Hi Michelle,
[if you have question, reply to this list instead of the Sun internal
one :-)]
glassfish_at_javadesktop.org wrote:
> Hi All,
>
> I have witnessed some bizarre behaviour on SJSAS 9 PE Update 1 Patch 1 which comes as part of Java EE SDK 5 Update 2 on Mac OS X. I have a few questions below.
>
> I downloaded Java EE SDK 5 with Netbeans - complete fresh install. The default install of SJSAS is configured with a virtual server, server with a SSL port 8181 and a non-SSL port 8080.
>
> I created two new http-listeners on the virtual server, server:
> 1. SSL http-listener on 7171
> 2. Non-SSL http-listener on 7070 with redirect port for SSL on 7171.
>
> I then deployed the quickstart application that comes with SJSAS 9 PE, but added the following to the web.xml (via netbeans).
> <security-constraint>
> <display-name>Constraint1</display-name>
> <web-resource-collection>
> <web-resource-name>Automatic SSL Forwarding</web-resource-name>
> <description/>
> <url-pattern>/*</url-pattern>
> <http-method>GET</http-method>
> <http-method>POST</http-method>
> </web-resource-collection>
> <user-data-constraint>
> <description/>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
> It deploys fine and restart server.
>
> When i hit on http://localhost:8080/quickstart, i am redirected to https://localhost:8181/quickstart.
>
> QUESTION: There is no re-direct port specified for 8080, however it redirects to 8181. How does SJSAS know how to redirect to 8181 without the redirect-port attribute set?
Look at the domain.xml DTD:
> <!-- http-listener
>
> attributes
> acceptor-threads
[....]
> redirect-port
> if the connector is supporting non-SSL requests and a request
> is received for which a matching security-constraint requires
> SSL transport catalina will automatically redirect the
> request to the port number specified here
by default the WebContainer will pick the first SSL port it find. Since
you didn't specify one, it picked 8181.
>
> Next, when i hit http://localhost:7070/quickstart, i am redirected to https://localhost:8181/quickstart NOT https://localhost:7171/quickstart
>
> QUESTION: This is unexpected behaviour as i set the redirect port to 7171 for http-listener 7070 - why is SJSAS not honoring the redirect-port value?
>
> Next i decided to create a new virtual server, Test_Server. I added the http-listeners 7070 and 7171 to this new virtual server and deployed the quickstart app. I removed these two listeners from the virtual server named server and restarted the server.
>
> I get the same behaviour e.g. http://localhost:7070/quickstart is redirected to https://localhost:8181/quickstart; http://localhost:8080/quickstart is redirected to https://localhost:8181/quickstart.
>
> Moreover if i go to http://localhost:7070, i get redirected to https://localhost:8181 (this did not happen when i had all listeners on same virtual server).
>
> QUESTION: Can anyone explain this behaviour?
If you add the redirect-port attribute on the http-listener, it will fix
the current behavior.
Thanks
-- Jeanfrancois
>
> Kind Regards,
> Michelle.
> [Message sent by forum member 'shellcope' (shellcope)]
>
> http://forums.java.net/jive/thread.jspa?messageID=206662
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>