Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-4281

redirectPort is overwritten by the service binding manager

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Major Major
    • EAP_EWP 5.1.2 ER1
    • EAP 5.0.0, EAP 5.0.1, EAP_EWP 5.1.0_CR3
    • Server boot
    • None

      The redirectPort defined in server.xml is being overwritten by the SBM unconditionally
      From the xsl transformation redirectPort is computed as follows

      .. ..
      <xsl:variable name="portHttps" select="$port + 363"/>
      .. ..
      <xsl:when test="(name() = 'redirectPort')">
      <xsl:attribute name="redirectPort"><xsl:value-of select="$portHttps" /></xsl:attribute>
      </xsl:when>
      .. ..

      Use Case:
      =========
      If for instance a user has configured port forwarding using iptables with the following settings

            1. server.xml
              <!-- A HTTP/1.1 Connector on port 8080 -->
              <Connector protocol="HTTP/1.1" port="8080" proxyPort="80" address="${jboss.bind.address}"
              connectionTimeout="20000" redirectPort="443" />

      <!-- A AJP 1.3 Connector on port 8009 -->
      <Connector protocol="AJP/1.3" port="8009" address="${jboss.bind.address}"
      redirectPort="443" />

      <Connector protocol="HTTP/1.1" SSLEnabled="true"
      port="8443" proxyPort="443" address="${jboss.bind.address}"
      scheme="https" secure="true" clientAuth="false"
      keystoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
      keystorePass="changeit" sslProtocol = "TLS" />

            1. iptables
              iptables -t nat -A PREROUTING -d 192.168.10.4 -p tcp --dport 80 -j DNAT --to-destination :8080
              iptables -t nat -A PREROUTING -d 192.168.10.4 -p tcp --dport 443 -j DNAT --to-destination :8443
            1. web.xml
              <security-constraint>
              <display-name>Secure Connection</display-name>
              <web-resource-collection>
              <web-resource-name>medicare</web-resource-name>
              <url-pattern>/*</url-pattern>
              </web-resource-collection>
              <user-data-constraint>
              <transport-guarantee>CONFIDENTIAL</transport-guarantee>
              </user-data-constraint>
              </security-constraint>

      Requests to http://www.mydomain.com/testApp are being redirected to https://www.mydomain.com:8443/testApp instead of https://www.mydomain.com/testApp or https://www.mydomain.com:443/testApp

      In order for this to get this to work, the following lines are being commented out
      – <xsl:when test="(name() = 'redirectPort')">
      <xsl:attribute name="redirectPort"><xsl:value-of select="$portHttps" /></xsl:attribute>
      </xsl:when>

              rhn-support-bmaxwell Brad Maxwell
              rhn-support-lakagwu Lami Akagwu
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: