ssl_requirement does not redirect to https

I'm trying to get SSL working on my app, using ssl_requirement. SSL is
working, but ssl_requirement doesn't seem to be handling the request
properly- it doesn't redirect to https.

Relevant files:

application.rb:
class ApplicationController < ActionController::Base
  include SslRequirement
  include AuthenticatedSystem

  def ssl_required?
    return false if local_request? || RAILS_ENV == 'test'
    super
  end
...
end

users_controller.rb:
class UsersController < ApplicationController
  ssl_required :new, :create, :reset_password

...
end

vhost.conf:
( VirtualHost *:80 is a duplicate of the code below, except for the
first 2 lines)
<VirtualHost 123.123.123.123:443>
SSLEngine on
RequestHeader set X_FORWARDED_PROTO "https"

DocumentRoot /var/www/apps/my_app/current/public

  <Directory /var/www/apps/my_app/current/public>
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
  </Directory>

  # Configure mongrel_cluster
  <Proxy balancer://my_app_cluster>
    BalancerMember http://127.0.0.1:8000
    BalancerMember http://127.0.0.1:8001
  </Proxy>

  RewriteEngine On

  # Prevent access to .svn directories
  RewriteRule ^(.*/)?\.svn/ - [F,L]
  ErrorDocument 403 "Access Forbidden"

  # Check for maintenance file and redirect all requests
  RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
  RewriteCond %{SCRIPT_FILENAME} !maintenance.html
  RewriteRule ^.*$ /system/maintenance.html [L]

  # Rewrite index to check for static
  RewriteRule ^/$ /index.html [QSA]

  # Rewrite to check for Rails cached page
  RewriteRule ^([^.]+)$ $1.html [QSA]

  # Redirect all non-static requests to cluster
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
  RewriteRule ^/(.*)$ balancer://my_app_cluster%{REQUEST_URI}
[P,QSA,L]

  # Deflate
  AddOutputFilterByType DEFLATE text/html text/plain text/xml
  BrowserMatch ^Mozilla/4 gzip-only-text/html
  BrowserMatch ^Mozilla/4\.0[678] no-gzip
  BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

  ErrorLog logs/my_app.com-error_log
  CustomLog logs/my_app.com-access_log combined

  # This just specifies locations of key and crt files
  Include /etc/httpd/conf/apps/ssl.conf
</VirtualHost>

In production, the app just throws a 404 when I try to access
https://my_app.com/signup.

My specs:

describe "Requesting /signup" do
  controller_name :users

  before(:each) do
    @user = mock_model(User, :to_param => "1", :save => true)
    User.stub!(:new).and_return(@user)
  end

  def do_get
    get :new
  end

  it "should redirect to HTTPS version if request.ssl? is false" do
    request.stub!(:ssl?).and_return false
     do_get
     response.should redirect_to("https://test.host/signup")
  end

  it "should redirect to the HTTPS version" do
    request.stub!(:ssl?).and_return true
    do_get
    response.should redirect_to("https://test.host/signup")
  end
end

autotest spits out:
'Requesting /signup should redirect to the HTTPS version' FAILED
expected redirect to "https://test.host/signup", got redirect to
"http://test.host/signup"

'Requesting /signup (/users/new) should redirect to HTTPS version if
request.ssl? is false' FAILED
expected redirect to "https://test.host/signup", got no redirect

When I try to access the production site via the command line, I get
this:
$ curl -I https://my_app.com/signup
HTTP/1.1 302 Moved Temporarily
Server: Mongrel 1.0.1
Status: 302 Found
Location: http://my_app.com/signup
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 107
Set-Cookie: _my_app_session_id=7eeea00b749ef2ed8b06730b18c62646;
path=/
Vary: Accept-Encoding
Connection: close

$ curl -I http://my_app.com/signup
HTTP/1.1 200 OK
Server: Mongrel 1.0.1
Status: 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-length: 12031
Connection: Keep-Alive
Set-Cookie: _my_app_session_id=5c8fd1c3f962b65aeeb6a4b6299c3e46;
path=/

The request is getting past Apache, it looks like the app itself is
not handling the request correctly.

Has anyone encountered this problem before? Any help would be much
appreciated.

Bobby

try to comment out
  def ssl_required?
    return false if local_request? || RAILS_ENV == 'test'
    super
  end

In your test env, you disable ssl with the above code.

I usually set ENV['USE_SSL'] in my env., then application_controller
picks it up in ssl_required?.

Thanks, I'll try that. Further debugging also indicates a conflict
with a plugin, will just have to find out which.