Symfony2 behind ELB is redirecting to http instead of https

Question

Issue:

• User logs in with https://example.com/login
• Authentication is approved
• As configured in security.yml Symfony2 redirects u

Answer 1

Take a look at

vendor/symfony/symfony/src/Symfony/Component/HttpFoundation/Request.php

AWS ELB's use HTTP_X_FORWARDED_PROTO and HTTP_X_FORWARDED_PORT while Symfony looks the X_FORWARDED_PROTO and X_FORWARDED_PORT headers to judge the connection and its secure status.

You can try changing those keys in the trustedHeaders although I would not recommend directly changing them but finding a way to override those.

protected static $trustedHeaders = array(
        self::HEADER_CLIENT_IP    => 'X_FORWARDED_FOR',
        self::HEADER_CLIENT_HOST  => 'X_FORWARDED_HOST',
        self::HEADER_CLIENT_PROTO => 'HTTP_X_FORWARDED_PROTO',
        self::HEADER_CLIENT_PORT  => 'HTTP_X_FORWARDED_PORT',
    );

Reference - http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#x-forwarded-for