Juan Gonzalez 6年 前 Thanks David! I thought I was the only one considering these SSL offloading issues when I implemented these configuration properties in https://issues.liferay.com/browse/LPS-45199 so everything can be configured in the proxy layer through some "de facto standard" HTTP headers. Good to know I am not the only one :-). 投票するためにはログインが必要です。 次として送信する: キャンセル David H Nebinger Juan Gonzalez 6年 前 Yeah, I got tripped up on a blog post I'm working on where I needed to use the HTTP proxy in Apache and couldn't log into Liferay any more because of the loop. I didn't see your ticket, Juan, but it wouldn't have helped in my immediate need to get things moving again. After finding the solution, though, I wanted to share! 投票するためにはログインが必要です。 次として送信する: キャンセル
David H Nebinger Juan Gonzalez 6年 前 Yeah, I got tripped up on a blog post I'm working on where I needed to use the HTTP proxy in Apache and couldn't log into Liferay any more because of the loop. I didn't see your ticket, Juan, but it wouldn't have helped in my immediate need to get things moving again. After finding the solution, though, I wanted to share! 投票するためにはログインが必要です。 次として送信する: キャンセル
Christoph Rabel 6年 前 There is another way to configure this in tomcat itself. The connector(in tomcat server.xml) has a scheme and a secure parameter that should/can be used for this. Set them and set SSLEnabled to false. <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" SSLEnabled="false" scheme="https" secure="true" redirectPort="8443" URIEncoding="UTF-8" />With these settings tomcat considers himself "secure/https" even though it isn't actually secure. 投票するためにはログインが必要です。 次として送信する: キャンセル Olaf Kock Christoph Rabel 6年 前 More details about secure="true" or using ajp on the communication layer on this ancient article: https://web.liferay.com/web/olaf.kock/blog/-/blogs/securing-liferay-chapter-3-port-issues-and-http-https 投票するためにはログインが必要です。 次として送信する: キャンセル
Olaf Kock Christoph Rabel 6年 前 More details about secure="true" or using ajp on the communication layer on this ancient article: https://web.liferay.com/web/olaf.kock/blog/-/blogs/securing-liferay-chapter-3-port-issues-and-http-https 投票するためにはログインが必要です。 次として送信する: キャンセル
Christoph Rabel 6年 前 There is another way to configure this in tomcat itself. The connector(in tomcat server.xml) has a scheme and a secure parameter that should/can be used for this. Set them and set SSLEnabled to false. <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" SSLEnabled="false" scheme="https" secure="true" redirectPort="8443" URIEncoding="UTF-8" />With these settings tomcat considers himself "secure/https" even though it isn't actually secure. 投票するためにはログインが必要です。 次として送信する: キャンセル