That is strange as repoze.who.friendlyform uses webob.path_url to generate the redirect and req.path_url uses wsgi.url_scheme to create the ending url. So it should behave exactly like the other redirects.
Try to place a middleware around your application to print out the value of req.path_url just before the redirect is built, it might be helpful to understand what is happening. On Thu, May 31, 2012 at 10:21 PM, Moritz Schlarb <[email protected]> wrote: > Sadly, the issue reappeared, out of nowhere... > > But not at the point where repoze.what-1.0.9 redirects you to the login > page, but on the login_handler page from repoze.who-1.0.19 ... > > $ curl -v -d 'username=user&password=pass' > https://sauce.zdv.uni-mainz.de:8088/login_handler > >> POST /login_handler HTTP/1.1 >> User-Agent: curl/7.24.0 (x86_64-pc-linux-gnu) libcurl/7.24.0 >> GnuTLS/2.12.18 zlib/1.2.5 >> Host: sauce.zdv.uni-mainz.de:8088 >> Accept: */* >> Content-Length: 42 >> Content-Type: application/x-www-form-urlencoded >> > * upload completely sent off: 42 out of 42 bytes > < HTTP/1.1 302 Found > < Date: Thu, 31 May 2012 20:17:50 GMT > < Server: PasteWSGIServer/0.5 Python/2.7.2+ > < Location: http://sauce.zdv.uni-mainz.de:8088/post_login?__logins=0 > < Content-Length: 295 > < Content-Type: text/html; charset=UTF-8 > < Vary: Accept-Encoding > < > <html> > <head> > <title>302 Found</title> > </head> > <body> > <h1>302 Found</h1> > The resource was found at <a > href="http://sauce.zdv.uni-mainz.de:8088/post_login?__logins=0";>http://sauce.zdv.uni-mainz.de:8088/post_login?__logins=0</a>; > you should be redirected automatically. > > > </body> > </html> > > I change nothing on the settings regarding the wsgi.url_scheme... > > Any ideas? > > Am Montag, 21. Mai 2012 23:34:09 UTC+2 schrieb Moritz Schlarb: >> >> Thanks, Alessandro, >> >> For future references, I'd like to add, that you have to tell the proxying >> Apache to set that header. >> Therefore add the following line to the Apache proxy config: >> >> RequestHeader set X_URL_SCHEME https >> >> Then you can use >> >> environ['wsgi.url_scheme'] = environ.get('HTTP_X_URL_SCHEME', 'http') >> >> Cheers, >> Moritz >> >> Am Montag, 21. Mai 2012 16:11:55 UTC+2 schrieb Alessandro Molina: >>> >>> The redirection is created using the protocol that has been used to >>> fetch the request. >>> As APACHE is probably fetching the answer from Paste using HTTP and >>> not HTTPS you get the redirection as HTTP. >>> >>> You should add to your application a middleware that does something like: >>> >>> environ['wsgi.url_scheme'] = environ.get('HTTP_X_URL_SCHEME', >>> 'http') >>> or >>> if environ['HTTP_X_PROXY_HOST'].split(':')[1] == '443': >>> environ['wsgi.url_scheme'] = 'https' >>> >>> depending on which headers apache is setting on proxy. >>> The point is that you have to detect if the original request was HTTPS >>> or not and set url_scheme accordingly. >>> >>> On Mon, May 21, 2012 at 3:19 PM, Moritz Schlarb wrote: >>> > I was sure I had already read something about that error, but I'm >>> > unable to >>> > find it... >>> > >>> > I wanted to deploy a development version of my application on another >>> > port >>> > at the Apache proxy frontend. >>> > >>> > So I added a https-only VirtualHost on Port 8088 and configured the >>> > ProxyPass directives accordingly. >>> > It works, but on some point I get redirected to the login page and then >>> > the >>> > protocol does not preserve the https. >>> > >>> > curl gives me this: >>> > >>> > $ curl -I https://sauce.zdv.uni-mainz.de:8088/events/eip12/lessons/2 >>> > HTTP/1.1 302 Found >>> > Date: Mon, 21 May 2012 13:18:02 GMT >>> > Server: PasteWSGIServer/0.5 Python/2.7.2+ >>> > Content-Type: text/html; charset=UTF-8 >>> > Location: >>> > >>> > http://sauce.zdv.uni-mainz.de:8088/login?came_from=http%3A%2F%2Fsauce.zdv.uni-mainz.de%3A8088%2Fevents%2Feip12%2Flessons%2F2 >>> > Set-Cookie: >>> > >>> > webflash=%7B%22status%22%3A%20%22warning%22%2C%20%22message%22%3A%20%22You%20have%20no%20permission%20to%20manage%20Lessons%20for%20this%20Event%22%7D; >>> > Path=/ >>> > Vary: Accept-Encoding >>> > >>> > You see, the redirection goes to plain http. >>> > (I've checked, the issue also occurs when I get redirected to the login >>> > page >>> > on the normal instance, but since I do a redirection to the https >>> > protocol >>> > in Apache, it is not bad there.) >>> > >>> > How can I make repoze.who redirect to the correct protocol? >>> > >>> > Cheers, >>> > Moritz >>> > >>> > -- >>> > You received this message because you are subscribed to the Google >>> > Groups >>> > "TurboGears" group. >>> > To view this discussion on the web visit >>> > https://groups.google.com/d/msg/turbogears/-/x6RRuAtVH8oJ. >>> > To post to this group, send email to [email protected]. >>> > To unsubscribe from this group, send email to >>> > [email protected]. >>> > For more options, visit this group at >>> > http://groups.google.com/group/turbogears?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "TurboGears" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/turbogears/-/Ic-IXyVz3wMJ. > > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/turbogears?hl=en. -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/turbogears?hl=en.
