[jboss-user] [JBoss Seam] - Re: HTTPS redirection

matt.drees do-not-reply at jboss.com
Fri Nov 2 22:28:05 EDT 2007 

anonymous wrote : I'm now looking at trying to do a filter upstream of the Seam filter (sadly not an area I'm very familiar with) to change the HttpServletRequest URL (conditionally).
  | 

This is what we're planning to do.  I haven't tested it yet (don't have an ssl cert set up yet), but I think it should work.  I'll report back if it doesn't.

We use BIG-IP for loadbalancing and ssl decryption.  For ssl requests, we've configured it to add a specific request header.  I haven't tested this, but I think we only need to override Request.getScheme(), and not Request.getRequestURL().  


  | 
  | @Name("bigIpSslFilter")
  | @Scope(ScopeType.APPLICATION)
  | @BypassInterceptors
  | @org.jboss.seam.annotations.web.Filter
  | public class BigIpSslFilter implements Filter {
  | 
  | 	public void destroy() {
  | 	}
  | 
  | 	public void doFilter(ServletRequest request, ServletResponse response,
  | 			FilterChain filterChain) throws IOException, ServletException {
  | 		if (request instanceof HttpServletRequest) {
  | 			filterChain.doFilter(new BigIpSslRequest((HttpServletRequest) request), response);
  | 		} else {
  | 			filterChain.doFilter(request, response);
  | 		}
  | 	}
  | 
  | 	public void init(FilterConfig filterConfig) throws ServletException {
  | 	}
  | 
  | 	public static class BigIpSslRequest extends HttpServletRequestWrapper {
  | 
  | 		public BigIpSslRequest(HttpServletRequest request) {
  | 			super(request);
  | 		}
  | 		
  | 		@Override
  | 		public String getScheme() {
  | 			String forwardedScheme = getRequest().getHeader("HTTP_X_FORWARDED_PROTO");
  | 			if (forwardedScheme != null && forwardedScheme.equals("https")) {
  | 				return "https";
  | 			}
  | 			return super.getScheme();
  | 		}
  | 		
  | 		@Override
  | 		public HttpServletRequest getRequest() {
  | 			return (HttpServletRequest) super.getRequest();
  | 		}
  | 	}
  | }
  | 

(btw, it's the same header that rails looks for to determine proxied https requests, since we also have some rails apps)

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4101498#4101498

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4101498

More information about the jboss-user mailing list