SSL Redirect Filter in JBoss is having "isSecure = false"

anandabasak Aug 16, 2011 11:14 AM

Hi,

We have configured SSL in one of our application running on Jboss EAP 5.0. It has Apache httpd webserver running on another host. SSL has been conigured on Apache as well as JBoss level. We are using port 443. The application URLs which should show as https are showing okay. There is a SignIn link in the webpage. While clicking on that, it also goes to a SignIn form which has URL with https. The developer of application has used his own filter "SecureRedirectFilter" in web.xml file to do a https redirect of this page. But our concern is in the application log file we see following line whenever the SignIn link is clicked

2011-08-16 09:02:37,039 SecureRedirectFilter [DEBUG] - isSecure = false

I am the JBoss AS Administrator. I have configured SSL on Apache and JBoss. Now I am trying to fix this issue for a week, but not getting any clue. Please help.

Regards

Ananda

1. Re: SSL Redirect Filter in JBoss is having "isSecure = false"

tarunbk Jun 20, 2013 12:46 PM (in response to anandabasak)

Even I am facing the same issue with EAP 6.1. Wonder if it has anything to do with locally generated unsigned certs?

[SOLVED]

Add secure="true" to the connection configuration.

It does not automatically default HTTPS to secure.

<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" enabled="true" secure="true">

Message was edited by: Tarun Babu
Actions