-
1. Re: forwarding or redirecting HTTP to HTTPS
jonlee Jan 2, 2004 9:22 PM (in response to maximuszen)This is not exactly a JBoss/EJB question so it finds little response here. Protection of the resource would be better covered in a Servlet/JSP forum or tutorial rather than the JBoss forums.
However, you need to ensure that the HTTP connector is configured to perform the redirect for a protected resource. This would be achieved by defining that for Tomcat by adding the fragment in the Tomcat jboss-service.xml:redirectPort="7443"
You would then need to define the protection as per security constraints in the web.xml for your web application:<security-constraint> <web-resource-collection> <web-resource-name>Logins</web-resource-name> <url-pattern>/Login</url-pattern> <url-pattern>/login.jsp</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
A tutorial on security constraints would better explain this but essentially, any references to /Login or /login.jsp within the context of the web application will be forced to the redirect port specified in the Tomcat HTTP connector definition.
Sorry for the poor formatting - the new forum software seems a little defective in a few places such as formatting, searches, member profile views and posts tracking.
Hope this information helps. -
2. Re: forwarding or redirecting HTTP to HTTPS
maximuszen Jan 3, 2004 2:38 PM (in response to maximuszen)I'm not sure where to put the redirectPort="8443"
Shouldn't I put 8443? -
3. Re: forwarding or redirecting HTTP to HTTPS
maximuszen Jan 3, 2004 2:41 PM (in response to maximuszen)The formatting seems to be off, I meant
8443 -
4. Re: forwarding or redirecting HTTP to HTTPS
maximuszen Jan 3, 2004 3:25 PM (in response to maximuszen)yes... u have to set the redirection as i wrote above also i made the url pattern /*
the javadoc @ www.mortbay.org clued me into the xml tag. thanks jon -
5. Re: forwarding or redirecting HTTP to HTTPS
jonlee Jan 3, 2004 4:59 PM (in response to maximuszen)Glad you got it sorted. Just to clarify on your previous question on the redirect entry and its location (in case others didn't quite follow what went on):
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector" address="" port="8080" minProcessors="5" maxProcessors="100" redirectPort="8443" enableLookups="true" acceptCount="10" debug="0" connectionTimeout="20000" useURIValidationHack="false"/>
This is added to the Tomcat HTTP Connector definition in jboss-service.xml.
For Jetty, the jboss-service.xml entry for the HTTP listener would look like this:<Call name="addListener"> <Arg> <New class="org.mortbay.http.SocketChannelListener"> <Set name="Port"><SystemProperty name="jetty.port" default="8080"/></Set> <Set name="MinThreads">5</Set> <Set name="MaxThreads">100</Set> <Set name="MaxIdleTimeMs">30000</Set> <Set name="LowResourcePersistTimeMs">5000</Set> <Set name="confidentialPort">8443</Set> </New> </Arg> </Call>
Note that Jetty uses confidentialPort instead.