Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-2804

Listener secure attribute doesn't work as expected

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 7.0.0.ER5
    • 7.0.0.ER4
    • Undertow
    • None

      When setting secure attributed on http-listener and deploying web application which requires secured connection (<transport-guarantee>CONFIDENTIAL</transport-guarantee>. The web application should be accessible even from the http as the listener is defined as secured, but instead it results to redirect to https (when having redirect-socket defined) or to internal server error (when no redirect-socket).

      Steps to reproduce:

      1. start eap and deploy attached confidential.war
      2. configure http-listener default as secured => /subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=secure, value=true)
      3. reload the server
      4. go to http://127.0.0.1:8080/confidential/index.jsp
      5. you should get 200 response code, still you get 302, which is not correct as the listener is defined as secured

        1. confidential.war
          0.7 kB

              sdouglas1@redhat.com Stuart Douglas (Inactive)
              rhatlapa@redhat.com Radim Hatlapatka (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: