4 Replies Latest reply on Apr 15, 2014 12:10 PM by abazylewicz

    Using https scheme behind proxy

    abazylewicz

      Hello,

       

      In my project we have Apache server that is communicating with outside world with https, and Wildfly 8.0.0 Final behind it. Communication between apache and wildfly is done by http. Requests handled by application on Wildfly are done with http schema, and we would like them to have https schema, without really using secured channel.

       

      On JbossAS7 it could be done with something like that:

       

      <connector name="http" protocol="HTTP/1.1" scheme="https" socket-binding="http" proxy-name="xxx.xxx" proxy-port="1443"/>
      

       

      Is there a way to do it on Wildfly (or rather Undertow) also? I looked for solution, but could not find any solid answers.

       

      Thanks!

      Arek

        • 1. Re: Using https scheme behind proxy
          ctomc

          add proxy-address-forwarding="true" to http-listener

          • 2. Re: Re: Using https scheme behind proxy
            abazylewicz

            It looks like this option does not work for me. I already had this config:

             

            <subsystem xmlns="urn:jboss:domain:undertow:1.0">
              <buffer-caches>
                   <buffer-cache name="default" buffer-size="1024" buffers-per-region="1024" max-regions="10"/>
              </buffer-caches>
              <server name="default-server">
                   <http-listener name="default" socket-binding="http" proxy-address-forwarding="true"/>
                   <host name="default-host" alias="localhost">
                        <location name="/" handler="welcome-content"/>
                        <filter-ref name="server-header"/>
                        <filter-ref name="x-powered-by-header"/>
                   </host>
              </server>
              <servlet-container name="default" default-buffer-cache="default" stack-trace-on-error="local-only">
                   <jsp-config/>
              </servlet-container>
              <handlers>
                   <file name="welcome-content" path="${jboss.home.dir}/welcome-content" directory-listing="true"/>
              </handlers>
              <filters>
                   <response-header name="server-header" header-name="Server" header-value="Wildfly 8"/>
                   <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow 1"/>
              </filters>
            </subsystem>
            

             

            But in my app request.getScheme() is still returning "http"

            • 3. Re: Re: Using https scheme behind proxy
              ctomc

              how is your proxy server configured?

              does it send X-Forwarded-* headers?

              1 of 1 people found this helpful
              • 4. Re: Re: Re: Using https scheme behind proxy
                abazylewicz

                Thanks for the suggestion!

                I checked our apache configuration, and it turns out that after adding:

                RequestHeader set X-Forwarded-Proto "https"
                  ProxyPreserveHost On

                everything works as expected.