Relative redirects

Kunagi needs to use relative redirects to prevent trouble when it's behind an SSL tunnel.

I have an SSL firewall tunnel that's sitting in front of the Tomcat box running two virtual hosts. One virtual host runs Kunagi as ROOT.war.

So, when the browser requests kunagi.xxx.com Tomcat sees it as kunagi.xxx.com (not https). Kunagi does certain redirects (like / to /login.html). But when it does the 302 redirect, it constructs what it thinks is the proper URL based on the request that Tomcat got. In this case, since it saw http instead of https, it will send back the wrong URL - kunagi.xxx.com/login.html.

Instead, kunagi should alleviate this by doing relative redirects using relative paths. So in this case, when the GET is for "GET / HTTP/1.1" it should respond with "Location: login.html" instead of "Location: kunagi.xxx.com/login.html".

Alternatively, or additionally there needs to be a config setting in the .properties file to set the URL prefix (protocol, hostname, and context path) but I don't think that's really necessary unless you wanted to do something really far out like virtual hosting for each project or something like that.

If you like, I could make the change and either submit the patch or check it into the git repo.

Statement from Kunagi Team

To enforce a custom URL prefix for redirects, edit config.properties and set the parameter url=http://my-custom-url/, or go to System Configuration and change the URL there.

Status

Issue is closed for Release 0.14.

Subscribe

Comments

Tue, Sep 28, 2010, 23:24 by George

In that case, the alternative suggestion might be the best. It looks like there's a kunagi config.properties file that gets created in the scrum data directory. Perhaps by creating a setting called something like redirectURLPrefix or something like that, you can then form an absolute path and send it back. The user could put the scheme, host, port, and context path in there like: "https://kunagi.xxx.com/scrum/"

Fri, Sep 2, 2011, 07:43 by anonymous

where can I find config.properties?

Mon, Sep 5, 2011, 09:59 by Witek (SM,T)

When starting the web application (Tomcat) the path to the config.properties is clearly visible in the log (catalina.out).

Usualy it is directly in the data path, which is also visible in the log.

Post a comment
optional
optional