[1.2.5] SecureSocial behind local proxy: OAuth redirect URL

Showing 1-4 of 4 messages
[1.2.5] SecureSocial behind local proxy: OAuth redirect URL Samuel R 7/16/12 2:16 AM
Hi There,

[I asked this also on StackOverflow, http://stackoverflow.com/questions/11447363/securesocial-on-play-1-2-x-behind-apache, but so far, no luck there ... maybe I get some more eyeballs here :) ]

I run SecureSocial on a Play 1.2.x installation (on port :9000). Access to the application is via Apache httpd running on port :80, which will then forward the requests.

As for SecureSocial, the callback URL in the request to Facebook is determined by looking at the Request-URL, now localhost:9000 (seesecuresocial.provider.OAuth2Provider.doAuth(Map<String, Object>):111), the authentification call will fail.

I look for a clever solution to this problem which doesn't involve
  • Running Play not in front of httpd 
  • Hacking SecureSocial 

Thanks
Samuel
Re: [play-framework] [1.2.5] SecureSocial behind local proxy: OAuth redirect URL Carlos 7/16/12 1:16 PM

Well it sounds like something needs hacking.  SecureSocial really ought to honor X-forwarded-for.  So if you are sure that Apache is setting that header in the forwarded request, then your choices are (1) fix securesocial or (2) hack Apache config to rewrite the request.url for only requests forwarded to your app...but that just feels dirty.

--
You received this message because you are subscribed to the Google Groups "play-framework" group.
To view this discussion on the web visit https://groups.google.com/d/msg/play-framework/-/ZMhS8sP1rFEJ.
To post to this group, send email to play-fr...@googlegroups.com.
To unsubscribe from this group, send email to play-framewor...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/play-framework?hl=en.
Re: [play-framework] [1.2.5] SecureSocial behind local proxy: OAuth redirect URL Samuel R 7/16/12 3:11 PM
Hi Carlos,

Thanks for the hint with X-Forwarded-For, it set me on the route to finally look for the solution of my problem in the right places.

Actually, SecureSocial uses play.mvc.Router.getBaseUrl() to construct the URL (which looks into the HTTP Request, as soon as it is present). So it could be argued that the fix would have to be in Play.

Sure enough, the topic has come up already a while ago:

And more to the point:

Which already contains the solution to my problem: Use the XForwardedSupport config option.

Regards
Samuel

Am Montag, 16. Juli 2012 22:16:12 UTC+2 schrieb Carlos:

Well it sounds like something needs hacking.  SecureSocial really ought to honor X-forwarded-for.  So if you are sure that Apache is setting that header in the forwarded request, then your choices are (1) fix securesocial or (2) hack Apache config to rewrite the request.url for only requests forwarded to your app...but that just feels dirty.

On Jul 16, 2012 2:16 AM, "Samuel R"  wrote:
Hi There,

[I asked this also on StackOverflow, http://stackoverflow.com/questions/11447363/securesocial-on-play-1-2-x-behind-apache, but so far, no luck there ... maybe I get some more eyeballs here :) ]

I run SecureSocial on a Play 1.2.x installation (on port :9000). Access to the application is via Apache httpd running on port :80, which will then forward the requests.

As for SecureSocial, the callback URL in the request to Facebook is determined by looking at the Request-URL, now localhost:9000 (seesecuresocial.provider.OAuth2Provider.doAuth(Map<String, Object>):111), the authentification call will fail.

I look for a clever solution to this problem which doesn't involve
  • Running Play not in front of httpd 
  • Hacking SecureSocial 

Thanks
Samuel

--
You received this message because you are subscribed to the Google Groups "play-framework" group.
To view this discussion on the web visit https://groups.google.com/d/msg/play-framework/-/ZMhS8sP1rFEJ.
To post to this group, send email to play-fr...@googlegroups.com.
To unsubscribe from this group, send email to play-framewor...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/play-framework?hl=en.
Re: [play-framework] [1.2.5] SecureSocial behind local proxy: OAuth redirect URL Carlos 7/16/12 3:25 PM

Hi Samuel,

I'm glad you found what you needed and thanks for the follow up.

To view this discussion on the web visit https://groups.google.com/d/msg/play-framework/-/Oi2F8jbC_kQJ.

To post to this group, send email to play-fr...@googlegroups.com.
To unsubscribe from this group, send email to play-framewor...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/play-framework?hl=en.