[jboss-jira] [JBoss JIRA] (WFLY-5725) Attribute "secure" not migrated to Undertow subsystem

Fri Nov 27 08:27:00 EST 2015

    [ https://issues.jboss.org/browse/WFLY-5725?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13134718#comment-13134718 ] 

Tomaz Cerar commented on WFLY-5725:
-----------------------------------

HttpListenerService#isSecure() method is not used by servlet container to figure out if request is secure or not.
it is only used by subsystem itself to implement ConfidentialPortManager that is used to properly do redirects for unsecure-->secure
Basically to provide port mapping for <transport-guarantee>CONFIDENTIAL</transport-guarantee>

> Attribute "secure" not migrated to Undertow subsystem
> -----------------------------------------------------
>
>                 Key: WFLY-5725
>                 URL: https://issues.jboss.org/browse/WFLY-5725
>             Project: WildFly
>          Issue Type: Bug
>          Components: Web (Undertow)
>         Environment: RHEL 7.1
>            Reporter: Francesco Marchioni
>            Assignee: Stuart Douglas
>              Labels: ea, undertow
>
> We need to migrate the following EAP 6 configuration from the web subsystem:
> <subsystem xmlns="urn:jboss:domain:web:2.1" default-virtual-server="default-host" native="false">
>     <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
>     <connector name="httpconfidential" protocol="HTTP/1.1" scheme="http" socket-binding="httpsecure" secure="true" enabled="true"/>
>     <virtual-server name="default-host" enable-welcome-root="true">
>         <alias name="localhost"/>
>         <alias name="example.com"/>
>     </virtual-server>
> </subsystem>
> This configuration uses the *secure="true" * attribute to support the transport-guarantee to CONFIDENTIAL which is required by our applications. (We don't use https in EAP which is configured only on the Apache Web server that serves request to EAP 6)
> The configuration has been migrated into EAP 7.0.0 Alpha using the CLI /subsystem=web:migrate command. Although no warnings are shown, the resulting configuration *does not contain the attribute "secure"* :
> <subsystem xmlns="urn:jboss:domain:undertow:3.0">
>     <buffer-cache name="default"/>
>     <server name="default-server">
>         <http-listener name="http" socket-binding="http"/>
>         <http-listener name="httpconfidential" socket-binding="httpsecure"/>
>         <host name="default-host" alias="localhost, example.com">
>             <location name="/" handler="welcome-content"/>
>         </host>
>     </server>
>     <servlet-container name="default">
>         <jsp-config/>
>     </servlet-container>
>     <handlers>
>         <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
>     </handlers>
> </subsystem>
> Is there any plan to provide backward compatiblity for the secure attribute in EAP 7 ?

--
This message was sent by Atlassian JIRA
(v6.4.11#64026)