我们希望将所有到达我们应用程序的 http url 的流量重定向到 https,为此我们在 deploy/jboss-web.deployer/conf 目录中的 web.xml 中设置以下值.
We want to redirect all traffic that comes to the http url of our application to https, in order to do that we set the following values in the web.xml in the deploy/jboss-web.deployer/conf directory.
<security-constraint> <web-resource-collection> <web-resource-name>securedapp</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>这确实成功地将用户重定向到 https 位置,但是他们使用不同的端口作为部署/jboss-web.deployer 路径中 server.xml 中配置的端口
This does successfully redirect the user to the https location HOWEVER they use a different port as to what was configured in the server.xml in the deploy/jboss-web.deployer path
<Connector port="8381" address="${jboss.bind.address}" maxThreads="350" maxHttpHeaderSize="8192" emptySessionPath="true" protocol="HTTP/1.1" enableLookups="false" redirectPort="8543" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" compression="on" /> <!-- Define a SSL HTTP/1.1 Connector on port 8643 This connector uses the JSSE configuration, when using APR, the connector should be using the OpenSSL style configuration described in the APR documentation --> <!----> <Connector port="8543" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="${jboss.server.home.dir}/conf/localhost.keystore" keystorePass="changeit" /> <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" address="${jboss.bind.address}" protocol="AJP/1.3" emptySessionPath="true" enableLookups="false" redirectPort="8543" /> <Engine name="jboss.web" defaultHost="localhost" jvmRoute="data1">我们将 https 端口设置为 8543,然后可以工作,但是当用户转到 http url 时,将用户重定向到的 https 端口是 8744(当我们在 server.xml 中设置 8744 时,它工作成功),但是我们找不到 8744 端口被占用的位置,有谁知道如何配置 web.xml 中第一个提到的代码重定向到的端口
We had the https port set to 8543 which did then work however the https port that did redirect the user to when the user went to the http url was 8744 (when we set 8744 in the server.xml it worked successfully), however we could not find where the 8744 port was taken, does anyone know how to configure which port the first mentioned code placed in the web.xml redirects to
另一个查询是,当我们将此配置投入生产时,https 端口将为443",我们需要知道将安全约束"条目重定向到的位置设置 443.访问 www.data 必须重定向到 www.data 然后
Another query is that when we put this configuration in to production the https port will be "443", we need to know where to set 443 for the "security-constraint" entry to redirect to. Accessing www.data will have to redirect to www.data then
问候,米琳达
推荐答案好吧,好消息是它在生产中可以正常工作.安全约束正在发挥作用,但它被设计为仅在 http (80) 和 https(443) 之间工作.
Well, the good news is that in production it will work fine. The security constraint is doing its job, but it is designed to work only between http (80) and https(443).
注意 8744 - 8381 = 363 = 443 - 80
Pay attention that 8744 - 8381 = 363 = 443 - 80
我正在使用 JBoss-4.2.3.GA 并观察到相同的行为,不确定它是否仍在 Wildfly 上执行此操作.
I am using JBoss-4.2.3.GA and have observed the same behavior, not sure if it is still doing this on Wildfly.
更多推荐
http 到 https 重定向(tomcat/jboss)
发布评论