You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Stefan Nilsson <th...@gmail.com> on 2005/07/15 15:31:57 UTC
Can't get ssl redirection to work properly
I am running Jboss 4.0.1 with the tomcat 5.0 and I have an
application.ear called pds running on it. To access the application
you simple write "http://adress:8080/pds"
Now I wanted to enable ssl on the webapp.war in the application so I
changed the server.xml and web.xml and created a keystore and
everything. I redirect from "8080" to "8443" and everything works as
long as do like this.
https://adress:8443/pds - works!!
http://adress:8080/pds/login.jsp - works! get redirected to
https://adress:8443/pds/xxxxx
http://adress:8080/pds - doesn´t work - I time out and get a no page
found error.
I really need the the old url "http://adress:8080/pds" to be
redirected to "https://adress:8443/pds "
Any suggestions??
Best regards
Stefan Nisson
Below follows some relevant sections from my server.xml and web.xml:
======= server.xml ==============
<Connector
port = "8080"
address = "${jboss.bind.address}"
maxThreads = "150"
minSpareThreads = "25"
maxSpareThreads = "75"
enableLookups = "false"
redirectPort = "8443"
acceptCount = "100"
connectionTimeout = "20000"
disableUploadTimeout = "true"/>
<Connector
port = "8443"
address = "${jboss.bind.address}"
maxThreads = "100"
minSpareThreads = "5"
maxSpareThreads = "15"
scheme = "https"
secure = "true"
clientAuth = "false"
keystoreFile = "./keystore"
keystorePass = "secret"
sslProtocol = "TLS"/>
=============== web.xml =====================
<security-constraint>
<display-name>Security for Julius PDS</display-name>
<web-resource-collection>
<web-resource-name>Julius web Security</web-resource-name>
<description>Redirect all to SSL</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<description>Protection should be CONFIDENTIAL</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Can't get ssl redirection to work properly
Posted by Manfred Steurer <ma...@gamed.com>.
I think you have a problem with the url-pattern in the web.xml.
It redirects anything after pds/ to ssl - but in http://adress:8080/pds
there is nothing.
I don't have time to test now, but it may work without any url-pattern
or just * instead of /*.
- ms
Stefan Nilsson wrote:
>Hi again.. I don´t know if this mail reached the mailinglist som I
>just reply to myself to get the attention again ;).
>Is this kind of behaviour by tomcat normal with the redirection?. Does
>behave in this way even if you just have an application.war file
>deployed on a standalone tomcat?
>
>Best regards
>Stefan Nilsson.
>
>On 7/15/05, Stefan Nilsson <th...@gmail.com> wrote:
>
>
>>I am running Jboss 4.0.1 with the tomcat 5.0 and I have an
>>application.ear called pds running on it. To access the application
>>you simple write "http://adress:8080/pds"
>>
>>Now I wanted to enable ssl on the webapp.war in the application so I
>>changed the server.xml and web.xml and created a keystore and
>>everything. I redirect from "8080" to "8443" and everything works as
>>long as do like this.
>>https://adress:8443/pds - works!!
>>
>>http://adress:8080/pds/login.jsp - works! get redirected to
>>https://adress:8443/pds/xxxxx
>>
>>http://adress:8080/pds - doesn´t work - I time out and get a no page
>>found error.
>>
>>I really need the the old url "http://adress:8080/pds" to be
>>redirected to "https://adress:8443/pds "
>>
>>Any suggestions??
>>Best regards
>>Stefan Nisson
>>
>>Below follows some relevant sections from my server.xml and web.xml:
>>
>>======= server.xml ==============
>>
>> <Connector
>> port = "8080"
>> address = "${jboss.bind.address}"
>> maxThreads = "150"
>> minSpareThreads = "25"
>> maxSpareThreads = "75"
>> enableLookups = "false"
>> redirectPort = "8443"
>> acceptCount = "100"
>> connectionTimeout = "20000"
>> disableUploadTimeout = "true"/>
>>
>> <Connector
>> port = "8443"
>> address = "${jboss.bind.address}"
>> maxThreads = "100"
>> minSpareThreads = "5"
>> maxSpareThreads = "15"
>> scheme = "https"
>> secure = "true"
>> clientAuth = "false"
>> keystoreFile = "./keystore"
>> keystorePass = "secret"
>> sslProtocol = "TLS"/>
>>
>>
>>=============== web.xml =====================
>><security-constraint>
>> <display-name>Security for Julius PDS</display-name>
>> <web-resource-collection>
>> <web-resource-name>Julius web Security</web-resource-name>
>> <description>Redirect all to SSL</description>
>> <url-pattern>/*</url-pattern>
>> </web-resource-collection>
>> <user-data-constraint>
>> <description>Protection should be CONFIDENTIAL</description>
>> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>> </user-data-constraint>
>> </security-constraint>
>>
>>
>>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Can't get ssl redirection to work properly
Posted by Stefan Nilsson <th...@gmail.com>.
Hi again.. I don´t know if this mail reached the mailinglist som I
just reply to myself to get the attention again ;).
Is this kind of behaviour by tomcat normal with the redirection?. Does
behave in this way even if you just have an application.war file
deployed on a standalone tomcat?
Best regards
Stefan Nilsson.
On 7/15/05, Stefan Nilsson <th...@gmail.com> wrote:
> I am running Jboss 4.0.1 with the tomcat 5.0 and I have an
> application.ear called pds running on it. To access the application
> you simple write "http://adress:8080/pds"
>
> Now I wanted to enable ssl on the webapp.war in the application so I
> changed the server.xml and web.xml and created a keystore and
> everything. I redirect from "8080" to "8443" and everything works as
> long as do like this.
> https://adress:8443/pds - works!!
>
> http://adress:8080/pds/login.jsp - works! get redirected to
> https://adress:8443/pds/xxxxx
>
> http://adress:8080/pds - doesn´t work - I time out and get a no page
> found error.
>
> I really need the the old url "http://adress:8080/pds" to be
> redirected to "https://adress:8443/pds "
>
> Any suggestions??
> Best regards
> Stefan Nisson
>
> Below follows some relevant sections from my server.xml and web.xml:
>
> ======= server.xml ==============
>
> <Connector
> port = "8080"
> address = "${jboss.bind.address}"
> maxThreads = "150"
> minSpareThreads = "25"
> maxSpareThreads = "75"
> enableLookups = "false"
> redirectPort = "8443"
> acceptCount = "100"
> connectionTimeout = "20000"
> disableUploadTimeout = "true"/>
>
> <Connector
> port = "8443"
> address = "${jboss.bind.address}"
> maxThreads = "100"
> minSpareThreads = "5"
> maxSpareThreads = "15"
> scheme = "https"
> secure = "true"
> clientAuth = "false"
> keystoreFile = "./keystore"
> keystorePass = "secret"
> sslProtocol = "TLS"/>
>
>
> =============== web.xml =====================
> <security-constraint>
> <display-name>Security for Julius PDS</display-name>
> <web-resource-collection>
> <web-resource-name>Julius web Security</web-resource-name>
> <description>Redirect all to SSL</description>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <user-data-constraint>
> <description>Protection should be CONFIDENTIAL</description>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org