I'm trying to configure OpenACS 5.1.1 subsites to work with Pound for SSL connections.
I have modified security::secure_conn_p to check for the X-SSL-Request header, and return true if the header value is set to true (X-SSL-Request is an extra header that I have told Pound to send when it's a secure connection).
But, when using the host-node-map where...
http://subsite.com/
...points to...
http://mainsite.com/subsite/
...going to...
http://subsite.com/register/
...redirects to...
https://mainsite.com/register/
(notice that it redirects to https since I have OpenACS configured to restrict registration to SSL).
However, when the host-node-map is not used, going to...
http://mainsite.com/subsite/register/
...redirects as it should to...
https://mainsite.com/subsite/register/
I am not that familiar with the request processor, but I have been trying to trace through the code to find out where this is happening.
I am hoping someone more familiar with the request processor could enlighten me. I know Bart has worked on this, but he is slammed right now.
Thanks.