[Deploying Sakai] Sakai over HTTPS + HAPROXY

Miguel Carro Pellicer mcarro at entornosdeformacion.com
Wed Jan 21 08:12:10 PST 2015 

Hi Subscribers,

Are someone using Sakai over HTTPS using HAPROXY? I have a weird problem 
with this configuration, some tools are not rendering properly because 
says they are under HTTP, despite the iframe is loaded under HTTPS....

The tools are gradebook, sections, chat, site-manage-participants, 
sitestats, sections....and some developed by myself using Wicket 6. I 
configured force.url.secure=443 and all the URLs are over HTTPS.

The problem is because we're trying to use HAPROXY as webserver, the 
connection between users and HAPROXY is over HTTPS, then HAPROXY 
communicates with tomcat using HTTP.

Here is the HA configuration:

# BALANCER HTTPS LOGS
frontend https
         bind                    X.X.X.X:443 ssl crt /etc/ssl/private/X.pem
         option                  dontlognull
	reqadd 			X-Forwarded-Proto:\ https
         default_backend         sakai_https
         use_backend             sakai_https     if { ssl_fc_sni XXXXX }
         use_backend             sakai_https     if { ssl_fc_sni XXXXX }
backend sakai_https
         mode                    http
	#http-request set-header X-Forwarded-Proto https if  { ssl_fc }
	#http-request set-header X-Forwarded-Proto https  if !{ ssl_fc }
	redirect scheme https 	if !{ ssl_fc }
         balance                 source
	option 			http-server-close
	option 			forwardfor header X-Real-IP
         timeout connect         30000
         timeout server          30000
	rspirep 		^Location:\ http://(.*):80(.*)  Location:\ https://\1:443\2
	rspirep 		^(set-cookie:.*)  \1;\ Secure
         retries                 2
	option                  httpchk HEAD /content/monty/3e3e4r5tw.html HTTP/1.0
         server                  sakai01 X.X.X.X:8080 check inter 5000
         server                  sakai02 X.X.X.X:8080 check inter 50000



Thanks for any help, Miguel

-- 
Miguel Carro Pellicer
Logo 	

Miguel Carro 
Pellicer<http://es.linkedin.com/pub/miguel-carro-pellicer/38/502/b92>
/CTO Entornos de Formación S.L./

Phone: +34 - 686266485
Email: mcarro at entornosdeformacion.com 
<mailto:mcarro at entornosdeformacion.com>

No me imprimas si no es necesario. Protejamos el medio ambiente


AVISO LEGAL: El contenido de este mensaje de correo electrónico, 
incluidos los ficheros adjuntos, es confidencial y está protegido por el 
artículo 18.3 de la Constitución Española, que garantiza el secreto de 
las comunicaciones.
Si usted recibe este mensaje por error, por favor póngase en contacto 
con el remitente para informarle de este hecho, y no difunda su 
contenido ni haga copias.
*** Este mensaje ha sido verificado con herramientas de eliminación de 
virus y contenido malicioso ***
Este aviso legal ha sido incorporado automáticamente al mensaje.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/production/attachments/20150121/7adb6893/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: entornos_logo.jpg
Type: image/jpeg
Size: 8726 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/production/attachments/20150121/7adb6893/attachment.jpg 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: linkedin.jpg
Type: image/jpeg
Size: 1103 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/production/attachments/20150121/7adb6893/attachment-0001.jpg

More information about the production mailing list