Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-4281

redirectPort is overwritten by the service binding manager

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Done
    • Major
    • EAP_EWP 5.1.2 ER1
    • EAP 5.0.0, EAP 5.0.1, EAP_EWP 5.1.0_CR3
    • Server boot
    • None

    Description

      The redirectPort defined in server.xml is being overwritten by the SBM unconditionally
      From the xsl transformation redirectPort is computed as follows

      .. ..
      <xsl:variable name="portHttps" select="$port + 363"/>
      .. ..
      <xsl:when test="(name() = 'redirectPort')">
      <xsl:attribute name="redirectPort"><xsl:value-of select="$portHttps" /></xsl:attribute>
      </xsl:when>
      .. ..

      Use Case:
      =========
      If for instance a user has configured port forwarding using iptables with the following settings

            1. server.xml
              <!-- A HTTP/1.1 Connector on port 8080 -->
              <Connector protocol="HTTP/1.1" port="8080" proxyPort="80" address="${jboss.bind.address}"
              connectionTimeout="20000" redirectPort="443" />

      <!-- A AJP 1.3 Connector on port 8009 -->
      <Connector protocol="AJP/1.3" port="8009" address="${jboss.bind.address}"
      redirectPort="443" />

      <Connector protocol="HTTP/1.1" SSLEnabled="true"
      port="8443" proxyPort="443" address="${jboss.bind.address}"
      scheme="https" secure="true" clientAuth="false"
      keystoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
      keystorePass="changeit" sslProtocol = "TLS" />

            1. iptables
              iptables -t nat -A PREROUTING -d 192.168.10.4 -p tcp --dport 80 -j DNAT --to-destination :8080
              iptables -t nat -A PREROUTING -d 192.168.10.4 -p tcp --dport 443 -j DNAT --to-destination :8443
            1. web.xml
              <security-constraint>
              <display-name>Secure Connection</display-name>
              <web-resource-collection>
              <web-resource-name>medicare</web-resource-name>
              <url-pattern>/*</url-pattern>
              </web-resource-collection>
              <user-data-constraint>
              <transport-guarantee>CONFIDENTIAL</transport-guarantee>
              </user-data-constraint>
              </security-constraint>

      Requests to http://www.mydomain.com/testApp are being redirected to https://www.mydomain.com:8443/testApp instead of https://www.mydomain.com/testApp or https://www.mydomain.com:443/testApp

      In order for this to get this to work, the following lines are being commented out
      – <xsl:when test="(name() = 'redirectPort')">
      <xsl:attribute name="redirectPort"><xsl:value-of select="$portHttps" /></xsl:attribute>
      </xsl:when>

      Attachments

        Issue Links

          is related to

          Feature Request - Feature requests from customers and/or users JBAS-7161 update bindingservice.beans/META-INF/bindings-jboss-beans.xml to rewrite redirectPort only conditionally

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              rhn-support-bmaxwell Brad Maxwell
              rhn-support-lakagwu Lami Akagwu
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: