resp.setHeader("X-OpenRosa-Version", "1.0");
resp.setDateHeader("Date", System.currentTimeMillis());
-//// String serverName = req.getServerName();
-//// int serverPort = req.getServerPort();
-//// String protocol = serverPort == 443 || req.isSecure() ? "https" : "http";
-//// String baseServer = protocol + "://" + serverName
-//// + (serverPort == 80 || serverPort == 443 ? "" : ":" + serverPort);
-// String requestUri=req.getRequestURI();
-// String forwardedHost = req.getHeader("X-Forwarded-Host");
-// URL requestUrl = new URL(req.getRequestURL().toString());
-// String baseServer = requestUrl.getProtocol() + "://" + requestUrl.getHost()
-// + (requestUrl.getPort() > 0 ? ":" + requestUrl.getPort() : "");
- StringBuilder baseServer = ServletUtils.getRequestUrlBase(req);
+ // we force HTTPS since ODK Collect will fail anyhow when sending http
+ // cf. https://forum.getodk.org/t/authentication-for-non-https-schems/32967/4
+ StringBuilder baseServer = ServletUtils.getRequestUrlBase(req, true);
String pathInfo = req.getPathInfo();
if (pathInfo.startsWith("//"))
pathInfo = pathInfo.substring(1);
-// String serverName = req.getServerName();
-// int serverPort = req.getServerPort();
-// String protocol = serverPort == 443 || req.isSecure() ? "https" : "http";
-// String baseServer = protocol + "://" + serverName
-// + (serverPort == 80 || serverPort == 443 ? "" : ":" + serverPort);
- StringBuilder baseServer = ServletUtils.getRequestUrlBase(req);
+ // we force HTTPS since ODK Collect will fail anyhow when sending http
+ // cf. https://forum.getodk.org/t/authentication-for-non-https-schems/32967/4
+ StringBuilder baseServer = ServletUtils.getRequestUrlBase(req, true);
Session session = RemoteAuthUtils.doAs(() -> Jcr.login(repository, null), new ServletHttpRequest(req));