Details
-
Bug
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
None
-
None
-
None
Description
By Jeroen Hoffman
Hi,
We have the channel manager in place on our test environment which runs behind https. Both cms.war and site.war are deployed, config is OK, there is an Apache rule proxying test.cms.project.com/site to the site war.
Now, when opening a channel, we get "Unable to change to composermode. Please check if the site is online.". It seems this has to do with redirecting to the authentication part of the CMS under http instead of https.
Starting without cookies, in FireBug I get when clicking the channel name:
This redirects to:
Note destinationUrl=http
I searched in source code and found CmsSecurityValve where this URL is generated: it uses servletRequest.getScheme() neatly.
Now, when I open URL [2] in a separate tab I get
{"message":"Composer-Mode successful","data":true,"success":true}and Subsequently, the channel does open in the channel manager. Apparantly a cookie has been set now.
We actually did adjust the Apache config to have /site also available under http, but we houldn't have to do that.
Why doesn't the auth work the first time? I suspect the first destinationUrl=http is wrong, any clue what is going on?
Attachments
Issue Links
- relates to
-
CMS-5859 Have the destinationURL for the SSO handshake between cms and site not include scheme and hostname
- Closed