I tried your suggestion, but I'm still getting the same problem.
Redirecting from 80->443 is fine, but 8080->443 results in a server not
found error. I've looked at the error log and something funny is going
on when the HttpProcessor gets the query string. Its mapping the request
URI to a strange mapping. Have you got any idea why it could be doing
that?
Thanks for your help
Dan
Log using port 8080:
[15:14:56,808,EmbeddedCatalinaServiceSX] Authenticator[]: Security
checking request GET /offers/myoffers
[15:14:56,808,EmbeddedCatalinaServiceSX] Authenticator[]: Checking
constraint 'SecurityConstraint[Restricted]' against GET /offers/myoffers
--> true
[15:14:56,808,EmbeddedCatalinaServiceSX] Authenticator[]: Subject to
constraint SecurityConstraint[Restricted]
[15:14:56,808,EmbeddedCatalinaServiceSX] Authenticator[]: Calling
checkUserData()
[15:14:56,808,EmbeddedCatalinaServiceSX] Authenticator[]: User data
constraint already satisfied
[15:14:56,808,EmbeddedCatalinaServiceSX] Authenticator[]: Calling
authenticate()
[15:14:56,808,EmbeddedCatalinaServiceSX] Authenticator[]: Checking for
reauthenticate in session
StandardSession[F2B1E9F018A05420A4945074107059F0]
[15:14:56,824,EmbeddedCatalinaServiceSX] Authenticator[]: Save request
in session 'F2B1E9F018A05420A4945074107059F0'
[15:14:56,871,EmbeddedCatalinaServiceSX] Authenticator[]: Redirect to
login page '/user/login.html'
[15:14:56,902,EmbeddedCatalinaServiceSX] Authenticator[]: Failed
authenticate() test
[15:14:56,918,EmbeddedCatalinaServiceSX] HttpProcessor[8080][2] An
incoming request is being assigned
[15:14:56,918,EmbeddedCatalinaServiceSX] HttpProcessor[8080][2] The
incoming request has been awaited
[15:14:56,918,EmbeddedCatalinaServiceSX] HttpProcessor[8080][2]
parseConnection: address=beachbag.swingfm.co.uk/192.168.0.2, port=8080
[15:14:56,918,EmbeddedCatalinaServiceSX] HttpProcessor[8080][2] Query
string is b???o6?N?H4???�o
[15:14:56,933,EmbeddedCatalinaServiceSX] HttpProcessor[8080][2]
Normalized: '<Z???O??�l?????' to '/<Z???O??�l?????'
[15:14:56,933,EmbeddedCatalinaServiceSX] HttpProcessor[8080][2] Request
is '�� U� Q� ?qt?k�f?????X[??~*???�?{????t?z?' for '<Z???O??�l?????'
with protocol 'HTTP/0.9'
[15:14:56,933,EmbeddedCatalinaServiceSX] StandardEngine[null]: Mapping
server name 'localhost'
[15:14:56,933,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying a
direct match
[15:14:56,933,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Mapping request URI '/<Z???O??�l?????'
[15:14:56,933,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Trying the longest context path prefix
[15:14:56,933,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Mapped to context ''
[15:14:56,933,EmbeddedCatalinaServiceSX] Authenticator[]: Security
checking request �� U� Q� ?qt?k�f?????X[??~*???�?{????t?z?
/<Z???O??�l?????
[15:14:56,933,EmbeddedCatalinaServiceSX] Authenticator[]: Checking
constraint 'SecurityConstraint[Restricted]' against �� U� Q�
?qt?k�f?????X[??~*???�?{????t?z? /<Z°íÆO..."�l±ë¨ºË --> false
[15:14:56,933,EmbeddedCatalinaServiceSX] Authenticator[]: Checking
constraint 'SecurityConstraint[Admin]' against �� U� Q�
?qt?k�f?????X[??~*???�?{????t?z? /<Z°íÆO..."�l±ë¨ºË --> false
[15:14:56,933,EmbeddedCatalinaServiceSX] Authenticator[]: No
applicable constraint located
[15:14:56,933,EmbeddedCatalinaServiceSX] Authenticator[]: Not subject
to any constraint
[15:14:56,933,EmbeddedCatalinaServiceSX] StandardContext[]: Mapping
contextPath='' with requestURI='/<Z???O??�l?????' and
relativeURI='/<Z???O??�l?????'
