[1.2.5] SecureSocial behind local proxy: OAuth redirect URL
280 views
Skip to first unread message
Samuel R
Jul 16, 2012, 5:16:46 AM7/16/12
to play-fr...@googlegroups.com
Hi There,
[I asked this also on StackOverflow, http://stackoverflow.com/questions/11447363/securesocial-on-play-1-2-x-behind-apache, but so far, no luck there ... maybe I get some more eyeballs here :) ]
I run SecureSocial on a Play 1.2.x installation (on port :9000). Access to the application is via Apache httpd running on port :80, which will then forward the requests.
As for SecureSocial, the callback URL in the request to Facebook is determined by looking at the Request-URL, now localhost:9000 (seesecuresocial.provider.OAuth2Provider.doAuth(Map<String, Object>):111), the authentification call will fail.
I look for a clever solution to this problem which doesn't involve
Thanks
Samuel
[I asked this also on StackOverflow, http://stackoverflow.com/questions/11447363/securesocial-on-play-1-2-x-behind-apache, but so far, no luck there ... maybe I get some more eyeballs here :) ]
I run SecureSocial on a Play 1.2.x installation (on port :9000). Access to the application is via Apache httpd running on port :80, which will then forward the requests.
As for SecureSocial, the callback URL in the request to Facebook is determined by looking at the Request-URL, now localhost:9000 (seesecuresocial.provider.OAuth2Provider.doAuth(Map<String, Object>):111), the authentification call will fail.
I look for a clever solution to this problem which doesn't involve
- Running Play not in front of httpd
- Hacking SecureSocial
Thanks
Samuel
C. Mundi
Jul 16, 2012, 4:16:12 PM7/16/12
to play-fr...@googlegroups.com
Well it sounds like something needs hacking. SecureSocial really ought to honor X-forwarded-for. So if you are sure that Apache is setting that header in the forwarded request, then your choices are (1) fix securesocial or (2) hack Apache config to rewrite the request.url for only requests forwarded to your app...but that just feels dirty.
--
You received this message because you are subscribed to the Google Groups "play-framework" group.
To view this discussion on the web visit https://groups.google.com/d/msg/play-framework/-/ZMhS8sP1rFEJ.
To post to this group, send email to play-fr...@googlegroups.com.
To unsubscribe from this group, send email to play-framewor...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/play-framework?hl=en.
Samuel R
Jul 16, 2012, 6:11:41 PM7/16/12
to play-fr...@googlegroups.com
Hi Carlos,
Thanks for the hint with X-Forwarded-For, it set me on the route to finally look for the solution of my problem in the right places.
Thanks for the hint with X-Forwarded-For, it set me on the route to finally look for the solution of my problem in the right places.
Actually, SecureSocial uses play.mvc.Router.getBaseUrl() to construct the URL (which looks into the HTTP Request, as soon as it is present). So it could be argued that the fix would have to be in Play.
Sure enough, the topic has come up already a while ago:
And more to the point:
Which already contains the solution to my problem: Use the XForwardedSupport config option.
Regards
Samuel
Am Montag, 16. Juli 2012 22:16:12 UTC+2 schrieb Carlos:
Well it sounds like something needs hacking. SecureSocial really ought to honor X-forwarded-for. So if you are sure that Apache is setting that header in the forwarded request, then your choices are (1) fix securesocial or (2) hack Apache config to rewrite the request.url for only requests forwarded to your app...but that just feels dirty.
On Jul 16, 2012 2:16 AM, "Samuel R" wrote:
Hi There,
[I asked this also on StackOverflow, http://stackoverflow.com/questions/11447363/securesocial-on-play-1-2-x-behind-apache, but so far, no luck there ... maybe I get some more eyeballs here :) ]
I run SecureSocial on a Play 1.2.x installation (on port :9000). Access to the application is via Apache httpd running on port :80, which will then forward the requests.
As for SecureSocial, the callback URL in the request to Facebook is determined by looking at the Request-URL, now localhost:9000 (seesecuresocial.provider.OAuth2Provider.doAuth(Map<String, Object>):111), the authentification call will fail.
I look for a clever solution to this problem which doesn't involve
- Running Play not in front of httpd
- Hacking SecureSocial
Thanks
Samuel
--
You received this message because you are subscribed to the Google Groups "play-framework" group.
To view this discussion on the web visit https://groups.google.com/d/msg/play-framework/-/ZMhS8sP1rFEJ.
To post to this group, send email to play-framework@googlegroups.com.
To unsubscribe from this group, send email to play-framework+unsubscribe@googlegroups.com.
C. Mundi
Jul 16, 2012, 6:25:20 PM7/16/12
to play-fr...@googlegroups.com
Hi Samuel,
I'm glad you found what you needed and thanks for the follow up.
To view this discussion on the web visit https://groups.google.com/d/msg/play-framework/-/Oi2F8jbC_kQJ.
To post to this group, send email to play-fr...@googlegroups.com.
To unsubscribe from this group, send email to play-framewor...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages