Undertow no confidential port is available ------------------------------------------ Key: WFLY-4728 URL: https://issues.jboss.org/browse/WFLY-4728 Project: WildFly Issue Type: Bug Components: Web (Undertow) Affects Versions: 9.0.0.CR1 Environment: Java application server: wildfly-9.0.0.CR1 Java Development Kit (JDK): 1.7.0_04 OS: Windows 7 (x64) Reporter: David Zukerman Assignee: Stuart Douglas Labels: security, security-constraint, undertow Fix For: 9.0.0.Final I configured my application's web.xml file to handle all calls through https: <security-constraint> <web-resource-collection> <web-resource-name>All resources</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <description>SSL</description> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> I configured WildFly 9.0.0 CR1 to handle https request on the 443 port: <socket-binding name="https" port="${jboss.https.port:443}"/> <security-realm name="UndertowRealm"> <server-identities> <ssl> <keystore path="keystore.jks" relative-to="jboss.server.config.dir" keystore-password="mypassword" alias="server" key-password="mypassword"/> </ssl> </server-identities> </security-realm> <https-listener name="default-https" socket-binding="https" security-realm="UndertowRealm"/> If I type on the browser https://localhost/ca/user/1 everything is just fine, but if I type http://localhost/ca/user/1, instead of redirecting to http://localhost/ca/user/1 I get the following error: 2015-06-03 01:49:28,228 ERROR [io.undertow.request] (default task-1) UT005001: An exception occurred processing the request: java.lang.IllegalStateException: UT010053: No confidential port is available to redirect the current request. at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.getRedirectURI(ServletConfidentialityConstraintHandler.java:80) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:49) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:72) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:274) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:253) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:80) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:172) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:774) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:722) Please note that this issue doesn't happen over WildFly 8.2 Final