Cisco Content Switch and WebLogic
- Following is posted on behalf of one of our network engineers:
We are having a problem with the WebLogic server using "http"
redirects rather than "https" redirects in the following configuration:
BROWSER<--HTTPS-->Cisco Content Switch<--HTTP-->WebLogic 5.1.0 SP12
1. The browser opens an SSL session which is terminated at a Cisco
CSS11503 content switch (e.g. https://peoplesoft.foo.com).
2. When the browser and content switch have the SSL session up, the
content switch opens up a connection to WebLogic, using HTTP.
3. Whenever the WebLogic replies with a 302 redirection, it sends back
the new location URI with protocol "http" rather than "https".
HTTP/1.1 302 Moved Temporarily
Response Code: 302
Server: WebLogic 5.1.0 Service Pack 12 04/14/2002 23:14:36
#178459 - 128 bit domestic version
4. The browser tries to open http://peoplesoft.foo.com/index.html,
which we wind up having to trap at the content switch and redirect to
the proper location - https://peoplesoft.foo.com/index.html.
5. In addition to the inefficient round-about way of getting to the
right place, some browser configurations display security messages as
the browser moves from https content, briefly to http content, and
then back to the correct https content at the end of the redirection
Ideally we would be looking for something to go into the WebLogic
properties file to tell it that all 302 redirects should be via HTTPS
protocol. We've found the "WLProxySSL" plug-in parameter, but it does
not appear that our current configuration uses plugins.
-Chris Timmons, Network Engineer
Central Washington University
Ellensburg, WA 98926-7436