-
2. Re: Help required in Switching from http to https in jboss-
cool_bhanu Jun 18, 2006 5:39 AM (in response to cool_bhanu)HI Cgriffith
The setup of ssl in jboss is successful the problem iam facing is switching
From http to https without the popping up of authentication dialog
And also
I have created sample struts application
with login page and displays page when I go for submit submit
but my requirement is
To switch from http to https
that is i should be able to access the login page
with http but when i give submit it should go into secure mode and the next page should be displayed
As per your instructions i made changes in web.xml file
to include
security-constraint>
<web-resource-collection>
<web-resource-name>Sample Application</web-resource-name>
Require users to authenticate
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
Only allow Authenticated_users role
<role-name>TEST_ROLE_NAME</role-name>
</auth-constraint>
<user-data-constraint>
Encryption is not required for the application in general.
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-role>
<role-name>TEST_ROLE_NAME</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>TEST_REALM_NAME</realm-name>
</login-config>
i created users.properties and roles.properties in conf directory to include appropriate parameters
now when i try to go to http://localhost:8080/Struts4
i do get the login page but when i go for submit
i get authenctication dialog asking for username and password for TEST_REALM_NAME
and when i give the correct parameters authentication happens properly
and i again go to the first page i.e the login page only differnce now is it the same login page but with https://
but the what the real requirementa of mine are
1. when i first open the login page in http://
and i submit the login credential( jsp page) and give the submit button
i should go into secure mode and should go to the next page ie it should have https in the url
2. I should not get any authentication dialog(TEST_REAL_NAME) asking for username and password ,
directly i should go to the next page when i give
the submit button .i.e there should not come any authenticaion dialog while switching from http to https
can u give me any idea regarding this
appreciate your response in this regard
Thanks
BHanu -
3. Re: Help required in Switching from http to https in jboss-
cool_bhanu Jun 18, 2006 5:42 AM (in response to cool_bhanu)Hi Cgriffith,
I had created a separate thread for this
I have posted my messages there
you can find that at
http://www.jboss.org/index.html?module=bb&op=viewtopic&t=84906
Appreciate your response
Thanks
Bhanu -
4. Re: Help required in Switching from http to https in jboss-
j2ee_junkie Jun 19, 2006 8:22 AM (in response to cool_bhanu)Bhanu,
O.K. so we got SSL going. Good.
Now, there are some inconsistencies in what you want versus how you have your application configured.
First, you mention that your application has a login form(i.e. FORM auth method), but your application is set up to use BASIC authentication. You have to choose one.
Second, currently only struts actions are configured to use SSL. So any requests to a *.jsp, will not use SSL. I do not think this is what you want.
Hope this helps to clarify, cgriffith -
5. Re: Help required in Switching from http to https in jboss-
cool_bhanu Jun 21, 2006 10:06 AM (in response to cool_bhanu)Hi CGriffith,
Thanks a lot for your help
finally i was able to login in to page with http access and when i logged in the communication was in secure mode(https).....
The mistake which i made was that i had failed to include form-login-config
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
Once again thank you very much.
Bye
Bhanu -
6. Re: Help required in Switching from http to https in jboss-
cool_bhanu Jun 28, 2006 9:36 AM (in response to cool_bhanu)Hi Cgrifith
Sorry to trouble u once again
I have encountered some problem with the login in struts
I had made necessary changes to include <transport-guarantee>
and login-config to include the user properties
but the <form-login-config>
<form-login-page>/display.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
is forcing it to go to the pages which i give in form-login-page
instead it should go
to NameAction which extends Action and based on the logic there
i should go to the required success or error page
and iam not understanding the importance if <form-login-config>
like if i remove the lines
<form-login-config>
<form-login-page>/display.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
i get the exceptions
18:59:15,687 WARN [FormAuthenticator] Unexpected error forwarding to login page
java.lang.NullPointerException
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:238)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:59)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
at java.lang.Thread.run(Thread.java:595)
Could you please help me resolve this
Regards
Bhanu -
7. Re: Help required in Switching from http to https in jboss-
soshah Jun 29, 2006 9:03 AM (in response to cool_bhanu)"cool_bhanu" wrote:
<form-login-config>
<form-login-page>/display.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
is forcing it to go to the pages which i give in form-login-page
instead it should go
to NameAction which extends Action and based on the logic there
i should go to the required success or error page
You will have to integrate the logic in your NameAction object (which decides whether login is success or failure) into the JAAS LoginModule that is actually processing the Login Usecase now. If you are using one of the standard JAAS Login modules, you will have to use a custom JAAS Login Module to incorporate this logic instead.
As far as redirecting to pages of your choosing instead of the pages specified in your form-config goes, you will have to integrate a custom FormAuthenticator that extends the org.apache.catalina.authenticator.FormAuthenticator."cool_bhanu" wrote:
and iam not understanding the importance if <form-login-config>
like if i remove the lines
<form-login-config>
<form-login-page>/display.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
I believe this information is required by the org.apache.catalina.authenticator.FormAuthenticator and should *not* be left out