-
1. Re: JBoss 5 SSL
venuwin Jan 16, 2009 4:02 AM (in response to venuwin)Hi,
This issue prevails only for Jboss5. Not for JBoss 4.
In case of JBoss 5 - On windows machine it works, but not on linux box.
Any idea ? -
2. Re: JBoss 5 SSL
jaikiran Jan 16, 2009 5:32 AM (in response to venuwin)The issue is that when i switch from HTTP page to HTTPS page
How do you do that? Through code? Through configuration? I might be asking a dumb question, but sorry i am not good at this :) -
3. Re: JBoss 5 SSL
venuwin Jan 16, 2009 6:04 AM (in response to venuwin)Hi jaikiran,
I could not get your question. Please elaborate -
4. Re: JBoss 5 SSL
jaikiran Jan 16, 2009 6:18 AM (in response to venuwin)I meant how do you switch from HTTP page to HTTPS page?
-
5. Re: JBoss 5 SSL
venuwin Jan 16, 2009 6:27 AM (in response to venuwin)Jai,
Please see this below :<security-constraint> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <url-pattern>/app/secure</url-pattern> <http-method>GET</http-method> <http-method>POST</http-thod> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
The web server will automatically make the URL use HTTPS if it finds this URL pattern -
6. Re: JBoss 5 SSL
jaikiran Jan 16, 2009 7:09 AM (in response to venuwin)Thanks, that helps understand the flow :)
And now based on your configuration:<!-- A HTTP/1.1 Connector on port 8080 --> <Connector protocol="HTTP/1.1" port="80" address="${jboss.bind.address}" connectionTimeout="20000" redirectPort="443" />
The redirectPort here, says that if a
redirectPort: Names the TCP/IP port number to which a request should be redirected, if it comes in on a non-SSL port, and is subject to a security constraint with a transport guarantee that requires SSL.
So when you are moving from HTTP to HTTPS, it should have redirected to 443 instead of 8443.
Can you post the relevant part from the console logs which shows log messages like this just when the server has started:17:33:03,218 INFO [Http11Protocol] Starting Coyote HTTP/1.1 on http-0.0.0.0-8080
17:33:03,238 INFO [AjpProtocol] Starting Coyote AJP/1.3 on ajp-0.0.0.0-8009
17:33:03,259 INFO [Http11Protocol] Starting Coyote HTTP/1.1 on http-0.0.0.0-8443
17:33:03,269 INFO [ServerImpl] JBoss (Microcontainer) [5.0.0.GA (build: SVNTag=JBoss_5_0_0_GA date=200812041714)] Started in 40s:150ms
And more importantly, are you using the ServiceBindingManager to change the default port configurations which JBoss uses? -
7. Re: JBoss 5 SSL
venuwin Jan 16, 2009 7:18 AM (in response to venuwin)Jaikiran,
this is the log2009-01-16 01:32:34,646 DEBUG [org.jboss.web.tomcat.service.deployers.TomcatService] (main) Saw org.jboss.system.server.started notification, starting connectors 2009-01-16 01:32:34,657 INFO [org.apache.coyote.http11.Http11Protocol] (main) Starting Coyote HTTP/1.1 on http-10.253.194.4-80 2009-01-16 01:32:34,698 INFO [org.apache.coyote.ajp.AjpProtocol] (main) Starting Coyote AJP/1.3 on ajp-10.253.194.4-8009 2009-01-16 01:32:34,967 INFO [org.apache.coyote.http11.Http11Protocol] (main) Starting Coyote HTTP/1.1 on http-10.253.194.4-443 2009-01-16 01:32:34,982 INFO [org.jboss.bootstrap.microcontainer.ServerImpl] (main) JBoss (Microcontainer) [5.0.0.GA (build: SVNTag=JBoss_5_0_0_GA date=200812041714)] Started in 3m:2s:959ms
I am not using ServiceBindingManager . I have not used it in Jboss4 also. But still it works.
Please throw some light on it .
Thanks
Venu -
8. Re: JBoss 5 SSL
jaikiran Jan 16, 2009 7:18 AM (in response to venuwin)"venuwin" wrote:
In case of JBoss 5 - On windows machine it works, but not on linux box.
Looks like an iptable issue then? I am not great at Linux or networking, you might want get in touch with your network administrator who might be able to figure out if the port is being redirected. -
9. Re: JBoss 5 SSL
venuwin Jan 16, 2009 7:20 AM (in response to venuwin)Jai,
You mmmmannnnnnnnnn, lightning fast replies. Thanks for the support.
Let me check with some linux fundu guys and get back to you.
Thanks
Venu -
10. Re: JBoss 5 SSL
venuwin Jan 16, 2009 8:33 AM (in response to venuwin)Jaikiran,
saw in some forums that you have discussed about port configuration on jboss.
None of the references that i came across helped.
Can u let me know the best way to control ports in Jboss 5 and samples/help docs if any.
thanks -
12. Re: JBoss 5 SSL
venuwin Jan 16, 2009 10:03 AM (in response to venuwin)Though it is not relevant to this thread, could you please tell me why we have to bind the server to an IP address if we have to access from remote computer in case of Jboss 4.2 and later.
In Jboss4.0, just "sh run.sh" would start the server and still i can access it from a remote computer.
In Jboss 4.2 and later, if i do the above, i can only access the application from the local machine but not from remote. Any clue? -