in the short term, you could take our servlet and modify it so that it sets the protocol on the incoming URL based on the "isSecure" flag in HttpServletRequest.