How to make "HTTPS redirect" work on WebSphere Application Server Liberty Profile?

ssl https websphere websphere-8 websphere-liberty
Anuroop picture Anuroop · Jul 3, 2013 · Viewed 13.2k times · Source

I want make HTTP Redirect work on WebSphere Application Server Liberty Profile (WLP). For example:-

When user types: http://localhost:8080/helloworld, the browser should automatically go (be redirected) to https://localhost:9443/helloworld

To achieve this, I followed this document, Section 6.2, page no. 136.

Below is the sample server.xml and web.xml:-

server.xml

<server description="new server">

<!-- Enable features -->
<featureManager>
    <feature>jsp-2.2</feature>
    <feature>wab-1.0</feature>
    <feature>jaxrs-1.1</feature>
    <feature>blueprint-1.0</feature>
    <feature>localConnector-1.0</feature>
    <feature>ssl-1.0</feature>
    <feature>appSecurity-2.0</feature>
</featureManager>

<httpEndpoint host="localhost" httpPort="8081" httpsPort="9442" id="defaultHttpEndpoint">
</httpEndpoint>

<applicationMonitor updateTrigger="mbean"/>
<keyStore id="defaultKeyStore" password="{xor}Lz4sLCgwLTtu"/>

<application id="Hello.app" location="Hello.app.eba" name="Hello.app" type="eba"/>

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
    <display-name>Hello</display-name>

    <security-constraint>
        <display-name>HTTPS Redirect Security Constraint</display-name>
        <web-resource-collection>
            <web-resource-name>Sample Web Service service</web-resource-name>
            <url-pattern>/Hello</url-pattern>
            <http-method>GET</http-method>

        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
</web-app>

Have removed the <servlet> and <servlet-mapping> tag for brevity.

Below are the versions that I am using:- Java 7, WLP 8.5.5, Eclipse Juno, Google Chrome.

Any help, guidelines on why HTTPS redirect is not working will be much appreciated.

Answer

Alasdair picture Alasdair · Jul 6, 2013

I suspect the problem is in your security-constraint. Looking at it I would suggest changing your url-pattern to be:

/helloworld

rather than:

/Hello

If you want to match multiple resources you can use wildcards such as:

  1. /* - matches everything
  2. /helloworld/* - matches everything that has helloworld/ in the url path
  3. *.jsp - matches all files with a jsp extension

Related questions

Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?

Edit :- Tried to format the question and accepted answer in more presentable way at mine Blog Here is the original issue. I am getting this error: detailed message sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.…

Read More
https connection using CURL from command line

I am new to Curl and Cacerts world and facing a problem while connecting to a server. Basically, I need to test connectivity over https from one machine to another machine. I have a URL to which I need to …

Read More
Java: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

I have a class that will download a file from a https server. When I run it, it returns a lot of errors. It seems that I have a problem with my certificate. Is it possible to ignore the client-server …

Read More