Story #4954: As a user, I can restrict a Distribution to serve a particular scheme

Story #4954

 

 **Ticket moved to GitHub**: "pulp/pulpcore/1835":https://github.com/pulp/pulpcore/issues/1835 




 ---- 


 ### Problem 

 A user wants to configure specific repositories to serve via http, others via https, and yet others via both. The use case for https is that people want security. The use case for http is that some clients may not support https. 

 ### Solution 

 Add a field named `allowed_scheme` to `BaseDistribution` so it's available to all subclassed Distribution types. This is a choice field that accepts one of 3 values: 

 ~~~ 
 http - Only serve the request if the scheme is 'http' 
 https - Only serve the request if the scheme is 'https' 
 any - Serve all requests regardless of the scheme       <----- this is the default 
 ~~~ 

 Use the [X-Forwarded-Proto header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto) so Pulp can know the scheme being served in cases where TLS occurs before the reverse proxy call to Pulp. If the header is not present, the current request scheme is the one assumed.

Back

Project

Profile

Help

Pulp

Story #4954