4 Replies Latest reply: Oct 3, 2010 12:27 PM by Vinod Pandey RSS

Problems with SSL redirection on JBoss 5.1.0GA

Todd Gould Novice

Hello,

 

Sorry for the cross post, but thought that this may be a better place for this question.

 

I'm using  JBoss [The Oracle] 5.1.0.GA.  In previous releases I have successfully configured SSL and and the associated port redirection without any problems.  However, in this environment, I am having unexpected problems.  Your help will be greatly appreciated....

 

 

Here is what I have....

 

 

from server.xml:


     <!-- A HTTP/1.1 Connector on port 7000 -->
      <Connector protocol="HTTP/1.1" port="7000" address="${jboss.bind.address}"
               connectionTimeout="20000" redirectPort="7001" />

      <!-- Add this option to the connector to avoid problems with
          .NET clients that don't implement HTTP/1.1 correctly
         restrictedUserAgents="^.*MS Web Services Client Protocol 1.1.4322.*$"
      -->

      <!-- A AJP 1.3 Connector on port 8009 -->
      <Connector protocol="AJP/1.3" port="8009" address="${jboss.bind.address}"
         redirectPort="7001" />

 

      <!-- SSL/TLS Connector configuration using the admin devl guide keystore-->
      <Connector protocol="HTTP/1.1" SSLEnabled="true" enableLookups="true"
           port="7001" address="${jboss.bind.address}"
           scheme="https" secure="true" clientAuth="false"
           keystoreFile="${jboss.home.dir}/certs/mysvr1.jks"
           keystorePass="zzzzz" sslProtocol = "TLS"
           truststoreFile="${jboss.home.dir}/certs/mysvr1Trust.jks"
           truststorePass="zzzzz" />

 

from my apps web.xml:

 

from web.xml:

<security-constraint>
        <web-resource-collection>
            <web-resource-name>All restricted resources</web-resource-name>
            <description>Protects all AppAdmin restricted resources</description>
            <url-pattern>/pages/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <user-data-constraint>
         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
</security-constraint>

 

Symptoms:

 

http://myserver:7000/Myapp/login.xhtml (when I hit this URL, it produces downloadable result - as expected - this is not within the data-constraint resource-collection)

http://myserver:7000/Myapp/pages/index.jsf  (when I hit this URl, I expect to be redirected to SSL port (inside data-constraint); but do NOT get redirected - i.e., URL stays http and port 700 - and results in Cannot find server or DNS error)

https://myserver:7001/Myapp/pages/index.jsf (works as expected - this shows that SSL appears to be configured and working properly)

 

Why is the redirect from an non SSL URL to an SSL URL (when accessing a data-constratint resource) not happening?  Again, your help is greatly appreciated!