This is the log for the setup using port 80 which works fine:
[15:07:52,510,EmbeddedCatalinaServiceSX] StandardContext[]: Trying
exact match
[15:07:52,526,EmbeddedCatalinaServiceSX] StandardContext[]: Trying
prefix match
[15:07:52,526,EmbeddedCatalinaServiceSX] StandardContext[]: Trying
extension match
[15:07:52,526,EmbeddedCatalinaServiceSX] StandardContext[]: Trying
default match
[15:07:52,526,EmbeddedCatalinaServiceSX] StandardContext[]: Mapped to
servlet 'default' with servlet path '/image/home/beach.jpg' and path
info 'null' and update=true
[15:07:52,557,EmbeddedCatalinaServiceSX] HttpProcessor[80][3]
parseConnection: address=beachbag.swingfm.co.uk/192.168.0.2, port=80
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4]
Normalized: '/offers/myoffers' to '/offers/myoffers'
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Request
is 'GET' for '/offers/myoffers' with protocol 'HTTP/1.1'
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Header
accept = image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-powerpoint, application/vnd.ms-excel,
application/msword, */*
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Header
accept-language = en-gb
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Adding
locale 'en_GB'
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Header
accept-encoding = gzip, deflate
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Header
user-agent = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Header
host = beachbag
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Header
connection = Keep-Alive
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Header
cookie = JSESSIONID=F2B1E9F018A05420A4945074107059F0
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Requested
cookie session id is F2B1E9F018A05420A4945074107059F0
[15:08:00,917,EmbeddedCatalinaServiceSX] HttpProcessor[80][4] Adding
cookie JSESSIONID=F2B1E9F018A05420A4945074107059F0
[15:08:00,917,EmbeddedCatalinaServiceSX] StandardEngine[null]: Mapping
server name 'beachbag'
[15:08:00,917,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying a
direct match
[15:08:00,948,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying
an alias match
[15:08:00,948,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying
the default host
[15:08:00,948,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Mapping request URI '/offers/myoffers'
[15:08:00,948,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Trying the longest context path prefix
[15:08:00,948,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Mapped to context ''
[15:08:00,948,EmbeddedCatalinaServiceSX] Authenticator[]: Security
checking request GET /offers/myoffers
[15:08:00,948,EmbeddedCatalinaServiceSX] Authenticator[]: Checking
constraint 'SecurityConstraint[Restricted]' against GET /offers/myoffers
--> true
[15:08:00,948,EmbeddedCatalinaServiceSX] Authenticator[]: Subject to
constraint SecurityConstraint[Restricted]
[15:08:00,948,EmbeddedCatalinaServiceSX] Authenticator[]: Calling
checkUserData()
[15:08:00,979,EmbeddedCatalinaServiceSX] Authenticator[]: Redirecting
to https://beachbag:443/offers/myoffers
[15:08:00,995,EmbeddedCatalinaServiceSX] Authenticator[]: Failed
checkUserData() test
[15:08:01,026,EmbeddedCatalinaServiceSX] HttpProcessor[80][4]
parseConnection: address=beachbag.swingfm.co.uk/192.168.0.2, port=80
[15:08:04,230,EmbeddedCatalinaServiceSX] StandardEngine[null]: Mapping
server name 'beachbag'
[15:08:04,276,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying a
direct match
[15:08:04,276,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying
an alias match
[15:08:04,276,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying
the default host
[15:08:04,292,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Mapping request URI '/offers/myoffers'
[15:08:04,292,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Trying the longest context path prefix
