<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.5921" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><B>From:</B> <A title=moseley@hank.org href="mailto:moseley@hank.org">Bill
Moseley</A> </DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV class=gmail_quote>> 2010/3/25 Octavian Rasnita <SPAN dir=ltr><<A
href="mailto:orasnita@gmail.com">orasnita@gmail.com</A>></SPAN><BR>
<BLOCKQUOTE class=gmail_quote
style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<DIV>> > The back end servers don't know if the current request is an
http or an https one and on each redirect, > > they do the redirection
using the http scheme.<BR>> > (I have also set the configuration
option using_frontend_proxy to true.)<BR><FONT face=Arial size=2>> >
</FONT><BR>> > Also, because the back end servers receive only http
requests, $c->req->secure is always equal to 0.<BR>> > I have
read that I can set the HTTPS environment variable to "On" and I put the
following line in the </DIV>
<DIV>> > configuration file of the load balancer Apache server in the
virtualhost that handles SSL requests:<BR><FONT face=Arial size=2>> >
</FONT><BR>> > SetEnv HTTPS On<BR></DIV></BLOCKQUOTE>
<DIV><FONT face=Arial size=2></FONT><FONT face=Arial size=2></FONT><FONT
face=Arial size=2></FONT><FONT face=Arial size=2></FONT><FONT face=Arial
size=2></FONT><FONT face=Arial size=2></FONT><FONT face=Arial
size=2></FONT><FONT face=Arial size=2></FONT><BR></DIV>
<DIV>> Does that header get to Catalyst? Obviously, check that
first.</DIV>
<DIV><FONT face=Arial size=2>> </FONT><BR></DIV>
<DIV>> I have this in a "after 'prepare_headers'":</DIV>
<DIV><FONT face=Arial size=2>> </FONT><BR></DIV>
<DIV>
<DIV>> $res->secure( 1 ) if lc( $req->header( 'Https' )
|| '' ) eq 'on';</DIV>
<DIV><FONT face=Arial size=2>> </FONT></DIV></DIV>
<DIV>> The load balancer sends all traffic to the same port. The load
balancer sets that header for SSL traffic.</DIV><FONT face=Arial
size=2></FONT><FONT face=Arial size=2></FONT><FONT face=Arial
size=2></FONT></DIV>
<DIV class=gmail_quote><FONT face=Arial size=2></FONT> </DIV>
<DIV class=gmail_quote><FONT face=Arial size=2></FONT> </DIV>
<DIV class=gmail_quote><FONT face=Arial size=2>I didn't know that HTTPS should
be an HTTP header and not an environment variable so I have also added as a
header.</FONT></DIV>
<DIV class=gmail_quote><FONT face=Arial size=2></FONT> </DIV>
<DIV class=gmail_quote><FONT face=Arial size=2>I have put in the configuration
file of the back end servers (to be sure that it will reach the
app):</FONT></DIV>
<DIV class=gmail_quote><FONT face=Arial size=2></FONT> </DIV>
<DIV class=gmail_quote><FONT face=Arial size=2>SetEnv HTTPS On</FONT></DIV>
<DIV class=gmail_quote><FONT face=Arial size=2></FONT> </DIV>
<DIV class=gmail_quote><FONT face=Arial size=2>and in the configuration file
of the load balancer server:</FONT></DIV>
<DIV class=gmail_quote><FONT face=Arial size=2></FONT> </DIV>
<DIV class=gmail_quote><FONT face=Arial size=2>RequestHeader set HTTPS
On</FONT></DIV>
<DIV class=gmail_quote><FONT face=Arial size=2></FONT> </DIV>
<DIV class=gmail_quote><FONT face=Arial size=2>And in a test action I have
done:</FONT></DIV>
<DIV class=gmail_quote><FONT face=Arial size=2></FONT> </DIV>
<DIV class=gmail_quote><FONT face=Arial size=2>my $body;<BR></FONT><FONT
face=Arial size=2>$body .= "HTTPS environment variable: $ENV{HTTPS}<br
/>\n";<BR>$body .= "HTTPS header: " . $c->req->header('HTTPS') .
