Redirect http requests to https in wildfly 10

spring ssl https jboss wildfly-10
Faiyaz Md Abdul picture Faiyaz Md Abdul · May 3, 2017 · Viewed 17.4k times · Source

This is my standalone-full.xml configuration with ssl configured
security realm .

      <security-realm name="SslRealm">
            <server-identities>
            <ssl>
            <keystore path="D:\ncm.keystore" alias="ncm" keystore-password="*****" />
            </ssl>
            </server-identities>
        </security-realm>

Subsystem

 <server name="default-server">
            <http-listener name="default" socket-binding="http" redirect-socket="https"/>
            <https-listener name="default-ssl" socket-binding="https" security-realm="SslRealm"/>
            <host name="default-host" alias="localhost">
                <location name="/" handler="welcome-content"/>
                <filter-ref name="server-header"/>
                <filter-ref name="x-powered-by-header"/>
            </host>
        </server>

Socket Binding

   <socket-binding name="http" port="${jboss.http.port:8080}"/>
    <socket-binding name="https" port="${jboss.https.port:8443}"/>

How to redirect to https:///localhost:8443/myApp when user hits http://localhost:8080/myApp

Answer

Varsha picture Varsha · May 3, 2017

A rewrite rule can be used to redirect users. In the undertow subsystem (standalone.xml or domain.xml) you will need to create a new rewrite filter and then enable the filter in a new fitler-ref:

Create the new rewrite filter in the filters section. In the example below, users will be redirected to https://myhostname:443/my-app. %U is a placeholder for the original request URL path; you want to use %U to make the redirect friendly and keep users' original request URL path.

<filters>
<rewrite name="http-to-https" redirect="true" target="https://myhostname:8443%U"/>
</filters>

Then, enable the filter and configure a predicate in the host section. The predicate is where you configure what the rewrite filter applies to. In the example below, our rewrite filter will only apply to requests going to port 8080.

    <server name="default-server">
        <host name="default-host" alias="localhost">
            ...
            <filter-ref name="http-to-https" predicate="equals(%p,8080)"/>

Here are the JBoss CLI steps for the same configuration changes above:

/subsystem=undertow/configuration=filter/rewrite=http-to-https:add(redirect="true",target="https://myhostname:8443%U")
/subsystem=undertow/server=default-server/host=default-host/filter-ref=http-to-https:add(predicate="equals(%p,8080)")

Related questions

HTTPS login with Spring Security redirects to HTTP

I have a Spring web app, secured with Spring Security, running on EC2. In front of the EC2 instance is an Elastic Load Balancer with an SSL cert (https terminates at the load balancer ie. port 443 -> port 80), so …

Read More
How to use spring-ws client to call the same webservice using different keystore

I have some application that need to run in the same Application server. Each application need to authenticate through the same web service using a certificate specific for that application. Obviously I can put all the certificates inside the same …

Read More
Spring 5 WebClient using ssl

I'm trying to find examples of WebClient use. My goal is to use Spring 5 WebClient to query a REST service using https and self signed certificate Any example?

Read More