4 Replies Latest reply on Apr 15, 2014 12:10 PM by Arkadiusz Bazylewicz

    Using https scheme behind proxy

    Arkadiusz Bazylewicz Newbie

      Hello,

       

      In my project we have Apache server that is communicating with outside world with https, and Wildfly 8.0.0 Final behind it. Communication between apache and wildfly is done by http. Requests handled by application on Wildfly are done with http schema, and we would like them to have https schema, without really using secured channel.

       

      On JbossAS7 it could be done with something like that:

       

      <connector name="http" protocol="HTTP/1.1" scheme="https" socket-binding="http" proxy-name="xxx.xxx" proxy-port="1443"/>
      

       

      Is there a way to do it on Wildfly (or rather Undertow) also? I looked for solution, but could not find any solid answers.

       

      Thanks!

      Arek

        • 1. Re: Using https scheme behind proxy
          Tomaz Cerar Master

          add proxy-address-forwarding="true" to http-listener

          • 2. Re: Re: Using https scheme behind proxy
            Arkadiusz Bazylewicz Newbie

            It looks like this option does not work for me. I already had this config:

             

            <subsystem xmlns="urn:jboss:domain:undertow:1.0">
              <buffer-caches>
                   <buffer-cache name="default" buffer-size="1024" buffers-per-region="1024" max-regions="10"/>
              </buffer-caches>
              <server name="default-server">
                   <http-listener name="default" socket-binding="http" proxy-address-forwarding="true"/>
                   <host name="default-host" alias="localhost">
                        <location name="/" handler="welcome-content"/>
                        <filter-ref name="server-header"/>
                        <filter-ref name="x-powered-by-header"/>
                   </host>
              </server>
              <servlet-container name="default" default-buffer-cache="default" stack-trace-on-error="local-only">
                   <jsp-config/>
              </servlet-container>
              <handlers>
                   <file name="welcome-content" path="${jboss.home.dir}/welcome-content" directory-listing="true"/>
              </handlers>
              <filters>
                   <response-header name="server-header" header-name="Server" header-value="Wildfly 8"/>
                   <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow 1"/>
              </filters>
            </subsystem>
            

             

            But in my app request.getScheme() is still returning "http"

            • 3. Re: Re: Using https scheme behind proxy
              Tomaz Cerar Master

              how is your proxy server configured?

              does it send X-Forwarded-* headers?

              1 of 1 people found this helpful
              • 4. Re: Re: Re: Using https scheme behind proxy
                Arkadiusz Bazylewicz Newbie

                Thanks for the suggestion!

                I checked our apache configuration, and it turns out that after adding:

                RequestHeader set X-Forwarded-Proto "https"
                  ProxyPreserveHost On

                everything works as expected.