Merge "Added help text in local.settings.example how to setup Horizon to use SSL-offloading proxy to properly handle page redirects to SSL."

horizon/tests/base_tests.py

@@ -308,3 +308,28 @@ class HorizonTests(BaseHorizonTests):
                                follow=False,
                                HTTP_X_REQUESTED_WITH='XMLHttpRequest')
         self.assertEqual(resp.status_code, 200)
+
+    def test_ssl_redirect_by_proxy(self):
+        users.get_user_from_request = self._real_get_user_from_request
+        dogs = horizon.get_dashboard("dogs")
+        puppies = dogs.get_panel("puppies")
+        url = puppies.get_absolute_url()
+        redirect_url = "?".join([urlresolvers.reverse("horizon:auth_login"),
+                                 "next=%s" % url])
+
+        client = Client()
+        client.logout()
+        resp = client.get(url)
+        self.assertRedirectsNoFollow(resp, redirect_url)
+
+        # Set SSL settings for test server
+        settings.TESTSERVER = 'https://testserver:80'
+        settings.SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL',
+                                            'https')
+
+        resp = client.get(url, HTTP_X_FORWARDED_PROTOCOL="https")
+        self.assertRedirectsNoFollow(resp, redirect_url)
+
+        # Restore settings
+        settings.TESTSERVER = 'http://testserver'
+        settings.SECURE_PROXY_SSL_HEADER = None

openstack_dashboard/local/local_settings.py.example

@@ -5,7 +5,13 @@ from django.utils.translation import ugettext_lazy as _
 DEBUG = True
 TEMPLATE_DEBUG = DEBUG
 PROD = False
-USE_SSL = False
+
+# Set SSL proxy settings:
+# For Django 1.4+ pass this header from the proxy after terminating the SSL,
+# and don't forget to strip it from the client's request.
+# For more information see:
+# https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header
+# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
 
 # Note: You should change this value
 SECRET_KEY = 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0'