Reputation: 23770
How to use HTTPS with Glassfish 4 and JSF 2.2?
Just for learning purposes, I want to use SSL in the application I have developed in my local environment.
So I want all my connections to go through ssl.
How can I implement this with Glassfish 4.0 ?
Upvotes: 5
Views: 9964
Answers (2)
Reputation: 8990
Here is an example of using JAAS Form authentication:
on web.xml this block of code defines what urls will be SSL enabled:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>userauth</realm-name>
<form-login-config>
<form-login-page>/login.jsf</form-login-page>
<form-error-page>/loginError.jsf</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<display-name>ConstraintSSL</display-name>
<web-resource-collection>
<web-resource-name>protected</web-resource-name>
<description/>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
Now on your application server (glassfish) configure your authentication realm "userauth" in this example:
create-auth-realm --classname com.sun.enterprise.security.ee.auth.realm.jdbc.JDBCRealm
--property jaas-context=jdbcRealm:datasource-jndi=oracleXE10gJDBCResource:user-
table=TB_USER:user-name-column=ID_USER:password-column=PASSWORD:group-
table=TB_USER_GROUP_USER:group-name-column=ID_GROUP:group_table_user-name-
column=ID_GROUP:digest-algorithm=MD5 userauth
In this example I created a JDBC based realm with MD5 encrypted passwords on a User table called "TB_USER" along with the group table names. You might create your own authentication realm, it can be file, jdbc or other JAAS type (please see JAAS doc for each specific one).
Now any requests for your app shall be using SSL.
Glassfish will redirect to the SSL port (default 8181) and your browser will be displaying the default SSL Trust certificate alert window (in case you are using a self-signed certificate) asking if you trust the connection, and after accepting you should see the page rendered correctly in SSL mode - https
Upvotes: 3
Reputation: 3072
Navigate to Glassfish Admin Console and then Server Settings --> Network Listeners. There you can set the listeners to use SSL. By default there are three listeners, 4848 for admin console, 8080 for general http listening, and 8181 for secured http listening. There are several things you can do here
To enable SSL for listeners or edit Listener check Security option
To disable listeners uncheck
On SSL tab fill the SSL information
Upvotes: 0
Related Questions
- Glassfish no response on HTTPS after installing SSL-certificates
- how to redirect http to https with glassfish v4
- Cannot setup SSL with Glassfish
- Implementing HTTPS in Java EE
- How to activate SSL(HTTPS) in Glassfish 3.0 embedded API?
- Login in JSF 2.0 with Glassfish 3.1.2 and JAAS
- Servlet and TLS
- SSL configuration in glassfish
- Glassfish not loading secure page
- HTTPS with Java Server Faces