[jira] Commented: (SHINDIG-1111) override host name when behind a reverse proxy

[Loic Dachary (JIRA)]

    [ 
https://issues.apache.org/jira/browse/SHINDIG-1111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12730837#action_12730837
 ] 

Loic Dachary commented on SHINDIG-1111:
---------------------------------------

This patch is licensed by me under the same license as shindig, i.e. the apache 
2.0 license.

I did not attach the patch because I did not think it was correct. Next time I 
will attache it no matter what I think ;-)

Thanks 


> override host name when behind a reverse proxy
> ----------------------------------------------
>
>                 Key: SHINDIG-1111
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-1111
>             Project: Shindig
>          Issue Type: Bug
>          Components: PHP
>    Affects Versions: 1.0
>         Environment: GNU/Linux
>            Reporter: Loic Dachary
>            Assignee: Chris Chabot
>             Fix For: 1.1-M1
>
>
> When the shindig server sits behind a reverse proxy, OAuthRequest will be 
> built using the host name used by the reverse proxy instead of the extrenal 
> name. A configuration parameter is added (with the following tentative patch) 
> to allow overriding this default with a known domain name. If this can't be 
> done the signature will always be wrong ( because the hostname is part of the 
> base_string ).
> diff -r ef48cba39a7d usr/src/shindig-1.0-incubating-php/config/container.php
> --- a/usr/src/shindig-1.0-incubating-php/config/container.php   Sun Jul 12 
> 17:08:43 2009 +0200
> +++ b/usr/src/shindig-1.0-incubating-php/config/container.php   Mon Jul 13 
> 23:37:13 2009 +0200
> @@ -137,5 +137,6 @@
>    'proxy' => '',
>    // If your server is behind a reverse proxy, set the real hostname here
> +  'http_host' => NULL
> +  // 'http_host' => 'shindig.opensocial.dachary.org'
>  );
> diff -r ef48cba39a7d 
> usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php
> --- a/usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php    
>   Sun Jul 12 17:08:43 2009 +0200
> +++ b/usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php    
>   Mon Jul 13 23:37:13 2009 +0200
> @@ -75,7 +75,9 @@
>    public function getSecurityToken() {
>      // see if we have an OAuth request
> -    $request = OAuthRequest::from_request();
> +    $scheme = (! isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 
> 'http' : 'https';
> +    $http_url = $scheme . '://' . ( Config::get('http_host') ? 
> Config::get('http_host') : $_SERVER['HTTP_HOST']) . $_SERVER['REQUEST_URI'];
> +    $request = OAuthRequest::from_request(NULL, $http_url , NULL);
>      $appUrl = $request->get_parameter('oauth_consumer_key');
>      $userId = $request->get_parameter('xoauth_requestor_id'); // from 
> Consumer Request extension (2-legged OAuth)
>      $signature = $request->get_parameter('oauth_signature');

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.