Switching to HTTPS using scheme attribute does not work for custom http and https ports --------------------------------------------------------------------------------------- Key: JBSEAM-1024 URL: http://jira.jboss.com/jira/browse/JBSEAM-1024 Project: JBoss Seam Issue Type: Bug Components: Security Affects Versions: 1.2.0.GA, 1.1.7.CR1 Reporter: H K Priority: Minor If you use custom http and https ports (say, 8080, 8443), the switching to https does not work using the 'scheme' attribute in the pages.xml. The reason is that in Pages.encodeScheme() the server port is calculated by looking at the request url, this port will be 8080, while the correct port that needs to be in the new url should be 8443. Also, it would be great if the documentation could be updated to include a warning for people with proxied environments. That is, depending on how your proxied environment is setup, using scheme might result in an infinity redirect loop. Here is how this could happen: lets say you have a webserver that can handle both http and https, however, this webserver can only talk http with the appserver. Now, if you mark a page such as 'login.xhtml' with scheme = https, then if the user types https://www.somedomain.com/login.seam, the webserver will be sending http://www.somedomain.com/login.seam to the appserver. When Seam looks at it, it will ask the browser to redirect to https again, resulting in an infinity redirect loop. Should I open a different JIRA issue for the documentation update? -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira