Uploaded image for project: 'Shindig'
  1. Shindig
  2. SHINDIG-1111

override host name when behind a reverse proxy

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.0
    • Fix Version/s: 1.1-BETA1
    • Component/s: PHP
    • Labels:
      None
    • Environment:
      GNU/Linux

      Description

      When the shindig server sits behind a reverse proxy, OAuthRequest will be built using the host name used by the reverse proxy instead of the extrenal name. A configuration parameter is added (with the following tentative patch) to allow overriding this default with a known domain name. If this can't be done the signature will always be wrong ( because the hostname is part of the base_string ).

      diff -r ef48cba39a7d usr/src/shindig-1.0-incubating-php/config/container.php
      — a/usr/src/shindig-1.0-incubating-php/config/container.php Sun Jul 12 17:08:43 2009 +0200
      +++ b/usr/src/shindig-1.0-incubating-php/config/container.php Mon Jul 13 23:37:13 2009 +0200
      @@ -137,5 +137,6 @@
      'proxy' => '',

      // If your server is behind a reverse proxy, set the real hostname here
      + 'http_host' => NULL
      + // 'http_host' => 'shindig.opensocial.dachary.org'
      );
      diff -r ef48cba39a7d usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php
      — a/usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php Sun Jul 12 17:08:43 2009 +0200
      +++ b/usr/src/shindig-1.0-incubating-php/src/social/servlet/ApiServlet.php Mon Jul 13 23:37:13 2009 +0200
      @@ -75,7 +75,9 @@

      public function getSecurityToken() {
      // see if we have an OAuth request

      • $request = OAuthRequest::from_request();
        + $scheme = (! isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http' : 'https';
        + $http_url = $scheme . '://' . ( Config::get('http_host') ? Config::get('http_host') : $_SERVER['HTTP_HOST']) . $_SERVER['REQUEST_URI'];
        + $request = OAuthRequest::from_request(NULL, $http_url , NULL);
        $appUrl = $request->get_parameter('oauth_consumer_key');
        $userId = $request->get_parameter('xoauth_requestor_id'); // from Consumer Request extension (2-legged OAuth)
        $signature = $request->get_parameter('oauth_signature');

        Attachments

          Activity

            People

            • Assignee:
              chabotc Chris Chabot
              Reporter:
              loic Loic Dachary
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: