Andreas Hartmann schrieb:
> Andreas Hartmann schrieb:
>> Thorsten Scherler schrieb:
>>> On Tue, 2007-06-26 at 12:13 +0200, Andreas Hartmann wrote:
>> [...]
>>
>>>> To avoid this, we'd have to use a global SSL proxy URL for the CSS and
>>>> image URLs. IMO we should use the SSL variants of all outgoing links
>>>> on an SSL-encrypted page by default.
>>>>
>>>> WDYT?
>>> this.ssl = _request.isSecure();
>>>
>>> You mean something like this in the setup method of the
>>> proxyTransformer?
>> Yes, exactly. I'm not quite sure if this works reliably with SSL
>> offloading, but we'll find out.
>
> When the SSL is handled by Apache, request.isSecure() returns false.
> One could try to use an SSL connector in Tomcat, but then the SSL
> encryption CPU processing coulnd't be offloaded in a clustered
> environment.
>
> A workaround might be to use different hostnames (localhost/127.0.0.1)
> in the RewriteRule statements and check for these in the
> ProxyTransformer, but that would be my last choice.
>
> Any ideas? Maybe mod_jk would offer more options?
It basically seems to work with mod_jk and mod_rewrite.
I couldn't find how to support ProxyPassReverse behaviour yet.
ATM redirects which use the request URL passed to Tomcat
(/default/authoring/...) are passed to the browser, which
results in
cms.example.com/default/authoring/news
instead of
cms.example.com/news
I changed some of the redirects so that they use the proxy settings:
<map:match pattern="**/">
<map:redirect-to
uri="{proxy:/{page-envelope:publication-id}/{1}/index.html}"/>
</map:match>
This seems to work.
I'll do some more testing when I find the time.
Any comments and suggestions are very welcome.
-- Andreas
--
Andreas Hartmann, CTO
BeCompany GmbH
http://www.becompany.ch
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
