[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: v2 Cartridge Question



Hi everyone,

So I'm developing a custom v2 cartridge to add our single sign-on solution (Shibboleth) to our OpenShift Enterprise environment.  Shibboleth has an Apache module component that connects to a daemon that runs in the background.  I've worked around all of the issues there are with how the Apache module bit is another "web technology" cartridge but there is one piece that I'm unable to resolve.

Shibboleth is expecting the URL scheme to be https all the way through but the front end proxy at the node is terminating SSL so the backend URL scheme is http.  In a standard Apache environment with a load balancer/SSL terminator, there are mechanisms to deal with this by setting Apache directives but those only work in <VirtualHost> stanzas.  I tried to fake things out using either 'tohttps' or 'ssl_to_gear' in the manifest but since Shibboleth doesn't have an HTTP-based service listening on the backend (Apache module is in main running httpd) so I haven't been able to get that working.

Does any have any ideas on how to get https all the way through or at least fake it out so Shibboleth thinks it is https?  Hopefully my explanation of the situation makes sense.


Thanks for any ideas,

-Stephen


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]