I'm using Application Server 9.1_01 (build b09d-fcs) (Glassfish V2 ur1)
and I have a web application deployed in the docroot of my domain
(eg.
http://www.host.com). I want to redirect the http protocol to https using
the user-data-constraint ( transport-guarantee CONFIDENTIAL ) but is not working at all, it never
redirect me to https.
This is part of the web.xml of my application
<security-constraint>
<web-resource-collection>
<web-resource-name>SSL</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
and this is part of the domain.xml whit the listeners
<http-service>
<access-log format="%client.name% %auth-user-name% %datetime% %request% %status% %response.length%" rotation-enabled="true" rotation-interval-in-minutes="15" rotation-policy="time" rotation-suffix="yyyy-MM-dd"/>
<http-listener acceptor-threads="1" address="0.0.0.0" blocking-enabled="false" default-virtual-server="server" enabled="true" family="inet" id="http-listener-1" port="80" redirect-port="443" security-enabled="false" server-name="" xpowered-by="true">
<property name="proxiedProtocols" value="ws/tcp"/>
</http-listener>
<http-listener acceptor-threads="1" address="0.0.0.0" blocking-enabled="false" default-virtual-server="server" enabled="true" family="inet" id="http-listener-2" port="443" security-enabled="true" server-name="" xpowered-by="true">
<ssl cert-nickname="supercomodo" client-auth-enabled="false" ssl2-enabled="false" ssl3-enabled="true" tls-enabled="true" tls-rollback-enabled="true"/>
</http-listener>
<http-listener acceptor-threads="1" address="0.0.0.0" blocking-enabled="false" default-virtual-server="__asadmin" enabled="true" family="inet" id="admin-listener" port="4848" security-enabled="false" server-name="" xpowered-by="true"/>
<virtual-server hosts="${com.sun.aas.hostName}" http-listeners="http-listener-1,http-listener-2" id="server" log-file="${com.sun.aas.instanceRoot}/logs/server.log" state="on">
<property name="docroot" value="${com.sun.aas.instanceRoot}/docroot"/>
<property name="accesslog" value="${com.sun.aas.instanceRoot}/logs/access"/>
<property name="sso-enabled" value="false"/>
</virtual-server>
<virtual-server hosts="${com.sun.aas.hostName}" http-listeners="admin-listener" id="__asadmin" log-file="${com.sun.aas.instanceRoot}/logs/server.log" state="on">
<property name="docroot" value="${com.sun.aas.instanceRoot}/docroot"/>
<property name="accesslog" value="${com.sun.aas.instanceRoot}/logs/access"/>
<property name="sso-enabled" value="false"/>
</virtual-server>
<virtual-server hosts="www.sisa.com.ar" http-listeners="http-listener-1,http-listener-2" id="sisa" log-file="${com.sun.aas.instanceRoot}/logs/serversisa.log" state="on">
<property name="sso-enabled" value="false"/>
<property name="docroot" value="${com.sun.aas.instanceRoot}/docrootsisa"/>
<property name="accesslog" value="${com.sun.aas.instanceRoot}/logs/accesssisa"/>
</virtual-server>
<request-processing header-buffer-length-in-bytes="8192" initial-thread-count="10" request-timeout-in-seconds="30" thread-count="250" thread-increment="10"/>
<keep-alive max-connections="250" thread-count="1" timeout-in-seconds="30"/>
<connection-pool max-pending-count="4096" queue-size-in-bytes="4096" receive-buffer-size-in-bytes="4096" send-buffer-size-in-bytes="8192"/>
<http-protocol default-response-type="AttributeDeprecated" default-type="text/html; charset=iso-8859-1" dns-lookup-enabled="false" forced-response-type="AttributeDeprecated" forced-type="text/html; charset=iso-8859-1" ssl-enabled="true" version="HTTP/1.1"/>
<http-file-cache file-caching-enabled="false" file-transmission-enabled="false" globally-enabled="false" hash-init-size="0" max-age-in-seconds="30" max-files-count="1024" medium-file-size-limit-in-bytes="537600" medium-file-space-in-bytes="10485760" small-file-size-limit-in-bytes="2048" small-file-space-in-bytes="1048576"/>
<property name="accessLoggingEnabled" value="false"/>
<property name="statsProfilingEnabled" value="false"/>
</http-service>
<iiop-service client-authentication-required="false">
