[jboss-user] [JBoss Seam] - Re: HTTPS redirection

Fri, 02 Nov 2007 18:32:08 -0800 

anonymous wrote : I'm now looking at trying to do a filter upstream of the Seam 
filter (sadly not an area I'm very familiar with) to change the 
HttpServletRequest URL (conditionally).
  | 

This is what we're planning to do.  I haven't tested it yet (don't have an ssl 
cert set up yet), but I think it should work.  I'll report back if it doesn't.

We use BIG-IP for loadbalancing and ssl decryption.  For ssl requests, we've 
configured it to add a specific request header.  I haven't tested this, but I 
think we only need to override Request.getScheme(), and not 
Request.getRequestURL().  


  | 
  | @Name("bigIpSslFilter")
  | @Scope(ScopeType.APPLICATION)
  | @BypassInterceptors
  | @org.jboss.seam.annotations.web.Filter
  | public class BigIpSslFilter implements Filter {
  | 
  |     public void destroy() {
  |     }
  | 
  |     public void doFilter(ServletRequest request, ServletResponse response,
  |                     FilterChain filterChain) throws IOException, 
ServletException {
  |             if (request instanceof HttpServletRequest) {
  |                     filterChain.doFilter(new 
BigIpSslRequest((HttpServletRequest) request), response);
  |             } else {
  |                     filterChain.doFilter(request, response);
  |             }
  |     }
  | 
  |     public void init(FilterConfig filterConfig) throws ServletException {
  |     }
  | 
  |     public static class BigIpSslRequest extends HttpServletRequestWrapper {
  | 
  |             public BigIpSslRequest(HttpServletRequest request) {
  |                     super(request);
  |             }
  |             
  |             @Override
  |             public String getScheme() {
  |                     String forwardedScheme = 
getRequest().getHeader("HTTP_X_FORWARDED_PROTO");
  |                     if (forwardedScheme != null && 
forwardedScheme.equals("https")) {
  |                             return "https";
  |                     }
  |                     return super.getScheme();
  |             }
  |             
  |             @Override
  |             public HttpServletRequest getRequest() {
  |                     return (HttpServletRequest) super.getRequest();
  |             }
  |     }
  | }
  | 

(btw, it's the same header that rails looks for to determine proxied https 
requests, since we also have some rails apps)

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4101498#4101498

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4101498
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to