HttpsRequestWrapper wrongly sets the new URL

Steps to reproduce

Steps to reproduce:

1. Run Opencast without HTTPS
2. Configure a HTTP proxy to use HTTPS and set the "X-Forwarded-SSL" header to "on". Configure Opencast to uses the proxy URL.
3. Configure LTI and try to authenticate

Actual Results:

An error is returned:

HTTP ERROR 401
Problem accessing /lti. Reason:
Invalid signature for signature method HMAC-SHA1

The problem is that the SignatureBaseString of OAuth still contains "http" instead of "https" and thus validation fails. This is a result of a bug in `modules/matterhorn-kernel/src/main/java/org/opencastproject/kernel/filter/https/HttpsRequestWrapper.java:46` where `originalURL` is reseted to the "http" one.

Expected Results:

The LTI tool is displayed.

Assignee

Stephen Marquard

Reporter

Matthias Neugebauer

Severity

Non Functioning

Tags (folksonomy)

None

Components

Fix versions

Affects versions

Priority

Major
Configure