https problem Excessive redirection

Asked

Viewed 1,502 times

0

On my web system, when I add code to web.xml:

<security-constraint>   
<display-name>ConstraintSSL</display-name>
<web-resource-collection>
    <web-resource-name>protected</web-resource-name>
    <description/>
    <url-pattern>/*</url-pattern>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    <http-method>HEAD</http-method>
    <http-method>PUT</http-method>
    <http-method>OPTIONS</http-method>
    <http-method>TRACE</http-method>
    <http-method>DELETE</http-method>
</web-resource-collection>

<user-data-constraint>        
  <transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>        

The system gets in over redirect, someone can help me?

  • Is there anything in front of Glassfish? e.g., apache or Nginx?

  • Also post relevant settings on archive ports and https domain.xml or equivalent of Glassfish

  • No, only the same glassfish, however if I take this https code and access right it does not from any error, to lost already rs

  • 1

    In this case something in your application or server is redirecting back to http (which makes the request loop). Some frameworks and things like that redirect, start sweeping around.

  • The glassfish setting is default, I just reinstalled again, I have to change some configuration inside it?

  • Yes, you will need a certificate and run the administrative commands. The Glassfish secure standard port (8181) does not come with a true certificate (certificates are usually paid for). Start with this page of the Glassfish manual. In addition to the application server itself you need to provide more data about the application itself. This loop between http and https connections may be happening for a number of reasons (it doesn’t help you much with just security-constraint, that part seems to be ok).

  • OK, intendo mt little server, I will post the domail.xml

  • Apache q is managing glassfish! did not know, the hosting people told me agr rs, ai muda td?

  • Bruno, changes. The documentation that Linkei above explains what needs to be done in apache with mod_jk or mod_ajp to enable https://access. Anyway your question has now been completely decontextualized, I would say you take it easy on the documentation I gave you, research the problem more calmly and then return with more specific questions if that’s the case.

Show 5 more comments
No answers

Browser other questions tagged

You are not signed in. Login or sign up in order to post.