Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

AEM redirects user back to http (SSL termination at LB) only for login page

Avatar

Avatar
Validate 1
Level 2
subramanya75
Level 2

Likes

4 likes

Total Posts

12 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
Affirm 3
Affirm 1
View profile

Avatar
Validate 1
Level 2
subramanya75
Level 2

Likes

4 likes

Total Posts

12 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
Affirm 3
Affirm 1
View profile
subramanya75
Level 2

01-01-2019

Hi all,

We have this issue that started appearing on prod author site recently.

We have an AEM author integrated with SAML. SSL/TLS terminated at Load Balancer.

Due to to the mixed content error we started getting few days back on our login page more works.

This is the error in detail:

We are requesting login page over https:  https://<domain-name>/libs/granite/core/content/login.html

On the console I see below error:

Mixed Content: The page at 'https://<domain-name>/libs/granite/core/content/login.html/?resource=%2F&$$login$$=%24%24login%24%24&j_reason=unknown&j_reason_code=unknown' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://<domain-name>/libs/granite/core/content/login.html/?resource=%2Flibs%2Fgranite%2Fcsrf%2Ftoken.json&$$login$$=%24%24login%24%24&j_reason=unknown&j_reason_code=unknown'. This request has been blocked; the content must be served over HTTPS.

We have done all configurations as per the URL : AEM redirecting user back to http if accessed through SSL terminated Load Balancer

But issue is still not resolved.

We are using AEM 6.3 with SP2

View Entire Topic

Avatar

Avatar
Validate 1
Level 2
subramanya75
Level 2

Likes

4 likes

Total Posts

12 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
Affirm 3
Affirm 1
View profile

Avatar
Validate 1
Level 2
subramanya75
Level 2

Likes

4 likes

Total Posts

12 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
Affirm 3
Affirm 1
View profile
subramanya75
Level 2

03-01-2019

Hi Gaurav,

I have already informed in my initial comment that we have checked everything as per the documentation provided at links you have shared.

Those are not useful.

We observed that when we clear the dispatcher cache for login page :libs/granite/core/content/login.html, this issue got resolved for first request and we did not get mixed content error.

Then we realized that the page "libs/granite/core/content/login.html?" cached at dispatcher and this is the culprit.

We found due to the cached page at dispatcher, our get request never reached beyond dispatcher and it was not reaching author.

  1. So we added these response headers to login page: Cache-Control:  no-cache, no-store, must-re-validate.
  2. we also added a rule at dispatcher do deny caching of loign page at dispatcher.

Now as the page is no more cached at dispatcher , request is hitting author and author is providing https response.

Hence we are able to fix the issue