top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Struts2: Using HTTPS, when I redirect, I get HTTP

+1 vote
2,642 views

I have an application that runs on weblogic 10.3.6 and struts 2.3.8. The weblogic is behind a loadbalancer that does https to http translation. When the application uses a redirect it will use HTTP instead of the original HTTPS protocol. Is there a way to force redirect to use HTTPS?

posted Sep 30, 2013 by Amit Parthsarthi

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button
And what happens with the name of the server? I suppose the name of the weblogic server is not the same as the external name of the loadbalancer, no?
The name remains the same, the loadbalancer name. And yes the weblogic server is not the same as the external name of the loadbalancer.
What kind of redirect? to action?
This one:
type="redirect">cambioPassword!input.action

1 Answer

+1 vote

Well, there's a couple issues to consider here.

1) When you're behind a load balancer, the machine name (domain) you're running on may not be the domain that's fronted to the public. For example, the user might be accessing www.company.org but you're on host123.company.org. When you're changing protocols, you have to include the FQN. Does your app know the public domain?

2) Is there a Struts enhancement hiding in this question? Maybe we should include a "protocol" and "hostname" as redirect parameters?

answer Oct 1, 2013 by Naveena Garg
Similar Questions
0 votes

How do I get a valid certificate for a box that is behind a firewall and does not have a DNS entry?

I was looking at letsencrypt.org but currently it looks like a valid DNS entry is needed, of which I don't have.

There is nothing special about my setup, its just a box that is not directly on the internet, no DNS entry but I need HTTPS to run correctly.

How do I generate a trusted certificate base on IP or something?

How can I do that? Thanks,

+1 vote

We are trying to measure performance between HTTP and HTTPS version on Hadoop DFS, Mapreduce and other related modules.

As of now, we have tested using several metrics on Hadoop HTTP Mode. Similarly we are trying to test the same metrics on HTTPS Platform. Basically our test suite cluster consists of one Master Node and two Slave Nodes.

We have configured HTTPS connection and now we need to verify whether Nodes are communicating directly through HTTPS. Tried checking logs, clusters webhdfs ui, health check information, dfs admin report but of no help. Since there is only limited documentation available in HTTPS, we are unable to verify whether Nodes are communicating through HTTPS.

Hence any experts around here can shed some light on how to confirm HTTPS communication status between nodes (might be with mapreduce/DFS).

0 votes

I'm trying to setup a forward proxy to access certain endpoints on Remote server which require https with basic authentication in header.

A(Application server) ---> Forward proxy (B) ----> Remote server(C)

i'm at B on which i have setup below Apache Virtual host in which i'm setting the headers to use basic authentication passing encoded value of user & pass configured on remote server.However,i want to include HTTPS in my request to C to ensure the headers are sent securely with encrption to remote server (C). I do Not want to use a separate Virtual host for HTTPS. Should i include a SSL Server certificate in my proxy configuration as given below with the basic authentication in header ?
How can i achieve this in Single virtual host ? I have limited knowledge on apache, so please help here.

I tried searching on the internet but did not find the required solution.

##### vHost 9099 is for basic auth with HTTPS #####
Listen *:9099
<VirtualHost *:9099>

        ServerName      myservername.com
        ServerAlias     myservername.com
        ServerAdmin     iamadmin@myservername.com
        DocumentRoot    /my/doc/root/
        SSLEngine on
        RewriteEngine On
        AllowEncodedSlashes NoDecode

        ProxyRequests On

        # SSL configuration

        SSLCertificateFile       /Path to cert.pem
        SSLCertificateKeyFile    /Path to private key
        SSLCACertificateFile     /Path to CA certs


        ##  Basic64  Encoded XXXX od user and passwd in header

         RequestHeader set Authorization "Basic XXXXX"


         ##  Endpoints accessed via https with basic authentication in header

         ProxyPass /api/api1/   https://30.30.115.22:11111/api/api1/
         ProxyPassReverse /api/api1/    https://30.30.115.22:11111/api/api1/


</VirtualHost>
+1 vote

I have Apache SSL virtuals behind the Nginx proxy defined with this directive:

SetEnvIf X-Forwarded-Proto https HTTPS=on

Users often use the following rewrite rule in their htaccess files for detecting SSL connection, but the variable HTTPS is not treated as expected:

RewriteCond %{HTTPS} =on

Is there any workaround for this? So far, I tried to disable mod_ssl completely and also checked modules hooks and it seems that environment files are loaded before the rewrite module.

+2 votes

I can not find a resolution on bugzilla's doc about how to install bugzilla with https. By default, the bugzilla installation will be access with http://, not https://

If I want to access use https://, is there any package or software additional should be installed first? Or I can just configure on Bugzilla's parameter: SSL_Redirect and sslbase, and no need to change with bugzilla installation?

...