1 files changed, 29 insertions, 10 deletions

diff --git a/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java b/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java
index 848ffba6f..75e02a24b 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java
@@ -26,6 +26,7 @@ public class AdminRequestFilter implements Filter
     private static final String HTTPS_SCHEME = "https";
     private static final String HTTPS_PORT = "https_port";
     private static final String HTTPS_ROLE = "Admin";
+    private static final String PROXY_PORT = "proxy_port";
 
     private FilterConfig config;
     
@@ -51,6 +52,7 @@ public class AdminRequestFilter implements Filter
 
         String request_port = null;
         String param_https_port = null;
+        String param_proxy_port = null;
         String msg = null;
         String param_active = null;
 
@@ -84,22 +86,39 @@ public class AdminRequestFilter implements Filter
                 return;
             }
 
+            param_proxy_port = config.getInitParameter(PROXY_PORT);
+            boolean bad_port = false;
+
             // Compare the request and param "https" ports
             if( ! param_https_port.equals( request_port ) ) {
-                String uri = ((HttpServletRequest) request).getRequestURI(); 
-                msg = "Use HTTPS port '" + param_https_port
-                    + "' instead of '" + request_port
-                    + "' when performing " + HTTPS_ROLE + " tasks!";
-                CMS.debug( filterName + ":  " + msg );
-                CMS.debug( filterName + ": uri is " + uri);
-                if ((param_active != null) &&(param_active.equals("false"))) {
-                    CMS.debug("Filter is disabled .. continuing");
+                String uri = ((HttpServletRequest) request).getRequestURI();
+                if (param_proxy_port != null) {  
+                    if (!param_proxy_port.equals(request_port)) {
+                        msg = "Use HTTPS port '" + param_https_port
+                            + "' or proxy port '" + param_proxy_port
+                            + "' instead of '" + request_port
+                            + "' when performing " + HTTPS_ROLE + " tasks!";
+                        bad_port = true;
+                    }
                 } else {
-                    resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg );
-                    return;
+                    msg = "Use HTTPS port '" + param_https_port
+                        + "' instead of '" + request_port
+                        + "' when performing " + HTTPS_ROLE + " tasks!";
+                    bad_port = true;
+                }
+                if (bad_port) {
+                    CMS.debug( filterName + ":  " + msg );
+                    CMS.debug( filterName + ": uri is " + uri);
+                    if ((param_active != null) &&(param_active.equals("false"))) {
+                        CMS.debug("Filter is disabled .. continuing");
+                    } else {
+                        resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg );
+                        return;
+                    }
                 }
             }
         }
+
         // CMS.debug("Exiting the admin filter");
 
         chain.doFilter( request, response );