Yep...I had tried it, and it doesn't work. The EmbeddedCatalinaServiceSX
MBean that contains the config attribute is not overriden by declaring two
connectors inside it. In essence, you then have three connectors (the one
implied by the presence of the EmbeddedCatalinaServiceSX and the one each
for the connectors defined in the config attributes, per your example. And
with unpredicatable consequences two of the connections are attempting to
use the same port [the implied connection, which defaults to 8080 and the
configed http connection]). I also tried a bit of trickery by using this...
<!-- EXPERIMENT - Non-SSL and SSL with JBoss JaasSecurityDomain
<mbean code="org.jboss.web.catalina.EmbeddedCatalinaServiceSX"
name="DefaultDomain:service=EmbeddedTomcat">
<attribute name="Port">443</attribute>
<attribute name="SecurityDomain">java:/jaas/tomcat</attribute>
<attribute name="Config">
<Connector
className="org.apache.catalina.connector.http.HttpConnector"
port="80" minProcessors="5" maxProcessors="75"
enableLookups="true" redirectPort="443"
acceptCount="10" debug="1" connectionTimeout="60000"/>
</attribute>
</mbean>
-->
But this was a no-go as well.
My best guess at this point, without looking at the code, is that the
EmbeddedCatalinaServiceSX MBean does not have the necessary facilities to
handle a port redirection (it would have to know how to rebuild the
requested URL using the HTTPS ass the protocol instead of HTTP).
Thanks,
TC
----- Original Message -----
From: "Coetmeur, Alain"
To: "'Thomas Clouser'" <[EMAIL PROTECTED]>
Sent: Wednesday, January 16, 2002 12:13 PM
Subject: RE: [JBoss-user] JBoss2.4.4+Tomcat4.0.1 w/SSL port redirection
> -----Message d'origine-----
> De: Thomas Clouser [mailto:[EMAIL PROTECTED]]
> Date: mercredi 16 janvier 2002 16:41
> À: [EMAIL PROTECTED]
> Objet: Re: [JBoss-user] JBoss2.4.4+Tomcat4.0.1 w/SSL port redirection
>
>
> Alain,
>
> What I do not have (which Tomcat supports in Standalone) is automatic
> redirection to the SSL port when a url pattern with a
> transport guarantee of
> CONFIDENTIAL or INTEGRAL is requested over http. Again, this
> is handled by
> the redirectPort attribute of the connector under Tomcat.
> But according to
> the docs, this is not an available attribute for the
> EmbeddedCatalinaServiceSX.
>
> What I need to know (from whomever wrote the
> EmbeddedCatalinaServiceSX),
> does it actually support the concept of the redirectPort (see
> Tomcat config
> docs)? Or in wrapping tomcat, was this feature lost?
>
> Yes, I know I could look at the code, but at that point the cost of
> configuring the server becomes too high.
in the code I see no reference to a port redirect parameter.
however you could declare a classic <connector > element
with the good proxy attribute like in catalina server.xml
<attribute name="Config">
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8080" minProcessors="5" maxProcessors="75"
enableLookups="true" redirectPort="8443"
acceptCount="10" debug="0" connectionTimeout="60000"/>
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true">
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false" protocol="TLS"/>
</Connector>
</attribute>
according to the doc this should work...
is ther a problem...
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
