Mantis - Resin
Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
1996 minor always 09-07-07 16:09 10-31-07 15:17
Reporter: ferg Platform:  
Assigned To: ferg OS:  
Priority: normal OS Version:  
Status: closed Product Version: 3.1.2  
Product Build: Resolution: fixed  
Projection: none      
ETA: none Fixed in Version: 3.1.4  
Summary: 0001996: sendRedirect() and ssl
Description: (rep by Michael Wang)

We are using resin professional version 3.1.2
 
When we use sendRedirect with HTTPS page, it redirects to HTTP instead of HTTPS.
 
I do a Google search and found an old posting.
http://osdir.com/ml/text.xml.resin.user/2003-01/msg00268.html [^]
 
Looks like we have the same problem as posted above.
Want to know whether this problem still exist in resin 3.1.2 or we need to some extra configuration.
 
Steps To Reproduce:
Additional Information:
Relationships
Attached Files:

Notes
(0002301)
split3   
09-18-07 12:06   
We are running into the exact same problem, and have even tried the configuration as specified here:

http://maillist.caucho.com/pipermail/resin-interest/2007-June/001125.html [^]

As this did actually return true for isSecure it still redirected from SSL -> Non-SSL on response.sendRedirect and even using response.encodeRedirectURL

What other configuration would be necessary or is this an actual bug? Or there any work arounds?

Note that the SSL cert is configured on our Hardware Load Balancer
(0002427)
ferg   
10-31-07 15:17   
server/12j2

The change fixes the rewrite-dispatch. You can also use the <secure/> tag in the <web-app> to force secure without using rewrite-dispatch. <secure> will work with 3.1.3.