[Seaside] Seaside 2.8 and Apache2
RICHARD ENG
richard.eng at rogers.com
Wed Nov 14 05:02:19 UTC 2007
I've found a peculiar problem in running
Seaside 2.8 with Apache2...
It seems to be related to SSL. The symptom is: when I click on the submit button, I get a Security Warning from the Firefox browser (I've tried both Firefox and Opera) saying "Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party". Then when I click on "continue", the session seems to be expired which then throws me back to my home page.
I've simplified the problem by creating a very simple app called Fred. Here's the fileout:
WAComponent subclass: #Flintstone
instanceVariableNames: ''
classVariableNames: ''
poolDictionaries: ''
category: 'RKE-test'!
!Flintstone methodsFor: 'as yet unclassified' stamp: 'RKE 11/13/2007 22:43'!
renderContentOn: html
html heading level: 2; with: 'A Form'.
html form:
[html text: 'your name'.
html textInput.
html break.
html submitButton on: #save of: self]! !
!Flintstone methodsFor: 'as yet unclassified' stamp: 'RKE 11/13/2007 22:31'!
save
Transcript cr; show: 'saving...'! !
WAComponent subclass: #Fred
instanceVariableNames: ''
classVariableNames: ''
poolDictionaries: ''
category: 'RKE-test'!
!Fred methodsFor: 'as yet unclassified' stamp: 'RKE 11/13/2007 22:40'!
renderContentOn: html
html heading level: 1; with: 'Testing'.
html anchor callback: [self call: Flintstone new]; with: 'Bedrock'! !
"-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- "!
Fred class
instanceVariableNames: ''!
!Fred class methodsFor: 'as yet unclassified' stamp: 'RKE 11/13/2007 20:30'!
canBeRoot
^true! !
Here's the modified httpd.conf file to run Fred:
LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so
ServerName www.goodsexnetwork.com
NameVirtualHost 192.168.1.101:80
<virtualhost 192.168.1.101:80>
ServerName www.goodsexnetwork.com
RewriteEngine on
ProxyRequests off
DocumentRoot /var/www
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ https://%{SERVER_NAME}/$1 [L,R]
</virtualhost>
NameVirtualHost 192.168.1.101:443
<virtualhost 192.168.1.101:443>
ServerName www.goodsexnetwork.com
RewriteEngine on
ProxyRequests off
ProxyPreserveHost on
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
DocumentRoot /var/www/ssl
ProxyPass /seaside/fred http://localhost:9090/seaside/fred
ProxyPassReverse /seaside/fred http://localhost:9090/seaside/fred
RewriteRule ^/$ http://localhost:9090/seaside/fred/$1 [P,L]
</virtualhost>
I tested Fred on both Seaside 2.7 and 2.8. In Seaside 2.7, I don't get the Security Warning and the app works perfectly. In Seaside 2.8, I get the Security Warning and the app expires the session on "submit".
In Seaside 2.7, the #save method writes to the Transcript. In Seaside 2.8, it doesn't, thereby proving that #save doesn't even get executed.
Like I said, very peculiar. I just don't understand what's going on and I'm afraid I may have to fall back to Seaside 2.7.
More info: with Seaside 2.8, if I move
DocumentRoot /var/www/ssl
ProxyPass /seaside/fred http://localhost:9090/seaside/fred
ProxyPassReverse /seaside/fred http://localhost:9090/seaside/fred
RewriteRule ^/$ http://localhost:9090/seaside/fred/$1 [P,L]
into the 192.168.1.101:80 Virtual Host, thereby circumventing SSL, there is no problem. So this is absolutely related to SSL.
Regards,
Richard
More information about the seaside
mailing list