"<br />\n";<BR>$body .= "secure: " . $c->req->secure . "<br
/>\n";;</FONT></DIV>
<DIV><FONT face=Arial size=2>$c->req->secure(1); #Force it to be
true<BR>$body .= "secure: " . $c->req->secure . "<br />\n"; #
Check if it is set correctly<BR>$body .= "uri_for_action: " .
$c->uri_for_action('/user/login2') . "<br />\n";</FONT></DIV>
<DIV><FONT face=Arial size=2>$c->res->body($body);</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>And the result is:</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>HTTPS environment variable: On<BR>HTTPS header:
On<BR>secure: 0<BR>secure: 1<BR>uri_for_action: <A
href="http://site.testsite.com:5555/en/user/login2">http://site.testsite.com:5555/en/user/login2</A><BR></FONT></DIV>
<DIV><FONT face=Arial size=2>So it seems that both the environment variable
HTTPS and the header HTTPS are seen by Catalyst, but $c->req->secure is
still equal to 0.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Do I need to add a certain plugin in order to be
able to use $c->req->secure or what could be the problem that it is not
set correctly?</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I have read in Catalyst::Request:</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>"the URI scheme (eg., http vs. https) must be
determined through heuristics; depending on your server configuration, it
may be incorrect. See $req->secure for more info."<BR></FONT></DIV>
<DIV><FONT face=Arial size=2>And more info:</FONT></DIV>
<DIV><FONT face=Arial size=2>"Note that the URI scheme (eg., http vs. https)
must be determined through heuristics, and therefore the reliablity
of $req->secure will depend on your server configuration. If you
are serving secure pages on the standard SSL port (443) and/or setting
the HTTPS environment variable, $req->secure should be
valid."</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I am accessing the site using SSL by the 5555
port so I need the HTTPS environment variable (or HTTP header) but I don't
know why $c->req->secure is still not set.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>And finally, even though I forced
$c->req->secure to be true, $c->uri_for_action still uses the http
scheme and not https so in the entire application the redirects won't be done
correctly and this is the big problem.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Thanks.</DIV></FONT><FONT face=Arial
size=2></FONT><FONT face=Arial size=2></FONT><FONT face=Arial
size=2></FONT><FONT face=Arial size=2></FONT><FONT face=Arial
size=2></FONT><FONT face=Arial size=2></FONT></BLOCKQUOTE>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV class=gmail_quote><FONT face=Arial size=2></FONT><FONT face=Arial
size=2></FONT><FONT face=Arial size=2></FONT><FONT face=Arial
size=2></FONT><BR></DIV>
<DIV class=gmail_quote><FONT face=Arial size=2>Octavian</FONT></DIV>
<DIV class=gmail_quote><FONT face=Arial size=2></FONT> </DIV><BR>--
<BR>Bill Moseley<BR><A href="mailto:moseley@hank.org">moseley@hank.org</A><BR>
<P>
<HR>
<P></P>_______________________________________________<BR>List:
Catalyst@lists.scsys.co.uk<BR>Listinfo:
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst<BR>Searchable
archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/<BR>Dev site:
http://dev.catalyst.perl.org/<BR><BR><BR><BR>__________ Information from ESET
NOD32 Antivirus, version of virus signature database 4975 (20100325)
__________<BR><BR>The message was checked by ESET NOD32
Antivirus.<BR><BR>http://www.eset.com<BR><BR></BLOCKQUOTE><BR>
<BR>
__________ Information from ESET NOD32 Antivirus, version of virus signature database 4975 (20100325) __________<BR>
<BR>
The message was checked by ESET NOD32 Antivirus.<BR>
<BR>
<A HREF="http://www.eset.com">http://www.eset.com</A><BR>
</BODY></HTML>