Enabled proper SSL Offloading

A redirect loop occurred when trying to access a secure site in hybris. This changes allow a proper SSL offloading
2015-12-28 22:34:42 +01:00 · 2015-12-28 22:34:42 +01:00 · a702aeb37a
--- a/MicrosoftDXGermany.hybrisOnAzure.ArrRole/Web.config
+++ b/MicrosoftDXGermany.hybrisOnAzure.ArrRole/Web.config
@ -101,9 +101,27 @@
        </rule>
        
        <!-- Rule to redirect all traffic to the webfarm -->
-        <rule name="WebFarm" stopProcessing="true">
+        <rule name="WebFarmHttp" stopProcessing="true">
          <match url="(.*)" />
+          <conditions>
+            <add input="{HTTPS}" pattern="^OFF$" />
+          </conditions>
          <action type="Rewrite" url="http://AzureWebFarm/{R:0}" />
+          <serverVariables>
+            <set name="HTTP_X_Forwarded_By" value="{SERVER_NAME}" />
+            <set name="HTTP_X_Forwarded_Proto" value="http" />
+          </serverVariables>
+        </rule>
+        <rule name="WebFarmHttps" stopProcessing="true">
+          <match url="(.*)" />
+          <conditions>
+            <add input="{HTTPS}" pattern="^ON$" />
+          </conditions>
+          <action type="Rewrite" url="http://AzureWebFarm/{R:0}" />
+          <serverVariables>
+            <set name="HTTP_X_Forwarded_By" value="{SERVER_NAME}" />
+            <set name="HTTP_X_Forwarded_Proto" value="https" />
+          </serverVariables>
        </rule>
      </rules>
    </rewrite>
--- a/MicrosoftDXGermany.hybrisOnAzure.BackOfficeWorkerRole/Web.config
+++ b/MicrosoftDXGermany.hybrisOnAzure.BackOfficeWorkerRole/Web.config
@ -30,10 +30,28 @@
          <action type="None" />
        </rule>
        
-        <!-- Rule to redirect all traffic to hybris -->
-        <rule name="hybris" stopProcessing="true">
+        <!-- Rule to redirect all traffic to the webfarm -->
+        <rule name="WebFarmHttp" stopProcessing="true">
          <match url="(.*)" />
+          <conditions>
+            <add input="{HTTPS}" pattern="^OFF$" />
+          </conditions>
          <action type="Rewrite" url="http://localhost:9001/{R:0}" />
+          <serverVariables>
+            <set name="HTTP_X_Forwarded_By" value="{SERVER_NAME}" />
+            <set name="HTTP_X_Forwarded_Proto" value="http" />
+          </serverVariables>
+        </rule>
+        <rule name="WebFarmHttps" stopProcessing="true">
+          <match url="(.*)" />
+          <conditions>
+            <add input="{HTTPS}" pattern="^ON$" />
+          </conditions>
+          <action type="Rewrite" url="http://localhost:9001/{R:0}" />
+          <serverVariables>
+            <set name="HTTP_X_Forwarded_By" value="{SERVER_NAME}" />
+            <set name="HTTP_X_Forwarded_Proto" value="https" />
+          </serverVariables>
        </rule>
      </rules>
    </rewrite>
--- a/Routing/ConfigWebFarm.cmd
+++ b/Routing/ConfigWebFarm.cmd
@ -33,4 +33,8 @@ rem Disable Disk Cache

 rem Set no buffer for constant data flow
 %systemroot%\system32\inetsrv\appcmd.exe set config -section:webFarms /[name='<#%tangible.Azure.ARR.WebFarmName%#>'].applicationRequestRouting.protocol.minResponseBuffer:"0" /commit:apphost
-%systemroot%\system32\inetsrv\appcmd.exe set config -section:webFarms /[name='<#%tangible.Azure.ARR.WebFarmName%#>'].applicationRequestRouting.protocol.responseBufferLimit:"0" /commit:apphost
+%systemroot%\system32\inetsrv\appcmd.exe set config -section:webFarms /[name='<#%tangible.Azure.ARR.WebFarmName%#>'].applicationRequestRouting.protocol.responseBufferLimit:"0" /commit:apphost
+
+rem enable ssl offloading headers for hybris
+%systemroot%\system32\inetsrv\appcmd.exe set config  -section:system.webServer/rewrite/allowedServerVariables /+"[name='HTTP_X_Forwarded_Proto']" /commit:apphost
+%systemroot%\system32\inetsrv\appcmd.exe set config  -section:system.webServer/rewrite/allowedServerVariables /+"[name='HTTP_X_Forwarded_By']" /commit:apphost