wood burning stoves 2.0*
The moose likes Security and the fly likes [SSL] Adding security constraint to web.xml to exclude ressources Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "[SSL] Adding security constraint to web.xml to exclude ressources" Watch "[SSL] Adding security constraint to web.xml to exclude ressources" New topic
Author

[SSL] Adding security constraint to web.xml to exclude ressources

Kacem Bel
Ranch Hand

Joined: Jan 26, 2011
Posts: 30

Hello guys,


I have a JEE6 web application [JSF2] under JBoss 6.0.0 final on eclipse, i have installed the SSL and everything works fine, then i wanted to exclude some ressources from being forced to use SSL,
I added the following to web.xml:



Now that i have made the exception for the URL above, i dont know why i still can't access the URL : http://localhost:8080/appname/folder1/index.jsf
and it becomes accessible when i turn it to : https://localhost:8443/appname/folder1/index.jsf , which means that it is still forced to use SSL


please give me advices or anything that could help resolving this, thanks in advance



-Kacem


OCP-JP 6 - OCE-JPAD - OCE-EJBD
manjesh ipp
Greenhorn

Joined: Jan 01, 2011
Posts: 9
Did you check the "Connector" element of server.xml ?
Kacem Bel
Ranch Hand

Joined: Jan 26, 2011
Posts: 30

hi,

It worked just as it is.. I think there was something wrong with JBoss AS itself

thanks anyways for your feedback : )
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: [SSL] Adding security constraint to web.xml to exclude ressources
 
Similar Threads
JBOSS web logon not redirecting from port 8080 to 8443 at login
Problem with https
http https switch
Switch back to HTTP after HTTPS page
HttpServletRequest - RequestDispatcher - Forward - is not using Constraint