-
1. Re: how to setup server.xml on jboss 5.1.0 for HTTPS protocol
mrectenwald Jun 21, 2012 9:39 AM (in response to trimulyo)I recently went through same process as you. Your server.xml looks ok. To force http request to 8443 port, one must modify the web.xml file too. The below security-constraint forces the entire application to port 8443. One also can configure web.xml to force the secure port to a page, for example, by changing the web-resouce-collection element.
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
-
2. Re: how to setup server.xml on jboss 5.1.0 for HTTPS protocol
trimulyo Jun 25, 2012 6:39 AM (in response to mrectenwald)i found many web.xml, which one that you suggest?
-
3. Re: how to setup server.xml on jboss 5.1.0 for HTTPS protocol
mrectenwald Jun 25, 2012 6:45 AM (in response to trimulyo)tri mulyo wrote:
i found many web.xml, which one that you suggest?
That depends...which application do you want users to access via https.
-
4. Re: how to setup server.xml on jboss 5.1.0 for HTTPS protocol
trimulyo Jun 25, 2012 7:08 AM (in response to mrectenwald)tri mulyo wrote:
i found many web.xml, which one that you suggest?
That depends...which application do you want users to access via https.
sorry, I am confused. below is part of server.xml that i found
<!-- A security constraint that restricts access -->
<security-constraint>
<web-resource-collection>
<web-resource-name>ContextServlet</web-resource-name>
<description>An example security config that only allows users with the
role 'JBossAdmin' to access the JBossWS console web application
</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>
-
5. Re: how to setup server.xml on jboss 5.1.0 for HTTPS protocol
mrectenwald Jun 25, 2012 9:30 AM (in response to trimulyo)sorry, I am confused. below is part of server.xml that i found
<!-- A security constraint that restricts access -->
<security-constraint>
<web-resource-collection>
<web-resource-name>ContextServlet</web-resource-name>
<description>An example security config that only allows users with the
role 'JBossAdmin' to access the JBossWS console web application
</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>
Hmmm...I did a search on the above (grep -R <something from above> deploy) in the deploy directory and did not get any hits on the server.xml file as noted in your reply. The hits I got were from the web.xml. So now I'm confused. If I understand you correctly, you want your apps redirected to https. Change the server.xml file (like the excerpt you posted) and application web.xml file. Or configure a proxy to handle the https request.
The Security Guide has some great information setting up the server.xml file and web.xml file.
-
6. Re: how to setup server.xml on jboss 5.1.0 for HTTPS protocol
trimulyo Jun 26, 2012 6:39 AM (in response to mrectenwald)sorry, I am confused. below is part of server.xml that i found
<!-- A security constraint that restricts access -->
<security-constraint>
<web-resource-collection>
<web-resource-name>ContextServlet</web-resource-name>
<description>An example security config that only allows users with the
role 'JBossAdmin' to access the JBossWS console web application
</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>JBossAdmin</role-name>
</auth-constraint>
</security-constraint>
Hmmm...I did a search on the above (grep -R <something from above> deploy) in the deploy directory and did not get any hits on the server.xml file as noted in your reply. The hits I got were from the web.xml. So now I'm confused. If I understand you correctly, you want your apps redirected to https. Change the server.xml file (like the excerpt you posted) and application web.xml file. Or configure a proxy to handle the https request.
The Security Guide has some great information setting up the server.xml file and web.xml file.
Hi Big Sky,
Sorry I am wrong..I mean the data from web.xml.
-
7. Re: how to setup server.xml on jboss 5.1.0 for HTTPS protocol
sat.ena Jun 26, 2012 5:12 PM (in response to trimulyo)What do you get when you access via https?
Also check the server firewall for 8443 port if it is open. Just a thought.
-
8. Re: how to setup server.xml on jboss 5.1.0 for HTTPS protocol
fyakin Oct 30, 2012 2:30 PM (in response to trimulyo)I have similar problem, I would like to redirect port 8080 to 8443
How you resolve your issue?
I have setup my server.xml and web.xml ( I have multiple web.xml from multiple directories). SO I don't know which one that I need to modify
Thanks
Francis
-
9. Re: how to setup server.xml on jboss 5.1.0 for HTTPS protocol
erasmomarciano Oct 31, 2012 4:24 AM (in response to sat.ena)Hi
Your broswer opens the pop-up or it shows a messagge of info that your certificate isn't trusted.
I suppuse this certificate is self-signed.
This message is also a mode sure for to know that the connector https it works