So in this configuration, when a user on wants to or needs to log in, they basically end up hitting This is where a check for HTTPS is done and, since the connection is not yet HTTPS will issue a redirect back to to complete the login.Īnd this, in conjunction with the HTTP connector between HTTPd and Liferay/Tomcat, is what causes the redirect loop. The crux of the issue is the setting of the .https property in portal-ext.properties.īasically when you set this property to true, you are saying that when a user logs in, you want to force them into the secure https side. My good friend and coworker Nathan Shaw told me of a case he was aware of that was similar but was from Nginx although different web servers, the 302 redirect loop on /c/portal/login?null was an exact match. There was no log messages in Liferay/Tomcat and repeated 302 messages in the HTTPd logs. The only info I had was the redirect URL. Unauthenticated traffic worked just fine, but as soon as you would try to access a secured resource that required authentication, a redirect loop resulted with HTTPd finally terminating the loop. Today I was actually working on a similar setup that used the HTTP connector for SSL + HTTPd + Liferay/Tomcat.
This is actually a key aspect for a working setup for SSL + HTTPd + Liferay/Tomcat. If you tear into the second post, you'll find that I was using the AJP connector to join HTTPd and Tomcat together. The foundation of that blog post was my Fronting Liferay Tomcat with Apache HTTPd post and added terminating SSL at HTTPd and configuring the Liferay instance running under Tomcat to use HTTPS for all of the communication. So I have a blog I created a long time ago dealing w/ Liferay and SSL.
0 kommentar(er)
