Is there any way to configure Bamboo to run over both HTTP and HTTPS? I've enabled it so that going to https://bamboo returns a page, but users are immediately redirected to the plain HTTP version of the site. I am assuming that this is due to the "Base URL" configuration variable.
What would be ideal is that if a user came in on the HTTPS URL that all associated links in the application recognise this and link to the HTTPS version of the content.
Hello, DO we have any solutions, we are facing issue after the upgrade to 7.0.4 version of bamboo?
Hi Serge,
The Base URL is used for composing links, so it may be the reason why the users are being redirected for HTTP. I suggest you to change it on _Administration -> System -> General Configurations_.
Regarding to the following statement:
What would be ideal is that if a user came in on the HTTPS URL that all associated links in the application recognise this and link to the HTTPS version of the content.
Is that what you meant?
What would be ideal is that if a user came in on the HTTP URL that all associated links in the application recognise this and link to the HTTPS version of the content.
In this case I believe you would need to enable the HTTP -> HTTPS redirect on Jetty. I couldn't find any oficial documentation for that, but the following link may help:
- http://serverfault.com/questions/367660/how-to-have-jetty-redirect-http-to-https
Best regards,
Lucas Timm
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Lucas,
Sorry for not having made myself clear. I meant that Bamboo should be fully usable over both HTTP and HTTPS (no redirects from one to the other) based on what URL the user chooses to use. i.e. if the user goest to the HTTPS link, all the URLs used in the application will also be HTTPS. In the case that the user goes to the HTTP link, all URLs will be HTTP.
Basically, having a fully functional site over both HTTP and HTTPS and leaving it up to the user to decide which to use.
The reasoning behind this is that some of our users would like to keep their credentials private and in cases where they use their credentials would prefer to communicate with Bamboo over SSL. In cases where they access Bamboo programatically, they usually use a machine account, in which case speed is preferable over security.
Hope this helps to explain what I originally meant.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I would stick with ALL HTTPS due to base URL issues.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.