[jboss-dev-forums] [Design of Security on JBoss] - Error in org.jboss.security.valve.SSOFederationRouter
dennismarcum
do-not-reply at jboss.com
Mon Jun 16 19:00:21 EDT 2008
The lookupPartners() method has "http" hard coded for creating the URL to access the federated resource of partners. When the request comes from a secure connection the method throws a org.apache.commons.httpclient.ProtocolException (The server whatever failed to respond with a valid HTTP response) since it is trying to access a URL as such http://whatever:443/federate/partners. The header returns garbage since it is trying to access a https resource using http. The method needs to be changed to use request.getScheme() to build the URL instead of the hard coded "http" string.
Mahalo,
Dennis
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4158526#4158526
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4158526
More information about the jboss-dev-forums
mailing list