0 Replies Latest reply on Aug 4, 2005 2:26 AM by Kuntala Guharoy

    Enabling SSL in jboss 3.2.2

    Kuntala Guharoy Newbie

      Hi,
      I am not able to enable SSL in JBoss to work properly

      I am running Jboss 3.2.2 on port 80 and I have an application.ear (myportal.ear) running on it. We can access the application simply by typing "http://address/myportal"

      Now I wanted to enable ssl while accesing this ear ,so I changed the jboss-service.xml and web.xml and created a keystore file.
      Now when i call a page like this

      "https://address:8443/myportal" - it works

      but it also works for an address like this

      "http://adress/myportal"

      But I want to restrict this access. (Without https one should not be able to open the above page)

      I am not sure whether i missed out something in configurations.
      Any suggestions would be of enormous help


      Below follows some relevant sections from my jboss-service.xml and web.xml


      
      ======= jboss-service.xml ==============
       <!-- A HTTP/1.1 Connector on port 80 -->
      <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
      address="${jboss.bind.address}"
      port="80" minProcessors="5" maxProcessors="100" enableLookups="true" acceptCount="10" debug="0" connectionTimeout="20000" useURIValidationHack="false"/>
      
      <!-- SSL/TLS Connector configuration using the SSL domain keystore-->
      <Connector className = "org.apache.coyote.tomcat4.CoyoteConnector"
      address="${jboss.bind.address}" port = "8443"
       scheme = "https" secure = "true">
      <Factory className = "org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
      keystoreFile="${jboss.server.home.dir}/conf/mykey.keystore"
      keystorePass="secret"
      protocol = "TLS"/>
      
      
      
      
      =============== web.xml =====================
      <security-constraint>
       <display-name>Security for Julius PDS</display-name>
       <web-resource-collection>
       <web-resource-name>Julius web Security</web-resource-name>
       <description>Redirect all to SSL</description>
       <url-pattern>/*</url-pattern>
       </web-resource-collection>
       <user-data-constraint>
       <description>Protection should be CONFIDENTIAL</description>
       <transport-guarantee>CONFIDENTIAL</transport-guarantee>
       </user-data-constraint>
       </security-constraint>
      
      


      Thanks in advance