Uploaded image for project: 'Wicket'
  1. Wicket
  2. WICKET-5000

HttpsMapper Appends Context Root when Behind Apache Proxy

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Won't Fix
    • Affects Version/s: 6.5.0
    • Fix Version/s: None
    • Component/s: wicket
    • Labels:
      None
    • Environment:
      Ubuntu 12.04 and Mac OS X Mountain Lion

      Description

      I have a Wicket app running Wicket 6.5.0 which uses HttpsMapper to switch to HTTPS for a login page and on another page. The app is deployed in Weblogic version 10.3.5.0 with a context root of /documentation. Weblogic sits behind an Apache HTTP server which uses the Weblogic HTTP Server plugin (http://docs.oracle.com/cd/E13222_01/wls/docs81/plugins/apache.html#120648) and set up like this:

      <VirtualHost *:80>
      WebLogicHost 10.0.2.2
      WebLogicPort 7011

      SetHandler weblogic-handler
      PathPrepend /documentation

      ErrorLog ${APACHE_LOG_DIR}/error.log

      1. Possible values include: debug, info, notice, warn, error, crit,
      2. alert, emerg.
        LogLevel info

      CustomLog ${APACHE_LOG_DIR}/access.log combined

      </VirtualHost>

      <IfModule mod_ssl.c>
      <VirtualHost default:443>
      WebLogicHost 10.0.2.2
      WebLogicPort 7011
      ErrorLog ${APACHE_LOG_DIR}/ssl_error.log

      SetHandler weblogic-handler
      PathPrepend /documentation
      WLProxySSL ON
      SecureProxy ON

      1. Possible values include: debug, info, notice, warn, error, crit,
      2. alert, emerg.
        LogLevel info

      CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

      SSLEngine on
      SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
      SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
      </VirtualHost>
      </IfModule>

      I have tried overriding HttpsMapper#createRedirectUrl to remove /documentation from the URL, but it only works if I go directly to the page that is annotated with @RequireHTTPS. While debugging I discovered that the above method doesn't get called if a link is clicked or if RestartResponseAtInterceptPageException is used (with wicket-auth-roles).

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              tim273 Tim Urberg
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: