[jboss-user] [Security & JAAS/JBoss] - Re: problem with https
Hola chicos, despu??s de buscar mucho he optado por una soluci??n que ni mucho
menos es ??ptima pero al menos funciona.
Lo que he hecho es hacer un filtro que rediriga a la misma pagina pero con
http:// y con el puerto 8080 o el que corresponda. Os pego el codigo.
public class ControlProtocolo implements Filter{
public void destroy() {
System.out.println(" destruido filtro Control de Protocolo");
}
public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain arg2) throws IOException, ServletException {
if (arg0.isSecure()){
HttpServletRequest httpRequest = (HttpServletRequest) arg0;
HttpServletResponse httpResponse = (HttpServletResponse) arg1;
StringBuffer redirectURL = new StringBuffer();
redirectURL.append("http://";);
redirectURL.append(httpRequest.getServerName());
redirectURL.append(":8080");
redirectURL.append(httpRequest.getContextPath());
redirectURL.append(httpRequest.getServletPath());
String queryString = httpRequest.getQueryString();
if (queryString!=null){
redirectURL.append("?");
redirectURL.append(queryString);
}
httpResponse.sendRedirect(redirectURL.toString());
}else{
arg2.doFilter(arg0, arg1);
}
}
public void init(FilterConfig arg0) throws ServletException {
System.out.println("Iniciando filtro Control de Protocolo ...");
}
}
Y en el web.xml, logicamente s??lo lo voy a aplicar a la zona nosegura, que es
la candidata a ser redireccionada.
{filter}
{filter-name>controlProtocoloFilter{/filter-name}
{filter-class}
es.carm.javato.infoWeb.filtros.ControlProtocolo
{/filter-class}
{/filter}
{filter-mapping}
{filter-name}controlProtocoloFilter{/filter-name}
{url-pattern}/nosegura/*{/url-pattern}
{/filter-mapping}
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221510#4221510
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4221510
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - problem with https
Hi. I have a problem with https, I will describe the environment mi web.xml contains privateSecured /segura/* GET POST * CONFIDENTIAL privateUnsecured /nosegura/* GET POST * NONE publicSecured /login.html GET POST CONFIDENTIAL FORM iwb /login.html /nosegura/error.jsp * my webapp |--src (carpeta de fuentes) |--doc (carpeta de documentos de analisis) |--res (carpeta de recursos estaticos) |--web |--META_INF |--WEB_INF |--index.jsp (redirige a /nosegura/entrada.jsp) |--login.html (pantalla de autentificacion) |--segura (carpeta de jsp que quiero que sean seguras) |--gestion |--administracion |nosegura (carpeta de jsp que no quiero que sean seguras) |---UsuariosGrupos |---cabeceras y pie |---error.jsp |---entrada.jsp |---logoff.jsp (redirige a /nosegura/entrada.jsp) Now I will explain my flow of requests to get into my application: I have an index.jsp file as wellcome-file, that file only contain: <% Response.sendRedirect (request.getContextPath () + "/ nosegura / entrada.jsf")%> entrada.jsf and is not sure and private, it does go private to the login screen. The login screen is public but it is secured, so you should do it for https. Here is the first problem, does not. If I do server: port / application / login.html if you ask me the license, so they understand that security-contraintes login if it works, but it seems that the current flow does not request any login.html The other problem is not going to https to http, if you do well from http to https, but the reverse does not work. I can not get pass from https to http Any idea View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221237#4221237 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4221237 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
