[rt-users] HTTP and HTTPS on same RT server?

Eynat Nir Mishor eynatnir2 at hotmail.com
Tue Feb 26 07:41:41 EST 2008 

I encountered this problem and solved it for RT 3.6.5.
>From what I saw, the problem was in RT::Interface::Web::Redirect() function
that is called from html/Ticket/Display.html (and other places).  It
redirected the browser to a URL based on $RT::WebURL configuration only.  So
it always redirected to a "http" or "https" scheme URL based on the
configuration.

I changed the function to redirect to URL based on the current scheme
(http/s):

In file local/lib/RT/Interface/Web_Local.pm:

-------------------------- Begin File --------------------------------
package RT::Interface::Web;

sub Redirect {
    my $redir_to = shift;
    untie $HTML::Mason::Commands::session;
    my $uri = URI->new($redir_to);
    my $server_uri = URI->new($RT::WebURL);
    
    # If the user is coming in via a non-canonical
    # hostname, don't redirect them to the canonical host,
    # it will just upset them (and invalidate their credentials)
    if ($uri->host  eq $server_uri->host && 
        $uri->port eq $server_uri->port) {
            $uri->host($ENV{'HTTP_HOST'});
            $uri->port($ENV{'SERVER_PORT'});
        }

    # Explicitly set scheme to http/s according to the current request
coming in
    my $scheme = ($ENV{'HTTPS'} == "on" ? "https" : "http");
    $uri->scheme($scheme);	
    
    $HTML::Mason::Commands::m->redirect($uri->canonical);
    $HTML::Mason::Commands::m->abort;
}

1;
-------------------------- End File --------------------------------



Eynat

-----Original Message-----
From: Danie Marais [mailto:danie.marais at attix5.com] 
Sent: Tuesday, 26 February 2008 12:38 PM
To: 'Oliver Jeeves'
Cc: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] HTTP and HTTPS on same RT server?

 
> > Can someone perhaps just confirm that an HTTP and HTTPS 
> combination is
> > not possible? 
> >  
> > Thanks

> I don't see why it wouldn't be possible. You can have both an HTTP and
> an HTTPS site serving the same pages, and then redirect people between
> the two based on certain conditions, probably logged in user, or even
> based on a custom field.
> 
> Is there any reason why you don't want to use HTTPS for both 
> SelfService
> users and engineers?

I'm not keen to buy an expensive web certificate.  SelfService does not
warrant that level of security, but engineers can be instructed to import
the web certificate.  And HTTP requires slightly less resources.

My current problem is that by correctly setting the WebBaseURL in
RT_SiteConfig.pm to http or https I can get either one of the two working
but not both at the same time.  If http is specified then you cannot submit
replies in https and vice versa.

More information about the rt-users mailing list