Tigase Forge
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
tigase-http-api
Code
Pull Requests
Issues
List
Boards
Iterations
Builds
Statistics
Child Projects
OneDev 10.9.4
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects tigase _server tigase-http-api Issues #113
Add condition to redirect only if the X-Forwarded-Proto has certain value (#113)
Closed
wojciech.kapcia@tigase.net opened 3 years ago
Due Date
2021-05-07

(followup to #issue #108)

Currently redirect option takes effect always and in general that would be OK, but it somewhat breaks if we put Tigase behind LB/Proxy/anything that would terminate HTTPS for us:

8080 () {
    redirectUri = 'https://{host}:443'
}

In above case, we the ELB handles HTTPS (on port 443) and redirects it to Tigase on 8080 this would result in infinite redirect.

In general it's recommended to use X-Forwarded-Proto header and make the redirection (http->https) only if it's value equals to http (e.g. How do I redirect HTTP traffic to HTTPS on my Classic Load Balancer?)

Please add option redirectOnlyHttp which would condition whether redirect should be made (do we want to have "redirect" bean which would contain both condition and target URI? Or maybe redirectCondition with options http, https, always, never for more flexibility?)
Andrzej Wójcik (Tigase) commented 3 years ago

Due to this new requirement, I will need to reimplement the whole redirect implementation as until now it started a "dummy" server that redirected all requests. Now we need to have a single server with filter which will take some action before actual servlet will be called.
wojciech.kapcia@tigase.net commented 3 years ago

Could you set the estimate for this feature?
Andrzej Wójcik (Tigase) commented 3 years ago

I should have it ready tomorrow by the end of a day.
Andrzej Wójcik (Tigase) commented 3 years ago

The feature is implemented and pushed into issue #113 branches for Tigase HTTP API and Tigase HTTP API - Jetty. I've decided to replace the previous implementation using a separate HTTP server for redirections with the usage of HTTP servlet filter preprocessing requests and triggering redirection when needed. Due to that I've added redirectCondition and from now on you need to set redirectionUri and correct condition for redirection to happen (default is never);
wojciech.kapcia@tigase.net commented 3 years ago

Looks and works OK. I corrected the documentation as it was using wrong configuration options and added information about requirement to configure condition.
wojciech.kapcia@tigase.net commented 3 years ago 
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.1:compile (default-compile) on project tigase-http-api-jetty: Compilation failure
[ERROR] /Users/wojtek/dev/tigase/tigase-http-api-jetty/src/main/java/tigase/http/jetty/JettyOSGiHttpServer.java:[45,8] tigase.http.jetty.JettyOSGiHttpServer is not abstract and does not override abstract method getName() in tigase.http.api.HttpServerIfc
wojciech.kapcia@tigase.net commented 3 years ago

Branch in http-api-jetty wasn't merged.
issue 1 of 1
Type
Bug
Priority
Normal
Assignee
wojciech.kapcia@tigase.net
Version
tigase-server-8.2.0
Related
Depend
Issue Votes (0)
Login to vote
Watchers (0)
Reference
tigase/_server/tigase-http-api#113
Please wait...
Page is in error, reload to recover