In our previous article we have explained how to configure Wildcard SSL Certificate in JBoss application server. As the next step, you will have to configure HTTP redirection so as to redirect all the incoming HTTP request’s to HTTPS to make sure your Java app is completely secured. In this article we will give you the steps to configure this in JBoss.
Steps for HTTP Redirection in JBoss
1. Update redirect port in http connector
As the first step, you need to configure JBoss Application Server so as to redirect all the incoming HTTP requests to the HTTPS port. This can be done by updating the HTTP connector section in the standalone.xml of JBoss Application Server as shown below.
<connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http" redirect-port="443"/>
2. Update Security Constraint in web.xml
Update the web.xml of the web application (war file) with the below entry for security constraint,
<security-constraint> <web-resource-collection> <web-resource-name>TestWebApp</web-resource-name> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
After completing the above 2 steps, you can redeploy & restart the JBoss Application server to test the changes.
