[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-3274) HTTPS LInks Contain Wrong Port

Rick Horowitz (JIRA) jira-events at lists.jboss.org
Sat Aug 23 23:29:38 EDT 2008

    [ https://jira.jboss.org/jira/browse/JBSEAM-3274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12426326#action_12426326 ] 

Rick Horowitz commented on JBSEAM-3274:

I'd like to request that you fix this bug in for the 2.0.3 release. 

I used Seam in a production application with Glassfish V2 and have been hampered by a session dropping bug for almost a year now (using Seam 1.2 and Hibernate 3.2.6). I just spent the better part of today upgrading to Hibernate 3.3.0, Seam 2.0.3 CR1, and all the associated packages and have run into this https port bug. HTTPS port switching worked fine with Seam 1.2, but is now broken in 2.0.3 and 2.0.2. 

Does this mean that I'll have to wait several more months for a Seam 2.1 release until Seam 2.x is usable for my application? I really hope you'll consider fixing this for the 2.0.3 release. 

Thanks very much for this and for all the work you do on Seam.

> HTTPS LInks Contain Wrong Port
> ------------------------------
>                 Key: JBSEAM-3274
>                 URL: https://jira.jboss.org/jira/browse/JBSEAM-3274
>             Project: Seam
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 2.0.2.SP1, 2.0.3.CR1
>         Environment: Ubuntu 7.10, Tomcat 6.0, Seam 2.0.2/2.0.3
>            Reporter: Arron Ferguson
>            Assignee: Shane Bryzak
>            Priority: Blocker
>             Fix For: 2.1.0.BETA1
> As per what Shane Bryzak suggested in this thread (Shane suggested that I assign it to him but I couldn't find that feature in this web form):
> http://www.seamframework.org/Community/SeamAndHTTPS
> I am submitting this bug report.
> Using Seam 2.0.2/2.0.3 with Tomcat 6, if you have pages in your web app that switch between different protocols (i.e., between HTTP and HTTPS), the Seam links are not using the correct port. This bug is reproducible 100% of the time. In order to reproduce, have Tomcat 6 running (you don't need a DB) and ensure that Tomcat 6 has the following lib in its $CATALINA_HOME/lib folder: el-api.jar
> The application must contain the following libs in it's class path as well:
> antlr.jar
> asm.jar
> cglib.jar
> commons-beanutils.jar
> commons-codec-1.3.jar
> commons-collections.jar
> commons-digester.jar
> commons-lang.jar
> commons-logging.jar
> dom4j.jar
> ejb-api.jar
> javassist.jar
> jboss-archive-browsing.jar
> jboss-el.jar
> jboss-seam-debug.jar
> jboss-seam-ioc.jar
> jboss-seam.jar
> jboss-seam-ui.jar
> jsf-api.jar
> jsf-facelets.jar
> jsf-impl.jar
> jstl.jar
> jta.jar
> lucene-core.jar
> persistence-api.jar
> spring.jar
> Your Tomcat server.xml file (found in $CATALINA_HOME/conf folder) should uncomment the following:
>     <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
>                maxThreads="150" scheme="https" secure="true"
>                clientAuth="false" sslProtocol="TLS" />
> Don't worry about the fact that you're not specifying the keystore, if you've set up the keystore, Tomcat 6 will find it (new feature, saves typing). Having said that, you'll need to have set up the keystore (set up on your OS which is pretty brainless on either Windows or Linux) for Tomcat as per the following guide from Apache:
> http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
> Don't worry, it's a pretty easy-to-follow set of steps creating a keystore (should take no longer than five minutes - especially if you use the default values that the quick tutorial says to use). Your pages.xml file looks like this (copy/paste):
> <?xml version="1.0" encoding="UTF-8"?>
> <pages xmlns="http://jboss.com/products/seam/pages"
>        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>        xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.0.xsd"
>        http-port="8080" https-port="8443"
>        no-conversation-view-id="/index.xhtml"
>                  login-view-id="/index.xhtml">
>   <page view-id="*" scheme="http" />
>   <page view-id="/register.xhtml" scheme="https"/>
> </pages>
> Also, make sure you do NOT specify any sort of security constraints in your web.xml file since we are already specifying protocol choices in the above pages.xml file (I found this out the hard way).
> Create a Facelets template as (copy/paste):
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
>           "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
> <html xmlns="http://www.w3.org/1999/xhtml"
>       xmlns:ui="http://java.sun.com/jsf/facelets">
>   <head>
>     <title>Test HTTP and HTTPS Pages</title>
>   </head>
>   <body>
>     <ui:insert name="body"><div>Hello Facelets</div></ui:insert>
>   </body>
> </html>
> Based on the template, create two pages. The first page is the index page which uses the default HTTP and so port 8080 from Tomcat default port  (copy/paste):
> <?xml version='1.0' encoding='UTF-8' ?>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
>                       "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
> <html xmlns="http://www.w3.org/1999/xhtml"
>       xmlns:ui="http://java.sun.com/jsf/facelets"
>       xmlns:s="http://jboss.com/products/seam/taglib" >
>   <body>
>     <ui:composition template="./template.xhtml">
>       <ui:define name="body">
>         <p>This page is http://localhost:8080/test/index.html</p>
>         <s:link view="/register.xhtml" value="register"/>
>         <p>Here's a Seam s:link to the register page:</p>
>         <p>Here's a regular HTML anchor to the register page: <a href="./register.html">register</a></p>
>       </ui:define> 
>     </ui:composition>
>   </body>
> </html>
> Next is the register page which is using SSL (and so port 8443 in Tomcat 6 by default, copy/paste):
> <?xml version='1.0' encoding='UTF-8' ?>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
>                       "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
> <html xmlns="http://www.w3.org/1999/xhtml"
>       xmlns:ui="http://java.sun.com/jsf/facelets"
>       xmlns:s="http://jboss.com/products/seam/taglib" >
>   <body>
>     <ui:composition template="./template.xhtml">
>       <ui:define name="body">
>         <p>This page is defined as an HTTPS page (i.e., using SSL) within the pages.xml file and thus under Seam 2.0.3 under Tomcat 6 is actually at: https://localhost:8443/test/register.html</p>
>         <p>Go back to the index.html page which is not using SSL (so at port 8080):</p>
>         <s:link view="/index.xhtml" value="index"/>
>         <p>Here's a Seam s:link to the index page:</p>
>         <p>Here's a regular HTML anchor to the index page: <a href="./index.html">index</a></p>
>       </ui:define> 
>     </ui:composition>
>   </body>
> </html>
> Once you start up Tomcat 6 and deploy your web app, if you type the URL of your index.html file you should see the page rendered. Check the source of that page (the index.html page) and take a look at Seam's s:link URL. It is:
> https://localhost:8080/test/register.html?conversationId=1
> Assuming it's the first conversation started (otherwise the conversation id will be n). Notice the wrong protocol (8080). It should be 8443 due to what we specified in the pages.xml file. 
> This appears to be a bug - in the very least seam link elements should be able to specify the correct protocol if the pages.xml file states a particular protocol for a particular page.
> Let me know if you have any other questions, I will provide code, confirmation files as requested.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


More information about the seam-issues mailing list