|
/
Zope
/
Apsis
/
Pound Mailing List
/
Archive
/
2008
/
2008-04
/
HTTPS Pass Through Question
[
listener question / David L Kensiski ... ]
[
how many file descriptors per request? / Tom ... ]
HTTPS Pass Through Question
Jonathan Cyr <cyrj(at)cyr.info> |
2008-04-19 19:35:43 |
[ SNIP ]
|
Hello,
I've used Pound for a while and haven't kept up-to-date, so forgive a
stupid question...
My new project involves a PHP app that I didn't write... When Pound
handles the HTTPS decrypt/encrypt for the Apache2.2/PHP5 application.
The application guesses from its environmental variables that the
request is HTTP, not HTTPS, because Pound has already processed it and
handed it off. So this app, is open source and written by many
(including libraries), sothat I can't force it to write HTTPS URLs
without straying from vanilla too far.
Can I tell Pound to pass the HTTPS through to the Apache backends for
SSL decryption, and pick up Pound's great Load Balancing/Failover and
Session management by IP features? Can it ignore the encryption and
just manage the backends and the IP? Can Pound tell through headers the
Apache2.2/PHP5 framework that it's environment is HTTPS and override its
actual HTTP behaviour
Very happy with Pound... and hoping it does this and I just don't know how.
Thanks In Advance
-Jonathan Cyr
|
|
|
Re: [Pound Mailing List] HTTPS Pass Through Question
Olivier PIERRE <olivier(at)oxeron.com> |
2008-04-19 22:30:18 |
[ SNIP ]
|
Hi,
maybe you can use this option in your pound.cfg
HTTPSHeaders 1 "X-Forwarded-Proto: https"
And detect this header in your PHP application, but it may need to be
changed a little bit.
Olivier
> Hello,
>
> I've used Pound for a while and haven't kept up-to-date, so forgive a
> stupid question...
>
> My new project involves a PHP app that I didn't write... When Pound
> handles the HTTPS decrypt/encrypt for the Apache2.2/PHP5 application.
> The application guesses from its environmental variables that the
> request is HTTP, not HTTPS, because Pound has already processed it and
> handed it off. So this app, is open source and written by many
> (including libraries), sothat I can't force it to write HTTPS URLs
> without straying from vanilla too far.
>
> Can I tell Pound to pass the HTTPS through to the Apache backends for
> SSL decryption, and pick up Pound's great Load Balancing/Failover and
> Session management by IP features? Can it ignore the encryption and
> just manage the backends and the IP? Can Pound tell through headers
> the Apache2.2/PHP5 framework that it's environment is HTTPS and
> override its actual HTTP behaviour
>
> Very happy with Pound... and hoping it does this and I just don't know
> how.
>
> Thanks In Advance
>
> -Jonathan Cyr
>
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
|
|
|
Re: [Pound Mailing List] HTTPS Pass Through Question
Olivier PIERRE <olivier(at)oxeron.com> |
2008-04-19 22:39:25 |
[ SNIP ]
|
In addition, we used this for one of our projects:
if ($_SERVER['SERVER_PORT'] != 80 ||
(isset($_SERVER['HTTP_FRONT_END_HTTPS']) &&
$_SERVER['HTTP_FRONT_END_HTTPS'] == "On")) {
// this is https call
...
}
I can't remember if the header HTTP_FRONT_END_HTTPS was manually created
by us or if it comes from pound and the option I gave you just before.
Maybe you should just print the headers you receive in the backend
server : print_r($_SERVER) and see what's available here.
Olivier
> Hi,
>
> maybe you can use this option in your pound.cfg
>
> HTTPSHeaders 1 "X-Forwarded-Proto: https"
>
> And detect this header in your PHP application, but it may need to be
> changed a little bit.
>
> Olivier
>> Hello,
>>
>> I've used Pound for a while and haven't kept up-to-date, so forgive a
>> stupid question...
>>
>> My new project involves a PHP app that I didn't write... When Pound
>> handles the HTTPS decrypt/encrypt for the Apache2.2/PHP5
>> application. The application guesses from its environmental
>> variables that the request is HTTP, not HTTPS, because Pound has
>> already processed it and handed it off. So this app, is open source
>> and written by many (including libraries), sothat I can't force it to
>> write HTTPS URLs without straying from vanilla too far.
>>
>> Can I tell Pound to pass the HTTPS through to the Apache backends for
>> SSL decryption, and pick up Pound's great Load Balancing/Failover and
>> Session management by IP features? Can it ignore the encryption and
>> just manage the backends and the IP? Can Pound tell through headers
>> the Apache2.2/PHP5 framework that it's environment is HTTPS and
>> override its actual HTTP behaviour
>>
>> Very happy with Pound... and hoping it does this and I just don't
>> know how.
>>
>> Thanks In Advance
>>
>> -Jonathan Cyr
>>
>>
>> --
>> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
>> Please contact roseg(at)apsis.ch for questions.
>
>
>
>
> --
> To unsubscribe send an email with subject unsubscribe to pound(at)apsis.ch.
> Please contact roseg(at)apsis.ch for questions.
--
Cordialement,
Olivier PIERRE
*********************************************************************************
OXERON Internet and Mobile Services SARL
Développements et Hébergement Open-Source de sites Internet
Projets SMS (www.websms.lu - www.oxysms.com)
Gestion de serveurs
PAO
Petites annonces (www.luxannonces.lu)
13, rue de la libération
L-5969 Itzig LUXEMBOURG
Gsm : +352 661 59 48 60
Fax : +33 (0)3 82 53 52 60
Email: olivier(at)oxeron.com
Web : http://www.oxeron.com
|
|
|
|
