You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Łukasz Budnik (JIRA)" <ji...@apache.org> on 2010/01/08 15:26:54 UTC
[jira] Updated: (GERONIMO-5010) Transport confifential not working,
403 instead of 302 HTTP headers returned
[ https://issues.apache.org/jira/browse/GERONIMO-5010?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Łukasz Budnik updated GERONIMO-5010:
------------------------------------
Comment: was deleted
(was: It might not be Tomcat issue...
I just downloaded G-Jetty 2.2
the same thing, when accessing:
http://localhost/console/secure
instead of being brought to https://localhost/console/secure I get:
HTTP ERROR 403
Problem accessing /console/secure. Reason:
Forbidden
Powered by Jetty://)
> Transport confifential not working, 403 instead of 302 HTTP headers returned
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-5010
> URL: https://issues.apache.org/jira/browse/GERONIMO-5010
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.2
> Environment: G 2.2 with Tomcat 6, running on Windows XP with Java 6
> Reporter: Łukasz Budnik
> Priority: Blocker
>
> I found it out by accident I was migrating Web Service which uses CONFIDENTIAL transport layer security.
> By looking at the tcpmon I found out that POST request weren't forwarded to HTTPS and was served using plain HTTP.
> The quickest way to reproduce this error:
> http://localhost:8080/console/secure
> Instead of being brought to https schema (followed by HTTP 302), the result is: HTTP 403 error.
> It was all working in G 2.1.x.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.