[midPoint] Midpoint does not seem to respect X-Forwarded-Port header
Frédéric Lohier
frederic at lohier.org
Mon May 18 18:53:12 CEST 2020
Hello,
I have the exact same issue as https://jira.evolveum.com/browse/MID-5819
I was using the workaround with the AJP connector, but since the Ghostcat
vulnerability (
https://wiki.evolveum.com/display/midPoint/Security+Advisory%3A+Ghostcat+Vulnerability+of+Apache+Tomcat),
using the AJP is no longer a viable option for us.
I am absolutely sure that my apache proxy sends the X-Forwarded-Proto and
X-Forwarded-Port headers (checked using mod_dumpio). I added the following :
server.use-forward-headers: true
server.tomcat.protocol-header: X-Forwarded-Proto
server.tomcat.protocol-header-https-value: https
to my Midpoint (4.0.2) application.yml file, but Midpoint keeps redirecting
to http instead of https.
I cannot reopen the MID-5819 issue. Should I open a new issue?
-Frederic
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200518/5296e473/attachment.htm>
More information about the midPoint
mailing list