http到https重定向（tomcat / jboss） [英] http to https redirect (tomcat/jboss)

问题描述

我们希望将来自应用程序的http网址的所有流量重定向到https，为此，我们在deploy / jboss-web.deployer / conf目录的web.xml中设置以下值。 / p>

We want to redirect all traffic that comes to the http url of our application to https, in order to do that we set the following values in the web.xml in the deploy/jboss-web.deployer/conf directory.

<security-constraint>
    <web-resource-collection>
        <web-resource-name>securedapp</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>  

这确实成功地将用户重定向到https位置但是他们使用不同的端口来配置什么在deploy / jboss-web.deployer路径的server.xml中

This does successfully redirect the user to the https location HOWEVER they use a different port as to what was configured in the server.xml in the deploy/jboss-web.deployer path

<Connector port="8381" address="${jboss.bind.address}"    
         maxThreads="350" maxHttpHeaderSize="8192"
         emptySessionPath="true" protocol="HTTP/1.1"
         enableLookups="false" redirectPort="8543" acceptCount="100"
         connectionTimeout="20000" disableUploadTimeout="true" compression="on" />

    <!-- Define a SSL HTTP/1.1 Connector on port 8643
         This connector uses the JSSE configuration, when using APR, the 
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
    <!---->
    <Connector port="8543" protocol="HTTP/1.1" SSLEnabled="true"
            maxThreads="150" scheme="https" secure="true"
            clientAuth="false" sslProtocol="TLS"
            keystoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
        keystorePass="changeit"
    />    

    <!-- Define an AJP 1.3 Connector on port 8009 -->
    <Connector port="8009" address="${jboss.bind.address}" protocol="AJP/1.3"
         emptySessionPath="true" enableLookups="false" redirectPort="8543" />

      <Engine name="jboss.web" defaultHost="localhost" jvmRoute="data1">

我们将https端口设置为8543然后确实可以正常工作但重定向用户的https端口当用户访问http url时是8744（当我们在server.xml中设置8744它成功运行时），但是我们找不到8744端口的位置，有没有人知道如何配置第一个提到的代码的端口放在web.xml中重定向到

We had the https port set to 8543 which did then work however the https port that did redirect the user to when the user went to the http url was 8744 (when we set 8744 in the server.xml it worked successfully), however we could not find where the 8744 port was taken, does anyone know how to configure which port the first mentioned code placed in the web.xml redirects to

另一个问题是，当我们将此配置投入生产时，https端口将为443，我们需要知道在哪里为重定向到security-constraint条目设置443。访问 http://www.data.com 必须重定向到 https://www.data.com 然后

Another query is that when we put this configuration in to production the https port will be "443", we need to know where to set 443 for the "security-constraint" entry to redirect to. Accessing http://www.data.com will have to redirect to https://www.data.com then

问候，
Milinda

Regards, Milinda

推荐答案

好消息是，在生产中它会正常工作。安全约束正在完成其工作，但它被设计为仅在http（80）和https（443）之间工作。

Well, the good news is that in production it will work fine. The security constraint is doing its job, but it is designed to work only between http (80) and https(443).

请注意8744 - 8381 = 363 = 443 - 80

Pay attention that 8744 - 8381 = 363 = 443 - 80

我使用的是JBoss-4.2.3 .GA并观察到相同的行为，不确定它是否仍然在Wildfly上这样做。

I am using JBoss-4.2.3.GA and have observed the same behavior, not sure if it is still doing this on Wildfly.

这篇关于http到https重定向（tomcat / jboss）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！