Metawerx Java Hosting Small Logo

How to stop the redirectPort attribute from being ignored in JBoss

Due to a transformation in the ServiceBindingManager in JBoss 5, the redirectPort in server.xml is overridden and replaced with httpPort + 363, as follows:

   <xsl:variable name="portHttps" select="$port + 363"/>

This seems nice and automatic, but can cause automatic redirects to go to the above port, instead of the port you have set in server.xml

In a production environment, the server may be listening on ports 8080/8443. If using a CONFIDENTIAL transport guarantee for some sections of the application, we would want redirects to SSL in the browser to go to port 443, not 8443. Therefore, we use a redirectPort of 443 in the <Connector> element in server.xml (which is actually the default anyway).

However, this section in bindings-jboss-beans.xml overrides this and changes our redirectPort to 8080+363 (8443).

ie:

  • 1) we go to http://oursite.com
  • 2) it redirects to SSL, and ends up on :8443
  • 3) the browser shows https://oursite.com:8443/somepage (unintended behaviour, should not contain :8443)

You can see the real server.xml file that JBoss uses for deployment, after the transformation has been applied, in the server/all/tmp folder. Look for a file named service-binding63562.tmp or similar. Each time it generates, it creates a new file like this, with a new random number. Anyway, we don't want that behaviour, so let's disable it...

nano server/all/conf/bindingservice.beans/META-INF/bindings-jboss-beans.xml

Comment out this section:

   <xsl:when test="(name() = 'redirectPort')">
      <xsl:attribute name="redirectPort"><xsl:value-of select="$portHttps" /></xsl:attribute>
   </xsl:when>

Now our redirectPort setting is used correctly.

  • 1) we go to http://oursite.com
  • 2) it redirects to SSL, and ends up on :443
  • 3) the browser shows https://oursite.com/somepage (intended behaviour)

- Neale Rudd

navigation
metawerx specific
search
Share
tools
help

referring pages

Share