[15:08:04,292,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Mapped to context ''
[15:08:04,292,EmbeddedCatalinaServiceSX] Authenticator[]: Security
checking request GET /offers/myoffers
[15:08:04,292,EmbeddedCatalinaServiceSX] Authenticator[]: Checking
constraint 'SecurityConstraint[Restricted]' against GET /offers/myoffers
--> true
[15:08:04,292,EmbeddedCatalinaServiceSX] Authenticator[]: Subject to
constraint SecurityConstraint[Restricted]
[15:08:04,292,EmbeddedCatalinaServiceSX] Authenticator[]: Calling
checkUserData()
[15:08:04,292,EmbeddedCatalinaServiceSX] Authenticator[]: User data
constraint already satisfied
[15:08:04,292,EmbeddedCatalinaServiceSX] Authenticator[]: Calling
authenticate()
[15:08:04,292,EmbeddedCatalinaServiceSX] Authenticator[]: Checking for
reauthenticate in session
StandardSession[F2B1E9F018A05420A4945074107059F0]
[15:08:04,308,EmbeddedCatalinaServiceSX] Authenticator[]: Save request
in session 'F2B1E9F018A05420A4945074107059F0'
[15:08:04,323,EmbeddedCatalinaServiceSX] Authenticator[]: Redirect to
login page '/user/login.html'
[15:08:04,339,EmbeddedCatalinaServiceSX] Authenticator[]: Failed
authenticate() test
[15:08:04,370,EmbeddedCatalinaServiceSX] StandardEngine[null]: Mapping
server name 'beachbag'
[15:08:04,370,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying a
direct match
[15:08:04,370,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying
an alias match
[15:08:04,370,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying
the default host
[15:08:04,370,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Mapping request URI '/user/login.html'
[15:08:04,370,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Trying the longest context path prefix
[15:08:04,370,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Mapped to context ''
[15:08:04,370,EmbeddedCatalinaServiceSX] Authenticator[]: Security
checking request GET /user/login.html
[15:08:04,370,EmbeddedCatalinaServiceSX] Authenticator[]: Checking
constraint 'SecurityConstraint[Restricted]' against GET /user/login.html
--> false
[15:08:04,370,EmbeddedCatalinaServiceSX] Authenticator[]: Checking
constraint 'SecurityConstraint[Admin]' against GET /user/login.html -->
false
[15:08:04,370,EmbeddedCatalinaServiceSX] Authenticator[]: No
applicable constraint located
[15:08:04,370,EmbeddedCatalinaServiceSX] Authenticator[]: Not subject
to any constraint
[15:08:04,370,EmbeddedCatalinaServiceSX] StandardContext[]: Mapping
contextPath='' with requestURI='/user/login.html' and
relativeURI='/user/login.html'
[15:08:04,370,EmbeddedCatalinaServiceSX] StandardContext[]: Decoded
relativeURI='/user/login.html'
[15:08:04,370,EmbeddedCatalinaServiceSX] StandardContext[]: Trying
exact match
[15:08:04,386,EmbeddedCatalinaServiceSX] StandardContext[]: Trying
prefix match
[15:08:04,386,EmbeddedCatalinaServiceSX] StandardContext[]: Trying
extension match
[15:08:04,386,EmbeddedCatalinaServiceSX] StandardContext[]: Trying
default match
[15:08:04,386,EmbeddedCatalinaServiceSX] StandardContext[]: Mapped to
servlet 'default' with servlet path '/user/login.html' and path info
'null' and update=true
[15:08:04,589,EmbeddedCatalinaServiceSX] StandardEngine[null]: Mapping
server name 'beachbag'
[15:08:04,589,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying a
direct match
[15:08:04,589,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying
an alias match
[15:08:04,589,EmbeddedCatalinaServiceSX] StandardEngine[null]: Trying
the default host
[15:08:04,589,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Mapping request URI '/js/menu.js'
[15:08:04,589,EmbeddedCatalinaServiceSX] StandardHost[localhost]:
Trying the longest context path prefix
-----Original Message-----
From: Coetmeur, Alain [mailto:[EMAIL PROTECTED]]
Sent: 01 February 2002 16:11
To: Dan Feltham; [EMAIL PROTECTED]
Subject: RE: [JBoss-user] SSL Redirection Problem
sorry I'm guilty...
the RedirectPort
attribute is a modification of my own !
