2 Replies Latest reply on Nov 3, 2014 8:16 AM by gurushant

    How to Auto Redirect http to https with 8.1?

    timpii
    timpii Oct 25, 2014 12:38 PM

      With Jboss AS 7.1.1 I successfully set up all connections to auto redirect to https via the following configuration

        <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">

          <configuration>

            <jsp-configuration x-powered-by="false" display-source-fragment="false"/>

          </configuration>

          <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http" redirect-port="8443"/>

          <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

            <ssl name="xxxx-ssl" key-alias="vault" password="xxxxxx" certificate-key-file="../standalone/configuration/xxxxxxx.keystore" cipher-suite="HIGH" protocol="TLSv1" verify-client="false"/>

          </connector>

          <virtual-server name="default-host" enable-welcome-root="false">

            <alias name="localhost"/>

          </virtual-server>

      ....

      And then placing the keystore in the configuration folder.

       

      I am upgrading the dev project to wildfly 8.1 and can not find an example or documentation on how to accomplish the same thing with undertow configuration. Anybody have an example or information on how to accomplish this?

        • 1. Re: How to Auto Redirect http to https with 8.1?
          timpii
          timpii Oct 25, 2014 1:44 PM (in response to timpii)

          I figured it out. The steps are in standalone.xml:

           

          1) Added the https-listener as default. Note - had to change the http-listener name, and add a servlet-container for that name.

          <subsystem xmlns="urn:jboss:domain:undertow:1.1">

            <buffer-cache name="default"/>

            <server name="default-server">

               <http-listener name="http-default" socket-binding="http"/>

               <https-listener name="default" socket-binding="https" security-realm="ssl-realm"/>

               <host name="default-host" alias="localhost">

                 <location name="/" handler="welcome-content"/>

                 <filter-ref name="server-header"/>

                 <filter-ref name="x-powered-by-header"/>

               </host>

             </server>

             <servlet-container name="http-default">

               <jsp-config/>

             </servlet-container>

             ....

           

          2) Created a security-realm by copying pasting the ApplicationRealm and naming it ssl-realm as defined within the https-listener. Then added ssl element as below.

           

          <security-realm name="ssl-realm">

            <server-identities>

              <ssl>

                <keystore path="../standalone/configuration/xxxxxx.keystore" keystore-password="xxxxxxx" alias="xxx"/>

              </ssl>

          </server-identities>

          ....

           

          It now works to redirect all http requests to https

          1 of 1 people found this helpful
            • Actions
          • 2. Re: How to Auto Redirect http to https with 8.1?
            gurushant
            gurushant Nov 3, 2014 8:16 AM (in response to timpii)

            @Tim Snyder,

             

            My question is, how do I redirect only those http requests to https, which came from port 80 or 8080. If user have set http port other than 80 or 8080, then it should not redirect to https.

              • Actions