|[1.2.5] SecureSocial behind local proxy: OAuth redirect URL||Samuel R||7/16/12 2:16 AM|
[I asked this also on StackOverflow, http://stackoverflow.com/questions/11447363/securesocial-on-play-1-2-x-behind-apache, but so far, no luck there ... maybe I get some more eyeballs here :) ]
I run SecureSocial on a Play 1.2.x installation (on port :9000). Access to the application is via Apache httpd running on port :80, which will then forward the requests.
As for SecureSocial, the callback URL in the request to Facebook is determined by looking at the Request-URL, now localhost:9000 (seesecuresocial.provider.OAuth2Provider.doAuth(Map<String, Object>):111), the authentification call will fail.
I look for a clever solution to this problem which doesn't involve
|Re: [play-framework] [1.2.5] SecureSocial behind local proxy: OAuth redirect URL||Carlos||7/16/12 1:16 PM|
Well it sounds like something needs hacking. SecureSocial really ought to honor X-forwarded-for. So if you are sure that Apache is setting that header in the forwarded request, then your choices are (1) fix securesocial or (2) hack Apache config to rewrite the request.url for only requests forwarded to your app...but that just feels dirty.
|Re: [play-framework] [1.2.5] SecureSocial behind local proxy: OAuth redirect URL||Samuel R||7/16/12 3:11 PM|
Thanks for the hint with X-Forwarded-For, it set me on the route to finally look for the solution of my problem in the right places.
Actually, SecureSocial uses play.mvc.Router.getBaseUrl() to construct the URL (which looks into the HTTP Request, as soon as it is present). So it could be argued that the fix would have to be in Play.
Sure enough, the topic has come up already a while ago:
And more to the point:
Which already contains the solution to my problem: Use the XForwardedSupport config option.
Am Montag, 16. Juli 2012 22:16:12 UTC+2 schrieb Carlos:
|Re: [play-framework] [1.2.5] SecureSocial behind local proxy: OAuth redirect URL||Carlos||7/16/12 3:25 PM|
I'm glad you found what you needed and thanks for the follow up.
To view this discussion on the web visit https://groups.google.com/d/msg/play-framework/-/Oi2F8jbC_kQJ.