http 到 https 重定向(tomcat/jboss) [英] http to https redirect (tomcat/jboss)

问题描述

我们希望将所有到达我们应用程序的 http url 的流量重定向到 https，为此我们在 deploy/jboss-web.deployer/conf 目录中的 web.xml 中设置以下值.

We want to redirect all traffic that comes to the http url of our application to https, in order to do that we set the following values in the web.xml in the deploy/jboss-web.deployer/conf directory.

<security-constraint>
    <web-resource-collection>
        <web-resource-name>securedapp</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>  

这确实成功地将用户重定向到 https 位置，但是他们使用不同的端口作为部署/jboss-web.deployer 路径中 server.xml 中配置的端口

This does successfully redirect the user to the https location HOWEVER they use a different port as to what was configured in the server.xml in the deploy/jboss-web.deployer path

<Connector port="8381" address="${jboss.bind.address}"    
         maxThreads="350" maxHttpHeaderSize="8192"
         emptySessionPath="true" protocol="HTTP/1.1"
         enableLookups="false" redirectPort="8543" acceptCount="100"
         connectionTimeout="20000" disableUploadTimeout="true" compression="on" />

    <!-- Define a SSL HTTP/1.1 Connector on port 8643
         This connector uses the JSSE configuration, when using APR, the 
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
    <!---->
    <Connector port="8543" protocol="HTTP/1.1" SSLEnabled="true"
            maxThreads="150" scheme="https" secure="true"
            clientAuth="false" sslProtocol="TLS"
            keystoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
        keystorePass="changeit"
    />    

    <!-- Define an AJP 1.3 Connector on port 8009 -->
    <Connector port="8009" address="${jboss.bind.address}" protocol="AJP/1.3"
         emptySessionPath="true" enableLookups="false" redirectPort="8543" />

      <Engine name="jboss.web" defaultHost="localhost" jvmRoute="data1">

我们将 https 端口设置为 8543，然后可以工作，但是当用户转到 http url 时，将用户重定向到的 https 端口是 8744(当我们在 server.xml 中设置 8744 时，它工作成功)，但是我们找不到 8744 端口被占用的位置，有谁知道如何配置 web.xml 中第一个提到的代码重定向到的端口

We had the https port set to 8543 which did then work however the https port that did redirect the user to when the user went to the http url was 8744 (when we set 8744 in the server.xml it worked successfully), however we could not find where the 8744 port was taken, does anyone know how to configure which port the first mentioned code placed in the web.xml redirects to

另一个查询是，当我们将此配置投入生产时，https 端口将为443"，我们需要知道将安全约束"条目重定向到的位置设置 443.访问 http://www.data.com 必须重定向到 https://www.data.com 然后

Another query is that when we put this configuration in to production the https port will be "443", we need to know where to set 443 for the "security-constraint" entry to redirect to. Accessing http://www.data.com will have to redirect to https://www.data.com then

问候，米琳达

推荐答案

好吧，好消息是它在生产中可以正常工作.安全约束正在发挥作用，但它被设计为仅在 http (80) 和 https(443) 之间工作.

Well, the good news is that in production it will work fine. The security constraint is doing its job, but it is designed to work only between http (80) and https(443).

注意 8744 - 8381 = 363 = 443 - 80

Pay attention that 8744 - 8381 = 363 = 443 - 80

我正在使用 JBoss-4.2.3.GA 并观察到相同的行为，不确定它是否仍在 Wildfly 上执行此操作.

I am using JBoss-4.2.3.GA and have observed the same behavior, not sure if it is still doing this on Wildfly.

这篇关于http 到 https 重定向(tomcat/jboss)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！