[ECODP-dev] on save of a dataset we are redirected to http

John Glover john.glover at okfn.org
Mon Nov 18 13:43:43 UTC 2013


Hi Bert,

The following line in the NGINX config: proxy_set_header X-Scheme $scheme;
(this occurs in multiple locations in the NGINX config file).

Regards,
John


On 18 November 2013 14:38, Bert Van Nuffelen <bert.van.nuffelen at tenforce.com
> wrote:

> Hi John,
>
> which is the rule that does that?
>
> Best,
>
> Bert
>
>
> 2013/11/18 John Glover <john.glover at okfn.org>
>
>> Hi Bert,
>>
>> The beaker settings only effect the cookie that is used for
>> authentication, they have no impact on the redirects.
>>
>> I think that the current issue with the redirects is due to the Apache
>> setup. With NGINX, for each request we set the header HTTP_X_SCHEME to
>> either 'http' or 'https' depending on the request type, and this value is
>> then checked by the CKAN application to decide which protocol to use for
>> redirects. You have disabled NGINX, but don't seem to be setting this value
>> anywhere in the Apache config, and CKAN is therefore defaulting to http.
>>
>> Regards,
>> John
>>
>>
>> On 15 November 2013 10:31, Bert Van Nuffelen <
>> bert.van.nuffelen at tenforce.com> wrote:
>>
>>> Hi John,
>>>
>>> it seems that the flag beaker.session.secure = true is not checked, or
>>> the goal to redirect to is not relative but set absolute.
>>>
>>> kind regards,
>>>
>>> Bert
>>>
>>>
>>> 2013/11/15 Bert Van Nuffelen <bert.van.nuffelen at tenforce.com>
>>>
>>>> Hi John,
>>>>
>>>> it seems that we have to explicit capture http requests on with edit in
>>>> to stay in https?
>>>>
>>>> I tried also this, but that does not resolve it completely.
>>>>
>>>> beaker.session.httponly = false
>>>> beaker.session.secure = true
>>>>
>>>> After the save I end up in the http instead of https.
>>>>
>>>> kind regards,
>>>>
>>>> Bert
>>>>
>>>>
>>>>
>>>> 2013/11/15 Bert Van Nuffelen <bert.van.nuffelen at tenforce.com>
>>>>
>>>>> Hi John,
>>>>>
>>>>> I think is is subtle: in test we are redirected also to http and the
>>>>> "edit" evironment is there active.
>>>>> That is hard to spot.
>>>>>
>>>>> Bert
>>>>>
>>>>>
>>>>>
>>>>> 2013/11/15 Bert Van Nuffelen <bert.van.nuffelen at tenforce.com>
>>>>>
>>>>>> Hi John,
>>>>>>
>>>>>> On the test server it seems to work correctly.
>>>>>> The only difference I found was that the beaker.session.secure = true
>>>>>> was not active on test but active on odp.tenforce.com?
>>>>>>
>>>>>> What does this parameter has as effect?
>>>>>>
>>>>>> kind regards,
>>>>>>
>>>>>> Bert
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2013/11/15 Bert Van Nuffelen <bert.van.nuffelen at tenforce.com>
>>>>>>
>>>>>>> Dear John,
>>>>>>>
>>>>>>> how does it come that we after adding a dataset [save] are
>>>>>>> redirected to http instead stay under https?
>>>>>>>
>>>>>>> kind regards,
>>>>>>>
>>>>>>> Bert
>>>>>>>
>>>>>>> --
>>>>>>> Bert Van Nuffelen
>>>>>>>
>>>>>>> Semantic Technologies Software Architect at TenForce
>>>>>>> www.tenforce.be
>>>>>>>
>>>>>>> Bert.Van.Nuffelen at tenforce.com
>>>>>>> Office: +32 (0)16 31 48 60
>>>>>>> Mobile:+32 479 06 24 26
>>>>>>> skype: bert.van.nuffelen
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Bert Van Nuffelen
>>>>>>
>>>>>> Semantic Technologies Software Architect at TenForce
>>>>>> www.tenforce.be
>>>>>>
>>>>>> Bert.Van.Nuffelen at tenforce.com
>>>>>> Office: +32 (0)16 31 48 60
>>>>>> Mobile:+32 479 06 24 26
>>>>>> skype: bert.van.nuffelen
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Bert Van Nuffelen
>>>>>
>>>>> Semantic Technologies Software Architect at TenForce
>>>>> www.tenforce.be
>>>>>
>>>>> Bert.Van.Nuffelen at tenforce.com
>>>>> Office: +32 (0)16 31 48 60
>>>>> Mobile:+32 479 06 24 26
>>>>> skype: bert.van.nuffelen
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Bert Van Nuffelen
>>>>
>>>> Semantic Technologies Software Architect at TenForce
>>>> www.tenforce.be
>>>>
>>>> Bert.Van.Nuffelen at tenforce.com
>>>> Office: +32 (0)16 31 48 60
>>>> Mobile:+32 479 06 24 26
>>>> skype: bert.van.nuffelen
>>>>
>>>
>>>
>>>
>>> --
>>> Bert Van Nuffelen
>>>
>>> Semantic Technologies Software Architect at TenForce
>>> www.tenforce.be
>>>
>>> Bert.Van.Nuffelen at tenforce.com
>>> Office: +32 (0)16 31 48 60
>>> Mobile:+32 479 06 24 26
>>> skype: bert.van.nuffelen
>>>
>>> _______________________________________________
>>> ecodp-dev mailing list
>>> ecodp-dev at lists.okfn.org
>>> http://lists.okfn.org/mailman/listinfo/ecodp-dev
>>>
>>>
>>
>> _______________________________________________
>> ecodp-dev mailing list
>> ecodp-dev at lists.okfn.org
>> http://lists.okfn.org/mailman/listinfo/ecodp-dev
>>
>>
>
>
> --
> Bert Van Nuffelen
>
> Semantic Technologies Software Architect at TenForce
> www.tenforce.be
>
> Bert.Van.Nuffelen at tenforce.com
> Office: +32 (0)16 31 48 60
> Mobile:+32 479 06 24 26
> skype: bert.van.nuffelen
>
> _______________________________________________
> ecodp-dev mailing list
> ecodp-dev at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/ecodp-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/ecodp-dev/attachments/20131118/47ddd365/attachment-0001.html>


More information about the ecodp-dev mailing list