[Web-SIG] Reverse Proxy & HTTPS
Randy Syring
randy at rcs-comp.com
Mon Apr 6 18:24:42 CEST 2009
Cameron Simpson wrote:
> On 04Apr2009 16:08, Randy Syring <randy at rcs-comp.com> wrote:
>
> How tightly knit is the IIS i.e. do you have control over it? Maybe this
> rewrite thing should be set up in IIS instead, it seems the more obvious
> place for such control except that the rewrite config would no longer
> be "part of the app". At least the IIS server should know if it's http
> or https. Or are you wanting to make your CherryPy app robust against
> http misuse?
>
> Disclaimer: I know close to nothing about IIS; this is just how I'd be
> approaching it with an Apache reverse proxy from end.
>
> Cheers,
>
Cameron,
Thanks for your reply. Let me start out by saying that I don't think
this is an IIS issue, its just that IIS is the front-end web server that
is proxying the HTTP requests through to the CherryPy server. If I was
to choose to run a similar setup on a Linux box with Apache, I still
think I would have the same question (feel free to correct me if I am
wrong).
I would like my application to have control over the HTTPS<->HTTP
redirects and would rather not force that logic into the forward facing
web server if at all possible. That just seems like an extra
configuration step that wouldn't necessarily be needed if I could figure
out how to pass SSL status from the forward facing web server to the
backend proxy (i.e. CherryPy and my app).
So, do you (or anyone else) know of a good way to to this? Or, does
everyone just assume that it is all or nothing for SSL when you are
proxying to a backend?
Thank you.
--------------------------------------
Randy Syring
RCS Computers & Web Solutions
502-644-4776
http://www.rcs-comp.com
"Whether, then, you eat or drink or
whatever you do, do all to the glory
of God." 1 Cor 10:31
More information about the Web-SIG
mailing list