All geek questions in one place

How to make "HTTPS redirection" work on a WebSphere Application Server Liberty profile?

I want the HTTP redirect to work on the WebSphere Application Server Liberty Profile (WLP). For instance: -

When the user enters: http://localhost:8080/helloworld browser should automatically switch (redirect) to https://localhost:9443/helloworld

To achieve this, I followed this up, section 6.2, p. 136.

The following is an example of server.xml and web.xml: -

server.xml

 <server description="new server"> <!-- Enable features --> <featureManager> <feature>jsp-2.2</feature> <feature>wab-1.0</feature> <feature>jaxrs-1.1</feature> <feature>blueprint-1.0</feature> <feature>localConnector-1.0</feature> <feature>ssl-1.0</feature> <feature>appSecurity-2.0</feature> </featureManager> <httpEndpoint host="localhost" httpPort="8081" httpsPort="9442" id="defaultHttpEndpoint"> </httpEndpoint> <applicationMonitor updateTrigger="mbean"/> <keyStore id="defaultKeyStore" password="{xor}Lz4sLCgwLTtu"/> <application id="Hello.app" location="Hello.app.eba" name="Hello.app" type="eba"/>

web.xml

 <?xml version="1.0" encoding="UTF-8"?> <web-app id="WebApp_ID" version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <display-name>Hello</display-name> <security-constraint> <display-name>HTTPS Redirect Security Constraint</display-name> <web-resource-collection> <web-resource-name>Sample Web Service service</web-resource-name> <url-pattern>/Hello</url-pattern> <http-method>GET</http-method> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> </web-app>

The <servlet> and <servlet-mapping> tags have been <servlet> for short.

Below are the versions that I use: - Java 7, WLP 8.5.5, Eclipse Juno, Google Chrome.

Any help, advice on why the HTTPS redirect does not work would be greatly appreciated.

+4
source share
3 answers

To make HTTPS redirect to WLP work, the following points should be observed: -

  • Add users, roles and passwords to server.xml from WLP.
  • Bind an application to a security role.
  • Add appSecurity-2.0 function to server.xml WLP.
  • Add the following tags to web.xml
    • <login-config>
    • <security-constraint>
    • <security-constraint><web-resource-name></security-constraint>
    • <security-constraint><auth-constraint></security-constraint>
    • <security-constraint><user-data-constraint></security-constraint>

Following are the steps: -

1. Add users, roles and passwords to server.xml from WLP.

 <basicRegistry id="MyRegistry"> <user password="{xor}Mjo6MT4z" name="anuroop" /> <group name="MyGroup"> <member name="anuroop" /> </group> </basicRegistry>

2. Bind the application to the security role.

 <application id="Hello.app" location="Hello.app.eba" name="Hello.app" type="eba"> <application-bnd> <security-role name="Manager"> <group name="MyGroup" /> </security-role> </application-bnd> </application>

3. Add the appSecurity-2.0 function to server.xml WLP.

 <featureManager> <feature>appSecurity-2.0</feature> </featureManager>

4.1, 4.2, 4.3, 4.4, 4.5

 <login-config> <auth-method>FORM</auth-method> <realm-name>BasicRegistry</realm-name> <form-login-config> <form-login-page>/Login.jsp</form-login-page> <form-error-page>/LoginError.jsp</form-error-page> </form-login-config> </login-config> <security-constraint> <display-name>HTTPS Redirect Security Constraint</display-name> <web-resource-collection> <web-resource-name>Sample Web Service service</web-resource-name> <url-pattern>/Hello</url-pattern> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>Manager</role-name> </auth-constraint> <user-data-constraint> <description>Ensure to allow only confidential communication</description> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
+3
source

I suspect the problem is related to your security restriction. Looking at this, I would suggest changing your url template:

/ HelloWorld

but not:

/ Hello

If you want to map multiple resources, you can use wildcards, for example:

  • / * - matches all
  • / helloworld / * - matches everything helloworld / has in the url.
  • *. jsp - matches all files with the jsp extension
+2
source

I decided it differently, but I think the accepted answer might be better. You can write a servlet filter and then modify the web.xml file to associate it with the outline.

Web.xml code:

  <web-app id="WebApp"> <filter> <filter-name>HTTPSFilter</filter-name> <filter-class> HTTPSFilter </filter-class> </filter> <filter-mapping> <filter-name>HTTPSFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> ... </web-app>

Filter Code:

 public class HTTPSFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; // Forward to HTTPS if insecure HTTP was used if(!req.getScheme().startsWith("https")) { // Modify the Response object to be the SSL version of the URL String host = request.getLocalName(); String URI = request.getRequestURI(); if(URI == null) { URI = ""; } String queryString = request.getQueryString(); if(queryString == null) { queryString = ""; } response.sendRedirect("https://" + host + ":9443" + URI + ("".equalsIgnoreCase(queryString) ? "":"?") + queryString); } chain.doFilter(req, res); } public void init(FilterConfig config) throws ServletException { } public void destroy() { } }
0
source

Source: https://habr.com/ru/post/1489490/

More articles:


All Articles