How and when are you mounting your pages?

If you are mounting them _after_ installing the HttpsMapper, then those
pages will not be mapped “under” https.
This is because a compound request mapper is created on demand when
mounting pages, in case the current root mapper is not already a compound

Please confirm if you are, in fact, mounting pages after your call to

Met vriendelijke groet,
Kind regards,

Bas Gooren

Op 8 augustus 2017 bij 12:39:12, Hendy Irawan (he...@soluvas.com) schreef:

I have managed to use XForwardedRequestWrapperFactory by creating a Filter.
I also use HttpsMapper as follows :

setRootRequestMapper(new HttpsMapper(getRootRequestMapper(), new
HttpsConfig()) {
protected Scheme getDesiredSchemeFor(IRequestHandler handler) {
final HttpServletRequest request = (HttpServletRequest)
// Assume runtime deployment is always reverse proxied and
SSL-terminated by load balancer
// WARNING: This requires proper
XForwardedRequestWrapperFactory configuration AND nginx configuration
final Scheme desiredScheme =
"https".equalsIgnoreCase(request.getScheme()) ? Scheme.HTTPS :
log.debug("Scheme: {} Secure: {} Remote Addr: {}
desiredScheme for {}: {}",
request.getScheme(), request.isSecure(),
null != handler ? handler.getClass().getSimpleName()
: null, desiredScheme);
return desiredScheme;

However, even though I've confirmed that XForwardedRequestWrapperFactory
works as intended (settings scheme=https and isSecure=true),
getDesiredSchemeFor() always returns HTTPS in my case, initial redirect for
stateful pages are always done using HTTP. i.e. from https://.../match/edit
redirected to http://.../match/edit?1, while I would expect it to be
redirected to https://.../match/edit?1

Please help, thank you in advance.

View this message in context:
Sent from the Users forum mailing list archive at Nabble.com.

To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org

Reply via email to