[
https://issues.apache.org/jira/browse/FELIX-4330?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
J.W. Janssen resolved FELIX-4330.
---------------------------------
Resolution: Fixed
> [HTTP SSL Filter] Make SSL header(s) configurable
> -------------------------------------------------
>
> Key: FELIX-4330
> URL: https://issues.apache.org/jira/browse/FELIX-4330
> Project: Felix
> Issue Type: Bug
> Components: HTTP Service
> Affects Versions: http-2.2.1
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
> Fix For: http-2.3.0, http-sslfilter-1.0.0
>
> Attachments: FELIX-4330-fme.patch, FELIX-4330-fme2.patch,
> FELIX-4330.patch
>
>
> The request header indicating a proxy terminating an HTTPS connection is
> currently hard coded to be "X-Forwarded-SSL" with the only value supported to
> be "on" -- based on the assumption of this being the most commonly used
> header value.
> It looks that Amazon's Elastice Load Balancer uses a different header and
> value: X-Forwarded-Proto whose value is the actual protocol by which the
> client talks to the load balancer. The filter should kick in if the protocol
> is https (or maybe if it is just not the same as the one which the servlet
> container reports).
> [1]
> http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#x-forwarded-proto
--
This message was sent by Atlassian JIRA
(v6.2#6252)
