Hi James,

Glad the header problem is solved :-)

For Beaer token, sorry I’m not familiar about it, but if it uses cookies to 
store authentication information, you can try to check your browser to see if 
the ‘Expires’ field of the cookie is set correctly or not. For example, if you 
are using Firefox, you can follow this instruction[1] to check the cookies.

If the expiration is controlled in server side, then you can try to find the 
data that controls the expiration behaviour to see whether it set correctly or 
not. Hope the information useful to you :-)


[1] http://support.mozilla.org/en-US/questions/689713

--  
Weinan Li


On Monday, January 27, 2014 at 4:24 AM, james truty wrote:

> Hi Weinan,
>  
> The AWS load balancer sends an X-Forwarded-Proto header to the Jboss server 
> in the backed, which Jboss is able to use if I add this valve and option to 
> my jboss-web.xml (http://web.xml):
> <valve>
> <class-name>org.apache.catalina.valves.RemoteIpValve</class-name>
> <param>
> <param-name>protocolHeader</param-name>
> <param-value>x-forwarded-proto</param-value>
> </param>
> </valve>
>  
> This allows Jboss to handle the original https request, and Resteasy to 
> proceed with proper authorization. Thanks for the help! The only issue I see 
> now is that the Bearer token that I get back by using client credentials and 
> BASIC auth does not expire when I set it to - even if I set it to 1 minute in 
> the RestEasy settings. It is still allowed after it should have timed out. Is 
> there another way that I should be setting or enforcing the token timeout?
>  
> Thanks,
> James
>  
>  
> On Sat, Jan 25, 2014 at 6:07 AM, Weinan Li <l.wei...@gmail.com 
> (mailto:l.wei...@gmail.com)> wrote:
> > Hi James,
> >  
> > Sorry I’m not familiar with AWS load balancer. I know that mod_jk supports 
> > to pass client SSL information to backend JBoss server and the application 
> > in JBoss server could use the information to do their work. And mod_jk is 
> > using standard AJPv13 protocol to forward the client SSL information to 
> > backend JBoss servers. If AWS load balancer supports AJPv13 protocol, it 
> > should also be able to pass the SSL information to JBoss.
> >  
> > --
> > Weinan Li
> >  
> >  
> > On Saturday, January 25, 2014 at 6:55 AM, james truty wrote:
> >  
> > > I am trying to use RestEasy in Jboss as a central auth server to 
> > > authenticate REST calls behind an AWS load balancer. Ideally, this load 
> > > balancer would communicate to the Jboss server over HTTP (not https) as 
> > > the SSL part is handled at the load balancer level before hitting the 
> > > auth server in the backend. In this case, the Jboss server has no 
> > > knowledge of the SSL Cert or the HTTPS request. Is it possible to use 
> > > RestEasy for auth in this scenario? Without the SSL connector configured 
> > > through JBoss, I don't have access to the necessary OAUTH urls.
> > >  
> > > Thanks,
> > > James
> > > ------------------------------------------------------------------------------
> > > CenturyLink Cloud: The Leader in Enterprise Cloud Services.
> > > Learn Why More Businesses Are Choosing CenturyLink Cloud For
> > > Critical Workloads, Development Environments & Everything In Between.
> > > Get a Quote or Start a Free Trial Today.
> > > http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
> > >  
> > > _______________________________________________
> > > Resteasy-users mailing list
> > > Resteasy-users@lists.sourceforge.net 
> > > (mailto:Resteasy-users@lists.sourceforge.net) 
> > > (mailto:Resteasy-users@lists.sourceforge.net)
> > > https://lists.sourceforge.net/lists/listinfo/resteasy-users
> >  
>  




------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today. 
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Resteasy-users mailing list
Resteasy-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/resteasy-users

Reply via email to