Glassfish HTTPS redirect behind SSL offloader and Apache

Question

I have this configuration:

HTTPS load balancer / SSL offloader on port 443
Apache httpd on port 80 (different IP), using ProxyPass, ProxyPassReverse to forward to...
multiple Glassfish domains listening on different ports

Problem: Neither Glassfish nor Apache is aware that the request is HTTPS. Redirects to URLs like "/index.jsp" are being rewritten in Glassfish as http://internal_ip/index.jsp, then ProxyPassReverse rewrites to http://public_ip/index.jsp. Problem is, I need that URL to be http*s*://public_ip/...

How do I fix that - is there some Glassfish configuration I can change, or Apache httpd.conf?

score 0 · Accepted Answer · answered Jun 05 '12 at 08:13

0

I see two solutions to that:

1) use your loadbalancer to manipulate apaches response (iRule in F5, flex for A10 loadbalancers etc.)

2) set up something on the loadbalancer to send another redirect to requests coming in via HTTP to use HTTPS

answered Jun 05 '12 at 08:13

Sven

16

I already have the redirect in place, so all content is served over HTTPS. The problem I'm trying to solve is the IE popup warnings "you are about to access an insecure site" that briefly flash when the browser attempts to follow HTTP redirects (and is then redirected to HTTPS) – wrschneider Jun 05 '12 at 13:18
I agree, having loadbalancer re-write Location header in response (analogous to Apache ProxyPassReverse, if Apache were doing load balance and SSL offloading) is probably the best solution – wrschneider Jun 19 '12 at 15:02

Glassfish HTTPS redirect behind SSL offloader and Apache

1 Answers1