-
1. Re: SSLValve on JBoss AS 7.1.1?
xerces8 Jan 29, 2015 12:27 PM (in response to xerces8)It works if added to WEB-INF/jboss-web.xml , like this:
<?xml version="1.0" encoding="UTF-8"?> <jboss-web xmlns="http://www.jboss.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-web_7_1.xsd" version="7.0"> <valve><class-name>org.apache.catalina.valves.SSLValve</class-name></valve> </jboss-web>
This must be done in each deployed application (which makes them environment dependent).
-
2. Re: SSLValve on JBoss AS 7.1.1?
ctomc Feb 2, 2015 4:23 AM (in response to xerces8)David Balažic wrote:
It works if added to WEB-INF/jboss-web.xml , like this:
This must be done in each deployed application (which makes them environment dependent).
not really, jboss-web.xml is only used by jboss app server...
in some later version of AS7.x / EAP we added support for global valves back, but TBH i am not sure which version it was. if you use EAP 6.4.Alpha i am sure it is there
-
3. Re: SSLValve on JBoss AS 7.1.1?
xerces8 Feb 11, 2015 5:52 AM (in response to ctomc)What I meant was: now we have a WAR for use behind proxy and one for "regular" setup.
(the WAR with SSLValve could be used in both, both the users could inject the cert in to the HTTP headers and fake other users)