1 Reply Latest reply on Jul 21, 2010 2:28 PM by Todd Gould

    Problems with SSL redirection in JBoss 5.1.0.GA

    Todd Gould Novice



      I'm using  JBoss [The Oracle] 5.1.0.GA.  In previous releases I have successfully configured SSL and and the associated port redirection without any problems.  However, in this environment, I am having unexpected problems.  Your help will be greatly appreciated....



      Here is what I have....



      from server.xml:

           <!-- A HTTP/1.1 Connector on port 7000 -->
            <Connector protocol="HTTP/1.1" port="7000" address="${jboss.bind.address}"
                     connectionTimeout="20000" redirectPort="7001" />

            <!-- Add this option to the connector to avoid problems with
                .NET clients that don't implement HTTP/1.1 correctly
               restrictedUserAgents="^.*MS Web Services Client Protocol 1.1.4322.*$"

            <!-- A AJP 1.3 Connector on port 8009 -->
            <Connector protocol="AJP/1.3" port="8009" address="${jboss.bind.address}"
               redirectPort="7001" />


            <!-- SSL/TLS Connector configuration using the admin devl guide keystore-->
            <Connector protocol="HTTP/1.1" SSLEnabled="true" enableLookups="true"
                 port="7001" address="${jboss.bind.address}"
                 scheme="https" secure="true" clientAuth="false"
                 keystorePass="zzzzz" sslProtocol = "TLS"
                 truststorePass="zzzzz" />


      from my apps web.xml:


      from web.xml:

                  <web-resource-name>All restricted resources</web-resource-name>
                  <description>Protects all AppAdmin restricted resources</description>




      http://myserver:7000/Myapp/login.xhtml (when I hit this URL, it produces downloadable result - as expected - this is not within the data-constraint resource-collection)

      http://myserver:7000/Myapp/pages/index.jsf  (when I hit this URl, I expect to be redirected to SSL port (inside data-constraint); but do NOT get redirected - i.e., URL stays http and port 700 - and results in Cannot find server or DNS error)

      https://myserver:7001/Myapp/pages/index.jsf (works as expected - this shows that SSL appears to be configured and working properly)


      Why is the redirect from an non SSL URL to an SSL URL (when accessing a data-constratint resource) not happening?  Again, your help is greatly appreciated!

        • 1. Re: Problems with SSL redirection in JBoss 5.1.0.GA
          Todd Gould Novice

          Thanks to Jean-Frederic's observation, I was able to investigate the reponse returned from the original non-SSL request.  In fact, the redirection was happening.  However, the request was being requested to a port different from that configured in my server.xml.  Upon further examination, I determined that the SBM was 'overriding' the ports configured in server.xml.  After some changes in bindings--jboss-beans.xml to add fixedPort properties for the affected services, all works as desired.