Combination View Flat View Tree View
Threads [ Previous | Next ]
Oliver Bayer
Liferay 5.2.3 Apache webserver + tomcat https problem
August 28, 2012 5:21 AM
Answer

Oliver Bayer

Rank: Liferay Master

Posts: 829

Join Date: February 18, 2009

Recent Posts

Hi there,

I know there are many threads regarding the setup of ssl but no given solution seems to be working in my case.

My usecase:
Liferay 5.2.3 CE (tomcat 6.0.18) is running behind an apache webserver (not on the same server). The webserver handles https in the virtual host file (port 443) and redirects with mod_jk and the jk mount to the tomcat ajp port 8009. What I'm trying to achieve is that all trafic should be handled with http besides the login which should be secured via https. So nothing fancy here I think emoticon.

What's working right now:
If I call the server url directly using https the login is working as expected.

Not working:
If I call the url using http the browser gets redirected to https by setting company.security.auth.requires.https=true. But after entering the credentials the user isn't logged in.

Used properties:
1company.security.auth.requires.https=true
2web.server.http.port=80
3web.server.https.port=443
4web.server.host=myhost.example.com
5com.liferay.portal.servlet.filters.sessionid.SessionIdFilter=false/true (both don't work)

What's the best way to "debug" the setup? I'm really looking forward to any hints.

Greets Oli
Oliver Bayer
[solved] RE: Liferay 5.2.3 Apache webserver + tomcat https problem
September 11, 2012 5:02 AM
Answer

Oliver Bayer

Rank: Liferay Master

Posts: 829

Join Date: February 18, 2009

Recent Posts

Hi,

it seems -at least for me- as a liferay bug emoticon. Comparing it with liferay v6.1.0 I've found the place where you have to put the bugfix in. You have to use the ext environment and override the "PortalRequestProcessor" class. Change the method "protected String getLastPath(HttpServletRequest request)" at line 376 to look exactly the same way as LoginAction.getCompleteRedirectURL line 156 from liferay v6.1.0.

See the following code snippet as reference:
1if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
2    (httpsInitial != null) && (!httpsInitial.booleanValue())) {
3   
4change to:
5if ((PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS) &&
6    [b](!PropsValues.SESSION_ENABLE_PHISHING_PROTECTION) &&[/b]
7    (httpsInitial != null) && (!httpsInitial.booleanValue())) {

HTH Oli