2 Replies Latest reply on May 25, 2002 10:33 AM by Sean Howell

    Form Based SSL Redirection

    dan Newbie

      Hi

      I am having problems using form based authentication with Jboss and Catalina. I have configured them to use both http and https as per the documentation, but have found that the automatic redirection only works if Jboss is on port 80. If I try with Jboss 8080 the redirection to port 443 does not work.

      I have looked at the logs and it seems that the HttpProcessor class in Catalina receives an InputStream when the redirection takes place. When the port is set to 80 this can be read clearly, but with the port set to 8080 the InputStream just contains gibberish!

      Is this a known bug with Jboss + Catalina, or has anyone had the same problem? I've been spending alot of time trying to work out what the problem is, but I'm very confused. Please Help

      Thanks

      Dan

      ----------------------------------------------------
      jboss.jcml configuration


      http
      80







      Redirection works with the port attribute set to 80 but not when it is set to 8080.

      -----------------------------------------------------

        • 1. Re: Form Based SSL Redirection
          Iulian State Newbie

          Hi,
          I was reading this long topic of SSL redirection when I ran into this few days ago.
          Here are some steps that worked for me and I hope will work for everybody.

          First thing add the next line into yours jboss.properties file.
          java.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol

          Second create a security domain in jboss by adding the following lines into jboss.jcml
          [pre]

          .keystore
          changeit
          [/pre]
          The security domain name is all yours. You don't have to name it "SSL".
          KeyStoreURL attribute specifies the keystore file name and you can put the full path to it (in my case is in $JBOSS_HOME/conf/catalina).
          KeyStorePass is selfexplanatory.

          Now comes the fun part. Because the connector created by jboss (mbean) is not fully implementing the attributes
          of Connector specified in server.xml you can not specify the redirectPort attribute. JBoss is building with the
          default value of 443, so you need to create the secure connector first on port 8443 (or whatever you like). If
          you add SecurityDomain attribute JBoss will build this connector as a secure one. After this you can specify the
          Config attribute and create the http connector on port 8080 (or 80 or whatever you like). Let stop the talking
          and go to the configuration. Replace the original <mbean ... EmbeddedCatalinaServiceSX .../> with the one below.
          [pre]
          8443
          <!-- 2 -->
          java:/jaas/SSL




          [/pre]

          Hope this will answer your problem

          Iulian

          • 2. Re: Form Based SSL Redirection
            Sean Howell Newbie

            Anyone tried SSL on 3.0 RC2 ?

            Sean