I can give you the source of the patch...
however the quicker is to reverse the two connectors :
- put a ssl connector as the base connector
- declare a secondary connector in the config attribute
with a redirect port attribute.
the reason it works on 443 is that redirectport
is set by default to 443 whatever you do !
this below should work without any jboss patch :
(change 443 and 80 to what you need)
<!-- Embedded Tomcat 4.x - JBossSX SecurityDomain (JaasSecurityDomain)
-->
<mbean code="org.jboss.security.plugins.JaasSecurityDomain"
name="Security:name=JaasSecurityDomain,domain=tomcat">
<constructor>
<arg type="java.lang.String" value="tomcat" />
</constructor>
<attribute name="KeyStoreURL">../conf/tomcat.jks</attribute>
<attribute name="KeyStorePass">changeit</attribute>
</mbean>
<!-- Uncomment to add embedded catalina service -->
<mbean code="org.jboss.web.catalina.EmbeddedCatalinaServiceSX"
name="DefaultDomain:service=EmbeddedTomcat" >
<attribute name="ConnectorType">http</attribute>
<!-- an HTTPS connector associated with an HTTP configured in the
config
attribute,
redirectPort should be set there -->
<attribute name="Port">443</attribute>
<attribute name="SecurityDomain">java:/jaas/tomcat</attribute -->
<attribute name="Config">
<Server >
<Service >
<!-- an HTTP connector redirecting to an HTTPS which can be
configures as the def connector -->
<Connector
className="org.apache.catalina.connector.http.HttpConnector"
port="80" minProcessors="3" maxProcessor="10" acceptCount="10"
enableLookups="true" redirectPort="443" scheme="http"
secure="false" />
</Service>
</Server>
</attribute>
</mbean>
> -----Message d'origine-----
> De: Dan Feltham [mailto:[EMAIL PROTECTED]]
> Date: vendredi 1 février 2002 15:45
> À: [EMAIL PROTECTED]
> Objet: [JBoss-user] SSL Redirection Problem
>
>
> Hi
>
> I'm having problems trying to imlement SSL redirection using the
> JBoss-2.4.4 Tomcat 4.0.1 bundle. I have the redirection working from
> port 80 to 443 using the following configuration:
>
> <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
> name="Security:name=JaasSecurityDomain,domain=ssl">
> <constructor>
> <arg type="java.lang.String" value="ssl"/>
> </constructor>
> <attribute
> name="KeyStoreURL">beachbag.keystore</attribute>
> <attribute name="KeyStorePass">changeit</attribute>
>
> </mbean>
>
> <!-- Uncomment to add embedded catalina service -->
> <mbean code="org.jboss.web.catalina.EmbeddedCatalinaServiceSX"
> name="DefaultDomain:service=EmbeddedTomcat">
> <attribute name="Port">80</attribute>
> <attribute name="RedirectPort">443</attribute>
> <attribute name="Config">
> <Connector
> className="org.apache.catalina.connector.http.HttpConnector"
> port="443" minProcessors="5" maxProcessors="75"
> enableLookups="true"
> acceptCount="10" scheme="https" secure="true">
> <Factory
> className="org.jboss.web.catalina.security.SSLServerSocketFactory"
> securityDomainName="java:/jaas/ssl"/>
> </Connector>
> </attribute>
> </mbean>
>
> However if I try changing the port to 8080 the redirection stops
> working. When I try to navigate to a page that I have declared as
> CONFIDENTIAL I get a 404 error. Has anyone else has this
> problem, or got
> any suggestions for solving it. I need to be able to run
> tomcat on 8080
> so that I can use Apache on port 80!
>
> Thanks
>
> Dan Feltham
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user
>
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
