DotNetOpenAuth - How to make it work behind a load balancer?
Question
I have a load balancer with some web servers behind it. The traffic hitting the load balancer is secured with SSL and the data coming from the load balancer to the web server is sent as unencrypted HTTP traffic. I am using the DotNetOpenAuth OAuth Service Provider behind the load balancer on the web servers.
When a request is sent from my client, I am hitting https://www.mydomain.com/OAuth.ashx However, once it hits the load balancer, the protocol is changed to HTTP and the URL that is actually read by the HttpContext's Request.Url is http://www.mydomain.com/OAuth.ashx .
The protocol in the URL is getting modified. Has anyone encountered this and if so, how did you resolve this problem? The only thing I can think of is to get the DotNetOpenAuth source, modify the code to force the https URL, then compile it and use that instead of the pre-packed assemblies.
Any direction is appreciated.
2 answers
solution1
6 ACCPTED 2011-06-24 23:02:07
In case anyone runs into this, here is the answer to the problem:
DotNetOpenAuth RP fails behind SSL appliance
I talked to my host and had them put the X_FORWARDED_PROTO header to every request and give it the value of 'HTTPS'. This resolved all issues we were facing.
solution2
-1 2011-06-24 18:30:50
Contact your network admins, they may have a network component (eg the load balancer) offloading SSL processing. So you can either work with the HTTP protocol or have them disable SSL offloading, which I suspect they probably don't really want to do.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.