Resolution: Not a Bug
Affects Version/s: 5.1.0 GA
Fix Version/s: None
I have configured my BA server installation behind an Apache server acting as SSL termination endpoint and reverse proxy on our internal domain colmer.ob1.de. Apache proxies all incoming requests to the regular pentaho tomcat at localhost:8080.
In general this works fine. Logging in/out and viewing content all works as expected.
The problem surfaces when I am logged out and enter a deep URL to pentaho content. For example: *https://colmer.ob1.de/pentaho/api/repos/%3Apublic%3Ahidrive%3Atest.xanalyzer/viewer*
This will first redirect me to the login page, as expected, and after a successful login, the login pages tries to forward to the original URL.
It should instead use one of the following methods to redirect correctly:
- respect proxy headers and forward to the original URL determined by the appropriate HTTP headers ''X-Forwarded-For", "X-Forwarded-Host" and "X-Forwarded-Proto" as described by https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
- forward only relative to the pentaho webapp context i.e. forward to '/pentaho/api/repos/%3Apublic%3Ahidrive%3Atest.xanalyzer/viewer', which would also work in the browser
- actually use the fully-qualified-server-url parameter from the webapp config, which it does not do for login page redirection
As a result, we cannot build a BI solution that opens anything but /Home.