Dynamic https

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Dynamic https

Adolfo Benedetti
Hi Everyone,


Some of our pages should use http or https depending on the status of
a boolean property within the documents, we tried to solve the problem
using an HstSiteMapHandler, there is no problem checking the value of
the boolean in the handler, but at this point, there is no way to set
the virtual host scheme (http or https) that should be used in the
URL.

Is there any option regarding the handler that we can use to solve it?
Or, it is posible to make the filter configuration of the Hippo
HttpsFilter[1] dynamic?

All suggestions are welcome.


Cheers,

--
Adolfo Benedetti
[1]http://httpsfilter.forge.onehippo.org/
_______________________________________________
Hippo-cms7-user mailing list and forums
http://www.onehippo.org/cms7/support/forums.html
Ard
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic https

Ard
On Thu, Aug 2, 2012 at 5:18 PM, Adolfo Benedetti
<[hidden email]> wrote:
> Hi Everyone,
>
>
> Some of our pages should use http or https depending on the status of
> a boolean property within the documents, we tried to solve the problem
> using an HstSiteMapHandler, there is no problem checking the value of
> the boolean in the handler, but at this point, there is no way to set
> the virtual host scheme (http or https) that should be used in the
> URL.

You need a client side redirect. Just use the response.sendRedirect
and use a fully qualified url including scheme (check the hst mount
however whether you should include portnumber and contextpath).  You
could also ask the linkrewriter to create a fully qualified link for
the document you have (the doc that has the property  secure = true).
Then replace http with https

Perhaps I am missing something here though

Regards Ard

>
> Is there any option regarding the handler that we can use to solve it?
> Or, it is posible to make the filter configuration of the Hippo
> HttpsFilter[1] dynamic?
>
> All suggestions are welcome.
>
>
> Cheers,
>
> --
> Adolfo Benedetti
> [1]http://httpsfilter.forge.onehippo.org/
> _______________________________________________
> Hippo-cms7-user mailing list and forums
> http://www.onehippo.org/cms7/support/forums.html



--
Amsterdam - Oosteinde 11, 1017 WT Amsterdam
Boston - 1 Broadway, Cambridge, MA 02142

US +1 877 414 4776 (toll free)
Europe +31(0)20 522 4466
www.onehippo.com
_______________________________________________
Hippo-cms7-user mailing list and forums
http://www.onehippo.org/cms7/support/forums.html
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic https

Adolfo Benedetti
Hi Ard,


Thank you for your response,

We already evaluate the redirect option, but the real goal is to have
the link associated to the document with the correct protocol, so if
we have a link to a document marked as secure, that link should be
created with the https scheme.

Now, regarding the client side redirect; we can check the scheme using
'request.isSecure()' or
'request.getRequestContext().getResolvedMount().getMount().getVirtualHost().getScheme()'
to control the redirect, but this will not work in the channelManager.
how can we identify that the request is from the channelManager, in
order to avoid the redirect in this case?

Thank you,


--
Adolfo Benedetti


2012/8/2 Ard Schrijvers <[hidden email]>:

> On Thu, Aug 2, 2012 at 5:18 PM, Adolfo Benedetti
> <[hidden email]> wrote:
>> Hi Everyone,
>>
>>
>> Some of our pages should use http or https depending on the status of
>> a boolean property within the documents, we tried to solve the problem
>> using an HstSiteMapHandler, there is no problem checking the value of
>> the boolean in the handler, but at this point, there is no way to set
>> the virtual host scheme (http or https) that should be used in the
>> URL.
>
> You need a client side redirect. Just use the response.sendRedirect
> and use a fully qualified url including scheme (check the hst mount
> however whether you should include portnumber and contextpath).  You
> could also ask the linkrewriter to create a fully qualified link for
> the document you have (the doc that has the property  secure = true).
> Then replace http with https
>
> Perhaps I am missing something here though
>
> Regards Ard
>
>>
>> Is there any option regarding the handler that we can use to solve it?
>> Or, it is posible to make the filter configuration of the Hippo
>> HttpsFilter[1] dynamic?
>>
>> All suggestions are welcome.
>>
>>
>> Cheers,
>>
>> --
>> Adolfo Benedetti
>> [1]http://httpsfilter.forge.onehippo.org/
>> _______________________________________________
>> Hippo-cms7-user mailing list and forums
>> http://www.onehippo.org/cms7/support/forums.html
>
>
>
> --
> Amsterdam - Oosteinde 11, 1017 WT Amsterdam
> Boston - 1 Broadway, Cambridge, MA 02142
>
> US +1 877 414 4776 (toll free)
> Europe +31(0)20 522 4466
> www.onehippo.com
> _______________________________________________
> Hippo-cms7-user mailing list and forums
> http://www.onehippo.org/cms7/support/forums.html
_______________________________________________
Hippo-cms7-user mailing list and forums
http://www.onehippo.org/cms7/support/forums.html
Ard
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic https

