Enhancement: Add recaptcha service health check.

[GoogleCodeExporter]

What steps will reproduce the problem?

1. Configure PWM running under Tomcat without SSL (plain HTTP over port 8080), 
behind Apache reverse proxy serving clients over SSL (HTTPS over port 443).  
Configure PWM to use reCAPTCHA.

2. Try to activate a new account.

What is the expected output? What do you see instead?

Expected: A page that includes a reCAPTCHA challenge.

Instead: Depends on the browser.  Modern browsers (E.g. FF 23) don't display 
the reCAPTCHA challenge due to the mixing of HTTPS and HTTP content.

What version of PWM are you using?

1.6.4

What ldap directory and version are you using?

OpenLDAP 2.3.43

The fix:

Add 'secure="true"' to the HTTP connector within Tomcat's server.xml config 
file.  This will ensure that calls to request.isSecure() return true, which 
tells PWM to generate HTTPS URLs linking to Google's reCAPTCHA service when 
embedding them in pages returned to browsers.

Original issue reported on code.google.com by rjaf...@gmail.com on 22 Aug 2013 at 3:56

[GoogleCodeExporter]

Documenting tomcat/apache isn't the goal of this project.  Modifying this issue 
to add a health check for the captcha service which would hopefully help you 
diagnose your issue.

Original comment by jrivard on 6 Sep 2013 at 12:35

• Changed title: Enhancement: Add recaptcha service health check.
• Changed state: Accepted
• Added labels: Type-Enhancement
• Removed labels: Type-Help

[GoogleCodeExporter]

Would such a health check be able to determine that a browser is silently 
refusing to fetch mixed content?

Original comment by rjaf...@gmail.com on 6 Sep 2013 at 7:42