Architecture
============

client -> nginx -> tomcat

* nginx sets X-Forwarded-Proto
* tomcat (8.0.28) is configured with RemoteIpFilter

Servlet Code
============

@Path("/projects")
@Loggable
public class ProjectApi {
	@GET
	@Path("/test-url-generation")
	public Response testUrlGeneration(@Context HttpHeaders headers, @Context UriInfo uriInfo) {
		URI selfUrl = UriBuilder.fromPath("/api/v1/projects/test-url-generation").build();
		ResponseBuilder rb = Response.temporaryRedirect(selfUrl);
		return rb.build();
	}
}

Actual Behaviour
================

$ curl -k -v 'https://localhost/api/v1/projects/test-url-generation'
* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 443 (#0)
[snip SSL debug messages]
> GET /api/v1/projects/test-url-generation HTTP/1.1
> User-Agent: curl/7.35.0
> Host: localhost
> Accept: */*
> 
< HTTP/1.1 307 Temporary Redirect
* Server nginx/1.4.6 (Ubuntu) is not blacklisted
< Server: nginx/1.4.6 (Ubuntu)
< Date: Wed, 11 Nov 2015 18:07:45 GMT
< Transfer-Encoding: chunked
< Connection: keep-alive
< Location: http://localhost/api/v1/projects/test-url-generation
< 
* Connection #0 to host localhost left intact

Expected Behaviour
==================

Servlet should produce "Location" header with "https" scheme.

Other Notes
===========

Through debugging, I confirm that:

* RemoteIpFilter is activated
* It does change the scheme in the wrapped request XForwardedRequest