Alain, Yes, I do have the docs, as mentioned in the original post. (Note the document has significant error - it should be <attribute name="Config"> </attribute>, not <config></config>. This was solved over the past weeks on the jboss forum [which is currently down :-( ].)
Yes, I have tried a bit of trickery with the "Config" attribute of the EmbeddedCatalinaServiceSX. I have SSL and Non-SSL working fine. What I do not have (which Tomcat supports in Standalone) is automatic redirection to the SSL port when a url pattern with a transport guarantee of CONFIDENTIAL or INTEGRAL is requested over http. Again, this is handled by the redirectPort attribute of the connector under Tomcat. But according to the docs, this is not an available attribute for the EmbeddedCatalinaServiceSX. What I need to know (from whomever wrote the EmbeddedCatalinaServiceSX), does it actually support the concept of the redirectPort (see Tomcat config docs)? Or in wrapping tomcat, was this feature lost? Yes, I know I could look at the code, but at that point the cost of configuring the server becomes too high. Thanks for your suggestions, TC ----- Original Message ----- From: "Coetmeur, Alain" <[EMAIL PROTECTED]> Sent: Wednesday, January 16, 2002 10:04 AM Subject: RE: [JBoss-user] JBoss2.4.4+Tomcat4.0.1 w/SSL port redirection In fact this is documentend in the (cheap 10$) commercial dcumentation of jboss2.4.4 http://www.flashline.com/Components/View.jsp?prodid=4375 if you can, buy it, it is worth it... there a 3 way to support SSL, one set the catalina engine to serve only SSL and uses JAAS Mbean, a second is similar to the one documented in catalina documentation, and the third uses a jboss SSL socket factory and uses the JAAS MBEAN which is documented in this book... <server> ... <!-- The SSL domain setup --> <mbean code="org.jboss.security.plugins.JaasSecurityDomain" name="Security:name=JaasSecurityDomain,domain=RMI+SSL"> <constructor> <arg type="java.lang.String" value="RMI+SSL"/> </constructor> <attribute name="KeyStoreURL">chap8.keystore</attribute> <attribute name="KeyStorePass">rmi+ssl</attribute> </mbean> ... <!-- The embedded Tomcat-4.x setup with non-SSL and SSL HTTP connectors enabled --> <mbean code="org.jboss.web.catalina.EmbeddedCatalinaServiceSX" 10 INTEGRATING SERVLET CONTAINERS namain:service=EmbeddedTomcat"> <config> <Connector className="org.apache.catalina.connector.http.HttpConnector" port="8443" minProcessors="5" maxProcessors="75" enableLookups="true" acceptCount="10" scheme="https" secure="true"> <Factory className="org.jboss.web.catalina.security.SSLServerSocketFactory" securityDomainName="java:/jaas/RMI+SSL"/> </Connector> </config> </mbean> </server> to be honnest, It is not evident to understand what this does without the doc... I'm really happy with this doc, event If I paid from my pocket because my online transaction cannot be accepted by my accounters in my company. Anyway this is only because we don't have opened a corporate account on flashline http://www.flashline.com/aboutus/caccount.jsp (stupid was I 8> ) -----Message d'origine----- De: Thomas Clouser [mailto:[EMAIL PROTECTED]] Date: mercredi 16 janvier 2002 05:21 À: [EMAIL PROTECTED] Objet: [JBoss-user] JBoss2.4.4+Tomcat4.0.1 w/SSL port redirection >From what I can see (docs, mailing list archive), the EmbeddedCatalinaServiceSX MBean does not provide the necessary attribute (and perhaps support code) to support port redirection. This functionality is supported by the redirectPort attribute of the connector setup for http in Tomcat 4.x (standalone). The value given for this attribute would be the port number for https. This would allow for the automatic redirection of request whose content (url pattern) had a transport guarantee of CONFIDENTIAL or INTEGRAL. Does anyone have a workaround for this? TIA, TC _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
