2 Replies Latest reply on Dec 2, 2011 5:08 AM by arunvg

Weird behaviour in HTTPS mode

arunvg Dec 1, 2011 1:14 AM

Hi All,

We are getting an issue in our web application when working in the Secure mode. We have configured Jboss 4.0 to work in the HTTPS mode , the HTTP port is disabled.

Suppose the URL to access our appl is

https://localhost:8443/webapp/login.do

on this we get the login page and if we change the url in the browser as

http://localhost:8443/webapp/login.do

i.e changing the url to http from https we are getting the screen refreshed . We were expecting a page not found

If we did the same activity after login the page gets refreshed and if we click any other link or button browser doesnot get the response.

Jboss server log has error like

avax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:541)

at sun.security.ssl.InputRecord.read(InputRecord.java:374)

at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:861)

at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1262)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1289)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1273)

at org.apache.tomcat.util.net.jsse.JSSESocketFactory.handshake(JSSESocketFactory.java:119)

Can we catch this in our application and throw an error page. Any hint

We tried the same in weblogic 10g and the same thing occurs but with a differrent log

<BEA-090475> <Plaintext data for protocol HTTP was received from peer localhost - 127.0.0.1 instead of an SSL handshake.>

1. Re: Weird behaviour in HTTPS mode

jaikiran Dec 1, 2011 2:15 AM (in response to arunvg)

Arun V G wrote:

Can we catch this in our application and throw an error page. Any hint

See the "Create default error page" section here http://weblogs.java.net/blog/crazybob/archive/2004/02/exception_handl.html. You'll also find similar examples if you do a search for "error pages in web.xml" (or some similar search term).
1 of 1 people found this helpful
Actions
2. Re: Weird behaviour in HTTPS mode

arunvg Dec 2, 2011 5:08 AM (in response to jaikiran)

@ jai Thanks for the response.

The first time we are changing from https to http we are not getting the error

The same thing can be seen in the below link

https://community.jboss.org/login.jspa

Afterloading the login page change the url in browser to

http://community.jboss.org/login.jspa

Here the browser refreshes to load the correct url .We want to acheive exactly this

In our application in the first request ,while debugging in the webfilter we could find that the request is coming as secure. Is there any way to identify this scenario
Actions

Go to original post