HTTPS LInks Contain Wrong Port ------------------------------ Key: JBSEAM-3274 URL: https://jira.jboss.org/jira/browse/JBSEAM-3274 Project: Seam Issue Type: Bug Components: Core Affects Versions: 2.0.3.CR1, 2.0.2.SP1 Environment: Ubuntu 7.10, Tomcat 6.0, Seam 2.0.2/2.0.3 Reporter: Arron Ferguson Priority: Blocker As per what Shane Bryzak suggested in this thread (Shane suggested that I assign it to him but I couldn't find that feature in this web form): http://www.seamframework.org/Community/SeamAndHTTPS I am submitting this bug report. Using Seam 2.0.2/2.0.3 with Tomcat 6, if you have pages in your web app that switch between different protocols (i.e., between HTTP and HTTPS), the Seam links are not using the correct port. This bug is reproducible 100% of the time. In order to reproduce, have Tomcat 6 running (you don't need a DB) and ensure that Tomcat 6 has the following lib in its $CATALINA_HOME/lib folder: el-api.jar The application must contain the following libs in it's class path as well: antlr.jar asm.jar cglib.jar commons-beanutils.jar commons-codec-1.3.jar commons-collections.jar commons-digester.jar commons-lang.jar commons-logging.jar dom4j.jar ejb-api.jar javassist.jar jboss-archive-browsing.jar jboss-el.jar jboss-seam-debug.jar jboss-seam-ioc.jar jboss-seam.jar jboss-seam-ui.jar jsf-api.jar jsf-facelets.jar jsf-impl.jar jstl.jar jta.jar lucene-core.jar persistence-api.jar spring.jar Your Tomcat server.xml file (found in $CATALINA_HOME/conf folder) should uncomment the following: <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> Don't worry about the fact that you're not specifying the keystore, if you've set up the keystore, Tomcat 6 will find it (new feature, saves typing). Having said that, you'll need to have set up the keystore (set up on your OS which is pretty brainless on either Windows or Linux) for Tomcat as per the following guide from Apache: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html Don't worry, it's a pretty easy-to-follow set of steps creating a keystore (should take no longer than five minutes - especially if you use the default values that the quick tutorial says to use). Your pages.xml file looks like this (copy/paste): <?xml version="1.0" encoding="UTF-8"?> <pages xmlns="http://jboss.com/products/seam/pages" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.0.xsd" http-port="8080" https-port="8443" no-conversation-view-id="/index.xhtml" login-view-id="/index.xhtml"> <page view-id="*" scheme="http" /> <page view-id="/register.xhtml" scheme="https"/> </pages> Also, make sure you do NOT specify any sort of security constraints in your web.xml file since we are already specifying protocol choices in the above pages.xml file (I found this out the hard way). Create a Facelets template as (copy/paste): <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:ui="http://java.sun.com/jsf/facelets"> <head> <title>Test HTTP and HTTPS Pages</title> </head> <body> <ui:insert name="body"><div>Hello Facelets</div></ui:insert> </body> </html> Based on the template, create two pages. The first page is the index page which uses the default HTTP and so port 8080 from Tomcat default port (copy/paste): <?xml version='1.0' encoding='UTF-8' ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:s="http://jboss.com/products/seam/taglib" > <body> <ui:composition template="./template.xhtml"> <ui:define name="body"> <p>This page is http://localhost:8080/test/index.html</p> <s:link view="/register.xhtml" value="register"/> <p>Here's a Seam s:link to the register page:</p> <p>Here's a regular HTML anchor to the register page: <a href="./register.html">register</a></p> </ui:define> </ui:composition> </body> </html> Next is the register page which is using SSL (and so port 8443 in Tomcat 6 by default, copy/paste): <?xml version='1.0' encoding='UTF-8' ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:s="http://jboss.com/products/seam/taglib" > <body> <ui:composition template="./template.xhtml"> <ui:define name="body"> <p>This page is defined as an HTTPS page (i.e., using SSL) within the pages.xml file and thus under Seam 2.0.3 under Tomcat 6 is actually at: https://localhost:8443/test/register.html</p> <p>Go back to the index.html page which is not using SSL (so at port 8080):</p> <s:link view="/index.xhtml" value="index"/> <p>Here's a Seam s:link to the index page:</p> <p>Here's a regular HTML anchor to the index page: <a href="./index.html">index</a></p> </ui:define> </ui:composition> </body> </html> Once you start up Tomcat 6 and deploy your web app, if you type the URL of your index.html file you should see the page rendered. Check the source of that page (the index.html page) and take a look at Seam's s:link URL. It is: https://localhost:8080/test/register.html?conversationId=1 Assuming it's the first conversation started (otherwise the conversation id will be n). Notice the wrong protocol (8080). It should be 8443 due to what we specified in the pages.xml file. This appears to be a bug - in the very least seam link elements should be able to specify the correct protocol if the pages.xml file states a particular protocol for a particular page. Let me know if you have any other questions, I will provide code, confirmation files as requested. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira