was Apache virtual host on port > 443, handling the SSL, and proxying via AJP to Tapestry in Wildfly on port > 8009. > > What’s changed is that I’ve put an AWS ALB (Application Load Balancer) in > front of Apache. ALB handles the SSL, forwards to Apache on port 80, which > proxies via AJP to Tapestry in Wildfly on port 8009. > > I think the HTTP headers on the requests are all intact. But even if they > aren’t, shouldn’t the following configuration guarantee that the event > handlers shown above return HTTPS URLs? > > public void contributeMetaDataLocator(MappedConfiguration<String, > String> configuration) { > configuration.add(MetaDataConstants.SECURE_PAGE, "true"); > } > > I saw an earlier post that suggested doing the following, but it had the same > result: > > public static void > contributeApplicationDefaults(MappedConfiguration<String, String> > configuration) { > configuration.add(MetaDataConstants.SECURE_PAGE, "true"); > } > > Regards, > > Geoff >