[Deploying Sakai] Sakai over HTTPS + HAPROXY
Miguel Carro Pellicer
mcarro at entornosdeformacion.com
Wed Jan 21 08:12:10 PST 2015
Hi Subscribers,
Are someone using Sakai over HTTPS using HAPROXY? I have a weird problem
with this configuration, some tools are not rendering properly because
says they are under HTTP, despite the iframe is loaded under HTTPS....
The tools are gradebook, sections, chat, site-manage-participants,
sitestats, sections....and some developed by myself using Wicket 6. I
configured force.url.secure=443 and all the URLs are over HTTPS.
The problem is because we're trying to use HAPROXY as webserver, the
connection between users and HAPROXY is over HTTPS, then HAPROXY
communicates with tomcat using HTTP.
Here is the HA configuration:
# BALANCER HTTPS LOGS
frontend https
bind X.X.X.X:443 ssl crt /etc/ssl/private/X.pem
option dontlognull
reqadd X-Forwarded-Proto:\ https
default_backend sakai_https
use_backend sakai_https if { ssl_fc_sni XXXXX }
use_backend sakai_https if { ssl_fc_sni XXXXX }
backend sakai_https
mode http
#http-request set-header X-Forwarded-Proto https if { ssl_fc }
#http-request set-header X-Forwarded-Proto https if !{ ssl_fc }
redirect scheme https if !{ ssl_fc }
balance source
option http-server-close
option forwardfor header X-Real-IP
timeout connect 30000
timeout server 30000
rspirep ^Location:\ http://(.*):80(.*) Location:\ https://\1:443\2
rspirep ^(set-cookie:.*) \1;\ Secure
retries 2
option httpchk HEAD /content/monty/3e3e4r5tw.html HTTP/1.0
server sakai01 X.X.X.X:8080 check inter 5000
server sakai02 X.X.X.X:8080 check inter 50000
Thanks for any help, Miguel
--
Miguel Carro Pellicer
Logo
Miguel Carro
Pellicer<http://es.linkedin.com/pub/miguel-carro-pellicer/38/502/b92>
/CTO Entornos de Formación S.L./
Phone: +34 - 686266485
Email: mcarro at entornosdeformacion.com
<mailto:mcarro at entornosdeformacion.com>
No me imprimas si no es necesario. Protejamos el medio ambiente
AVISO LEGAL: El contenido de este mensaje de correo electrónico,
incluidos los ficheros adjuntos, es confidencial y está protegido por el
artículo 18.3 de la Constitución Española, que garantiza el secreto de
las comunicaciones.
Si usted recibe este mensaje por error, por favor póngase en contacto
con el remitente para informarle de este hecho, y no difunda su
contenido ni haga copias.
*** Este mensaje ha sido verificado con herramientas de eliminación de
virus y contenido malicioso ***
Este aviso legal ha sido incorporado automáticamente al mensaje.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/production/attachments/20150121/7adb6893/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: entornos_logo.jpg
Type: image/jpeg
Size: 8726 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/production/attachments/20150121/7adb6893/attachment.jpg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: linkedin.jpg
Type: image/jpeg
Size: 1103 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/production/attachments/20150121/7adb6893/attachment-0001.jpg
More information about the production
mailing list