Ard
Hello,

On Mon, Aug 6, 2012 at 10:31 AM, Adolfo Benedetti
<[hidden email]> wrote:
> Hi Ard,
>
>
> Thank you for your response,
>
> We already evaluate the redirect option, but the real goal is to have
> the link associated to the document with the correct protocol, so if
> we have a link to a document marked as secure, that link should be
> created with the https scheme.

IIUC, you have the document, and you have the property, so you know
whether you need a secure url or not, right? It is unclear to me what
you are unable to do. Is it the problem that you cannot create a link
with https in it? Or to inspect the request whether it was https?

>
> Now, regarding the client side redirect; we can check the scheme using
> 'request.isSecure()' or
> 'request.getRequestContext().getResolvedMount().getMount().getVirtualHost().getScheme()'
> to control the redirect, but this will not work in the channelManager.
> how can we identify that the request is from the channelManager, in
> order to avoid the redirect in this case?

I think we should first solve your first issue instead of now also
introducing a new one, the channel manager. Either way, I assume you
do not want the redirect in channel mngr case, so make sure your
sitemap item handler only does its https/http redirecting for normal
requests. In other words, not when

HstRequestContext reqContext =
HstRequestUtils.getHstRequestContext(servletRequest);
reqContext,isCmsRequest() == false

Think the AbstractHstSiteMapHandler from which you most likely extend
should get a utility method getRequestContext

Hope this helps

Regards Ard

>
> Thank you,
>
>
> --
> Adolfo Benedetti
>
>
> 2012/8/2 Ard Schrijvers <[hidden email]>:
>> On Thu, Aug 2, 2012 at 5:18 PM, Adolfo Benedetti
>> <[hidden email]> wrote:
>>> Hi Everyone,
>>>
>>>
>>> Some of our pages should use http or https depending on the status of
>>> a boolean property within the documents, we tried to solve the problem
>>> using an HstSiteMapHandler, there is no problem checking the value of
>>> the boolean in the handler, but at this point, there is no way to set
>>> the virtual host scheme (http or https) that should be used in the
>>> URL.
>>
>> You need a client side redirect. Just use the response.sendRedirect
>> and use a fully qualified url including scheme (check the hst mount
>> however whether you should include portnumber and contextpath).  You
>> could also ask the linkrewriter to create a fully qualified link for
>> the document you have (the doc that has the property  secure = true).
>> Then replace http with https
>>
>> Perhaps I am missing something here though
>>
>> Regards Ard
>>
>>>
>>> Is there any option regarding the handler that we can use to solve it?
>>> Or, it is posible to make the filter configuration of the Hippo
>>> HttpsFilter[1] dynamic?
>>>
>>> All suggestions are welcome.
>>>
>>>
>>> Cheers,
>>>
>>> --
>>> Adolfo Benedetti
>>> [1]http://httpsfilter.forge.onehippo.org/
>>> _______________________________________________
>>> Hippo-cms7-user mailing list and forums
>>> http://www.onehippo.org/cms7/support/forums.html
>>
>>
>>
>> --
>> Amsterdam - Oosteinde 11, 1017 WT Amsterdam
>> Boston - 1 Broadway, Cambridge, MA 02142
>>
>> US +1 877 414 4776 (toll free)
>> Europe +31(0)20 522 4466
>> www.onehippo.com
>> _______________________________________________
>> Hippo-cms7-user mailing list and forums
>> http://www.onehippo.org/cms7/support/forums.html
> _______________________________________________
> Hippo-cms7-user mailing list and forums
> http://www.onehippo.org/cms7/support/forums.html



--
Amsterdam - Oosteinde 11, 1017 WT Amsterdam
Boston - 1 Broadway, Cambridge, MA 02142

US +1 877 414 4776 (toll free)
Europe +31(0)20 522 4466
www.onehippo.com
_______________________________________________
Hippo-cms7-user mailing list and forums
http://www.onehippo.org/cms7/support/forums.html