ssl_requirement does not redirect to https

I'm trying to get SSL working on my app, using ssl_requirement. SSL is
working, but ssl_requirement doesn't seem to be handling the request
properly- it doesn't redirect to https.

Relevant files:

class ApplicationController < ActionController::Base
  include SslRequirement
  include AuthenticatedSystem

  def ssl_required?
    return false if local_request? || RAILS_ENV == 'test'

class UsersController < ApplicationController
  ssl_required :new, :create, :reset_password


( VirtualHost *:80 is a duplicate of the code below, except for the
first 2 lines)
SSLEngine on
RequestHeader set X_FORWARDED_PROTO "https"

DocumentRoot /var/www/apps/my_app/current/public

  <Directory /var/www/apps/my_app/current/public>
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all

  # Configure mongrel_cluster
  <Proxy balancer://my_app_cluster>

  RewriteEngine On

  # Prevent access to .svn directories
  RewriteRule ^(.*/)?\.svn/ - [F,L]
  ErrorDocument 403 "Access Forbidden"

  # Check for maintenance file and redirect all requests
  RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
  RewriteCond %{SCRIPT_FILENAME} !maintenance.html
  RewriteRule ^.*$ /system/maintenance.html [L]

  # Rewrite index to check for static
  RewriteRule ^/$ /index.html [QSA]

  # Rewrite to check for Rails cached page
  RewriteRule ^([^.]+)$ $1.html [QSA]

  # Redirect all non-static requests to cluster
  RewriteRule ^/(.*)$ balancer://my_app_cluster%{REQUEST_URI}

  # Deflate
  AddOutputFilterByType DEFLATE text/html text/plain text/xml
  BrowserMatch ^Mozilla/4 gzip-only-text/html
  BrowserMatch ^Mozilla/4\.0[678] no-gzip
  BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

  ErrorLog logs/
  CustomLog logs/ combined

  # This just specifies locations of key and crt files
  Include /etc/httpd/conf/apps/ssl.conf

In production, the app just throws a 404 when I try to access

My specs:

describe "Requesting /signup" do
  controller_name :users

  before(:each) do
    @user = mock_model(User, :to_param => "1", :save => true)

  def do_get
    get :new

  it "should redirect to HTTPS version if request.ssl? is false" do
    request.stub!(:ssl?).and_return false
     response.should redirect_to("")

  it "should redirect to the HTTPS version" do
    request.stub!(:ssl?).and_return true
    response.should redirect_to("")

autotest spits out:
'Requesting /signup should redirect to the HTTPS version' FAILED
expected redirect to "", got redirect to

'Requesting /signup (/users/new) should redirect to HTTPS version if
request.ssl? is false' FAILED
expected redirect to "", got no redirect

When I try to access the production site via the command line, I get
$ curl -I
HTTP/1.1 302 Moved Temporarily
Server: Mongrel 1.0.1
Status: 302 Found
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 107
Set-Cookie: _my_app_session_id=7eeea00b749ef2ed8b06730b18c62646;
Vary: Accept-Encoding
Connection: close

$ curl -I
HTTP/1.1 200 OK
Server: Mongrel 1.0.1
Status: 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-length: 12031
Connection: Keep-Alive
Set-Cookie: _my_app_session_id=5c8fd1c3f962b65aeeb6a4b6299c3e46;

The request is getting past Apache, it looks like the app itself is
not handling the request correctly.

Has anyone encountered this problem before? Any help would be much


try to comment out
  def ssl_required?
    return false if local_request? || RAILS_ENV == 'test'

In your test env, you disable ssl with the above code.

I usually set ENV['USE_SSL'] in my env., then application_controller
picks it up in ssl_required?.

Thanks, I'll try that. Further debugging also indicates a conflict
with a plugin, will just have to find out which.