Hi All,
We've been using Request.IsSecur eConnection for some time to drop in
and out of SSL for various sections of our web application. We have
recently change server architecture though as we now accept all
requests to our FreeBSD Apache cluster which then proxies the requests
to the Windows Server.
As the proxy request is done over plaintext HTTP the
Request.IsSecur eConnection no longer works correctly.
Can anyone shed any light on how IsSecureConnect ion is implemented as
the suggested work around for Apache is to send through an additional
header in the proxy request. If IsSecureConnect ion uses headers, then
we could get Apache to forward the header it is looking for and
thereby mimic an unproxied (normal) request.
The alternative is to use a self signed cert on the windows box and
proxy over SSL directly, but this would produce maintainance problems
for us.
Regards,
Paul Shannon
Lead Web Applications Developer
Codeweavers Ltd
We've been using Request.IsSecur eConnection for some time to drop in
and out of SSL for various sections of our web application. We have
recently change server architecture though as we now accept all
requests to our FreeBSD Apache cluster which then proxies the requests
to the Windows Server.
As the proxy request is done over plaintext HTTP the
Request.IsSecur eConnection no longer works correctly.
Can anyone shed any light on how IsSecureConnect ion is implemented as
the suggested work around for Apache is to send through an additional
header in the proxy request. If IsSecureConnect ion uses headers, then
we could get Apache to forward the header it is looking for and
thereby mimic an unproxied (normal) request.
The alternative is to use a self signed cert on the windows box and
proxy over SSL directly, but this would produce maintainance problems
for us.
Regards,
Paul Shannon
Lead Web Applications Developer
Codeweavers Ltd