<orb max-connections="1024" message-fragment-size="1024" use-thread-pool-ids="thread-pool-1"/>
<iiop-listener address="0.0.0.0" enabled="true" id="orb-listener-1" port="3700" security-enabled="false"/>
<iiop-listener address="0.0.0.0" enabled="true" id="SSL" port="3820" security-enabled="true">
<ssl cert-nickname="s1as" client-auth-enabled="false" ssl2-enabled="false" ssl3-enabled="true" tls-enabled="true" tls-rollback-enabled="true"/>
</iiop-listener>
<iiop-listener address="0.0.0.0" enabled="true" id="SSL_MUTUALAUTH" port="3920" security-enabled="true">
<ssl cert-nickname="s1as" client-auth-enabled="true" ssl2-enabled="false" ssl3-enabled="true" tls-enabled="true" tls-rollback-enabled="true"/>
</iiop-listener>
</iiop-service>
The strange thing is that I have an application for testing purpose and in that one it works prefect
This are the configuration files of the testing application
web.xml is the same (I use the same .ear)
and this is the domain.xml
<http-service>
<access-log format="%client.name% %auth-user-name% %datetime% %request% %status% %response.length%" rotation-enabled="true" rotation-interval-in-minutes="15" rotation-policy="time" rotation-suffix="yyyy-MM-dd"/>
<http-listener acceptor-threads="1" address="0.0.0.0" blocking-enabled="false" default-virtual-server="server" enabled="true" family="inet" id="http-listener-1" port="82" redirect-port="8282" security-enabled="false" server-name="" xpowered-by="true">
<property name="proxiedProtocols" value="ws/tcp"/>
</http-listener>
<http-listener acceptor-threads="1" address="0.0.0.0" blocking-enabled="false" default-virtual-server="server" enabled="true" family="inet" id="http-listener-2" port="8282" security-enabled="true" server-name="" xpowered-by="true">
<ssl cert-nickname="s1as" client-auth-enabled="false" ssl2-enabled="false" ssl3-enabled="true" tls-enabled="true" tls-rollback-enabled="true"/>
</http-listener>
<http-listener acceptor-threads="1" address="0.0.0.0" blocking-enabled="false" default-virtual-server="__asadmin" enabled="true" family="inet" id="admin-listener" port="5050" security-enabled="false" server-name="" xpowered-by="true"/>
<virtual-server hosts="${com.sun.aas.hostName}" http-listeners="http-listener-1,http-listener-2" id="server" log-file="${com.sun.aas.instanceRoot}/logs/server.log" state="on">
<property name="docroot" value="${com.sun.aas.instanceRoot}/docroot"/>
<property name="accesslog" value="${com.sun.aas.instanceRoot}/logs/access"/>
<property name="sso-enabled" value="false"/>
</virtual-server>
<virtual-server hosts="${com.sun.aas.hostName}" http-listeners="admin-listener" id="__asadmin" log-file="${com.sun.aas.instanceRoot}/logs/server.log" state="on">
<property name="docroot" value="${com.sun.aas.instanceRoot}/docroot"/>
<property name="accesslog" value="${com.sun.aas.instanceRoot}/logs/access"/>
<property name="sso-enabled" value="false"/>
</virtual-server>
<request-processing header-buffer-length-in-bytes="8192" initial-thread-count="2" request-timeout-in-seconds="30" thread-count="5" thread-increment="1"/>
<keep-alive max-connections="250" thread-count="1" timeout-in-seconds="30"/>
<connection-pool max-pending-count="4096" queue-size-in-bytes="4096" receive-buffer-size-in-bytes="4096" send-buffer-size-in-bytes="8192"/>
<http-protocol default-response-type="AttributeDeprecated" default-type="text/html; charset=iso-8859-1" dns-lookup-enabled="false" forced-response-type="AttributeDeprecated" forced-type="text/html; charset=iso-8859-1" ssl-enabled="true" version="HTTP/1.1"/>
<http-file-cache file-caching-enabled="false" file-transmission-enabled="false" globally-enabled="false" hash-init-size="0" max-age-in-seconds="30" max-files-count="1024" medium-file-size-limit-in-bytes="537600" medium-file-space-in-bytes="10485760" small-file-size-limit-in-bytes="2048" small-file-space-in-bytes="1048576"/>
<property name="accessLoggingEnabled" value="false"/>
</http-service>
If you need any other information please ask me.
Thanks in advance
]-Jack-[
[Message sent by forum member 'polololoco' (polololoco)]
http://forums.java.net/jive/thread.jspa?messageID=344923