[Deploying Sakai] Trouble running SAKAI using HTTPS
Sam Ottenhoff
ottenhoff at longsight.com
Thu Feb 27 11:57:26 PST 2014
So you are running Sakai 2.9 on Tomcat 7.0? And then you have a front-end
load balancer like Nginx or Apache HTTPD in front of Tomcat that handles
the SSL?
So then your Tomcat has no idea that it is running over HTTPS. Your Tomcat
believes it is running over HTTP because Apache is talking to it over HTTP.
If yes to all of the above, then you need your front-end load balancer to
tell Tomcat that the forwarded connection is really happening over HTTPS
and not HTTP.
The easiest way to do this is by passing the X-Forwarded-Proto from the
load balancer to the Tomcat. More here:
http://collab.sakaiproject.org/pipermail/sakai-dev/2013-October/024772.html
and here:
https://confluence.sakaiproject.org/display/DOC/Sakai+Admin+Guide+-+Advanced+Tomcat++(and+Apache)+Configuration
--Sam
On Thu, Feb 27, 2014 at 2:51 PM, Luis Camargo <luis at policymedical.com>wrote:
>
> Guys,
>
> I've recently started to use sakai and I'm facing a problem which I can't
> find the solution maybe some good soul from this list could help me.
>
> The problem is related to running sakai under HTTPS. Whenever I try to
> access the gradebook tool my browser shows me that some content was blocked
> due to they are not being requested using https even though I've set the
> property force.url.secure=*443* in default.sakai.properties.
>
> I've noticed that after the gradebook page is loaded an iframe is being
> rendered with src pointing to:
>
> *https*://<mydomain>/portal/tool/<mypageid>?panel=Main
>
> Until here it's all fine, but inside this iframe all urls gets back to
> http, and the browser blocks the content saying "HTTPS security is
> compromissed by [urls for images, js, css]"
>
> I've tried to access the url from the iframe directly and I realized that
> it redirects me to a second url:
>
> *http*://<mydomain>/portal/tool/<mypageid>/overview.jsf
>
> Showing me that something is going wrong in this redirection and changes
> the protocol.
>
> Any ideas?
>
> I'm setting up a developer environment to try to debug, but I see there
> are a lot of companies using sakai under https what makes me think that it
> shouldn't be a code issue but a configuration/environment issue.
>
>
> Any help will be welcome.
>
> Thanks
>
>
>
> Best Regards,
>
> * --Luis Felipe*
>
> *Software Developer, PolicyMedical(tm)*
> http://www.policymedical.com | 1-(888) 697-6331 x 1
> Follow us! Facebook <https://www.facebook.com/PolicyMedical> | LinkedIn<http://www.linkedin.com/profile/view?id=1360231&trk=tab_pro>
> | Twitter <https://twitter.com/PolicyMedical> | Our blog<http://www.policymedical.com/blog_list>
> |
>
> _______________________________________________
> production mailing list
> production at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/production
>
> TO UNSUBSCRIBE: send email to
> production-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/production/attachments/20140227/c0c42749/attachment.html
More information about the production
mailing list