Browse Source

set x-forwarded-port header for proxied requests

This is required for keystone federation to work correctly when
mod_auth_openidc.

Change-Id: Ib79fbd47169388bfb044a8183725a3d1de5bc480
Closes-bug: 1777884
(cherry picked from commit bf9a9620c68eb3934a897038ccc36a1a2a10bf66)
changes/42/711442/1
Lars Kellogg-Stedman 2 years ago
committed by Luca Miccini
parent
commit
2b22b2b915
1 changed files with 2 additions and 1 deletions
  1. +2
    -1
      manifests/haproxy.pp

+ 2
- 1
manifests/haproxy.pp View File

@@ -862,7 +862,8 @@ class tripleo::haproxy (
'option' => [ 'httpchk', 'httplog', ],
'http-request' => [
'set-header X-Forwarded-Proto https if { ssl_fc }',
'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
'set-header X-Forwarded-Proto http if !{ ssl_fc }',
'set-header X-Forwarded-Port %[dst_port]'],
}
Tripleo::Haproxy::Endpoint {
haproxy_listen_bind_param => $haproxy_listen_bind_param,


Loading…
Cancel
Save