Hello all,
I'm ready to pull my hair out getting the security constraint to work.
Basically, I need to forward all traffic except one directory to the https
port. I've got it to work if I use the url-pattern of "/*". However, when I
specify the patterns to accomplish the task, nothing matches and I can access
any page through the http port.
Here is what I'm using:
In web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Automatic SLL Forwarding</web-resource-name>
<url-pattern>/Temp/*</url-pattern>
<url-pattern>/temp/*</url-pattern>
<url-pattern>/pictures/*</url-pattern>
<url-pattern>/resources/*</url-pattern>
<url-pattern>/admin/*</url-pattern>
<url-pattern>/web/*</url-pattern>
<url-pattern>/Operator/*</url-pattern>
<url-pattern>/operator/*</url-pattern>
<url-pattern>/soap/*</url-pattern>
<url-pattern>/webtools/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>
CONFIDENTIAL
</transport-guarantee>
</user-data-constraint>
</security-constraint>
In server.xml:
<Server>
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
descriptors="/jboss-mbeans.xml" debug="0"/>
<Service name="jboss.web"
className="org.jboss.web.tomcat.tc5.StandardService">
<Connector port="81" address="${jboss.bind.address}"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
<Connector port="8009" address="${jboss.bind.address}"
enableLookups="false" redirectPort="8443" debug="0"
protocol="AJP/1.3" />
<Connector port="8443" minProcessors="5" maxProcessors="200"
enableLookups="true" disableUploadTimeout="true"
scheme="https" secure="true" keystorepass="changeit"
keystoreFile="${jboss.server.home.dir}/conf/.keystore"
acceptCount="200" debug="0"
clientAuth="false" sslProtocol="TLS" />
<Engine name="jboss.web" defaultHost="localhost">
<Logger className="org.jboss.web.tomcat.Log4jLogger"
verbosityLevel="INFORMATION"
category="org.jboss.web.localhost.Engine"/>
<Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm" />
<Host name="localhost" autoDeploy="false" deployOnStartup="false"
deployXML="false">
<Valve className="org.apache.catalina.valves.AccessLogValve"
prefix="localhost_access_log." suffix=".log"
pattern="common" directory="${jboss.server.home.dir}/log"
resolveHosts="false" />
<DefaultContext cookies="true" crossContext="true" override="true" />
</Host>
</Engine>
</Service>
</Server>
Is there a way to specify everything except a directory using some kind of NOT
operator?
Why won't what I'm using above forward me to the correct https port?
Thanks in advance.
___________________________________________________________________
Try Juno Platinum for Free! Then, only $9.95/month!
Unlimited Internet Access with 250MB of Email Storage.
Visit http://www.juno.com/value to sign up today!
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
