users@glassfish.java.net

Again: HTTP -> HTTPs

From: <forums_at_java.net>
Date: Tue, 10 May 2011 02:17:11 -0500 (CDT)

Actually, I do not know, that crime I must have committed in my life for
being charged again and again with the same GlassFish issue.

  From my point of view it is nonsense to simply ignore those inquiries as it
concerns a possible lack of security.

 

I will now describe step by step the details to setup an HTTP-Listener
(single IP) that should forward all queries on port 80 to 443.

given there is a proper certificate in place that has been successfully
imported to the keystore. (this works) and that

the virtual host has been already setup without errors in this instance

--> expand 'Configuration' -> 'server-config' -> 'Network Config' -> click on
'Network Listeners'

--> on the right page frame I clicked on 'New...' (but I am honestly not
shure If this was not a mistake, if I really hit the center of the New
button)

--> entering a Name (my-not-working-listener)

--> check on create protocol and accept the auto-defaults

--> Port: 80 (I rounded up to 80 as I usually use 79.164213654 as HTTP port,
but hope having not failed whilst rounding the port figure)

--> assigning an IP Address (yes, ifconfig -a tells me the device is ab, and
ipfilter log even logs traffic. something wrong?)

--> Status: checked

--> Security: checked

--> on the upper right i click cancel, as the listner anyway won't work.
(just kidding. am I?)

-->new "cancelled" listener appears in the "Network Listeners" List

-->click on the new listener

--> SSL-Tab: SSL3 checked, Certificate Nickname: the alias from the keystore
referencing to the particular cert

--> Key Store: I enter the absolut path to the keystore.jks file on the
filesystem

--> HTTP-Tab: ServerName: www.abc.tld, Default Server: the server the host /
app is referencing to

-->Redirect Port: 443 at this point I tripple checked the figure involving
the cross-sum of 443 from left to right and from the opposite.

the I computed in my brain as follows:

4 + 4 = 8; 8 + 3 = 11

the first hard part in order to evaluate if entered the correct port no. is
done, now the next one:

3 + 4 = 7; 7 + 4 = 11.

this proofs, that I did not fail to enter the correct port figure for https
and results, that there is no error at this time.

--> adding the required security constraint information to web.xml which read
as follows:

<web-resource-collection>
    <web-resource-name>/</web-resource-name>
            <url-pattern>/</url-pattern>            
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <user-data-constraint>
           
<transport-guarantee>CONFIDENTIAL</transport-guarantee>          
 
        </user-data-constraint>
    </security-constraint>

--> to be on the safe site: re-deploy the app

--> to be on a safer site: restart GlassFish instance.

--> test

-->result: I am glad to welcome a blank page!

-->error log: no output!

 

In reason of having not traced any error output with regards to the blank
pages  I double checked,

if the system is up and running and if the power cable has been plugged in
correctly and yes I can confirm,

the power is on, and I could even hear the CPU Fan.

 

Finally,

please be so kind and tell my where I went wrong.  My analyst has given me
the all clear 6 months ago and

in this instance I am not sure if there's still a reason the be peace of
mind....

 

Thanks.

 

 

 

 


--
[Message sent by forum member 'seagate']
View Post: http://forums.java.net/node/800467