Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to use HTTPS with Glassfish 4 and JSF 2.2?

Tags:

https

ssl

glassfish

Just for learning purposes, I want to use SSL in the application I have developed in my local environment.

So I want all my connections to go through ssl.

How can I implement this with Glassfish 4.0 ?

like image 704
Koray Tugay Avatar asked Oct 21 '22 23:10

Koray Tugay

1 Answers

Here is an example of using JAAS Form authentication:

on web.xml this block of code defines what urls will be SSL enabled:

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>userauth</realm-name>
    <form-login-config>
        <form-login-page>/login.jsf</form-login-page>
        <form-error-page>/loginError.jsf</form-error-page>
    </form-login-config>                
</login-config>

<security-constraint>   
    <display-name>ConstraintSSL</display-name>
    <web-resource-collection>
        <web-resource-name>protected</web-resource-name>
        <description/>
        <url-pattern>/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
        <http-method>HEAD</http-method>
        <http-method>PUT</http-method>
        <http-method>OPTIONS</http-method>
        <http-method>TRACE</http-method>
        <http-method>DELETE</http-method>
    </web-resource-collection>

    <user-data-constraint>        
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>        

</security-constraint>

Now on your application server (glassfish) configure your authentication realm "userauth" in this example:

     create-auth-realm --classname com.sun.enterprise.security.ee.auth.realm.jdbc.JDBCRealm
 --property jaas-context=jdbcRealm:datasource-jndi=oracleXE10gJDBCResource:user-
table=TB_USER:user-name-column=ID_USER:password-column=PASSWORD:group-
table=TB_USER_GROUP_USER:group-name-column=ID_GROUP:group_table_user-name-
column=ID_GROUP:digest-algorithm=MD5 userauth

In this example I created a JDBC based realm with MD5 encrypted passwords on a User table called "TB_USER" along with the group table names. You might create your own authentication realm, it can be file, jdbc or other JAAS type (please see JAAS doc for each specific one).

Now any requests for your app shall be using SSL.

Glassfish will redirect to the SSL port (default 8181) and your browser will be displaying the default SSL Trust certificate alert window (in case you are using a self-signed certificate) asking if you trust the connection, and after accepting you should see the page rendered correctly in SSL mode - https

like image 174
guilhebl Avatar answered Oct 25 '22 17:10

guilhebl
Sign in to Comment

Related questions

Forcing SSL via HTaccess
Node js - SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:.Error [duplicate]
file_get_contents() is not working properly with youtube
Is there a workaround for: java.lang.RuntimeException: Could not generate DH keypair [duplicate]
Heroku SSL DNS Settings
CloudFlare SSL compatibility with ASP.NET MVC RequireHttps
javax.net.ssl.SSLHandshakeException: No available authentication scheme

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!