Redirect http requests to https in wildfly 10

9
votes

This is my standalone-full.xml configuration with ssl configured
security realm .

      <security-realm name="SslRealm">
            <server-identities>
            <ssl>
            <keystore path="D:\ncm.keystore" alias="ncm" keystore-password="*****" />
            </ssl>
            </server-identities>
        </security-realm>

Subsystem

 <server name="default-server">
            <http-listener name="default" socket-binding="http" redirect-socket="https"/>
            <https-listener name="default-ssl" socket-binding="https" security-realm="SslRealm"/>
            <host name="default-host" alias="localhost">
                <location name="/" handler="welcome-content"/>
                <filter-ref name="server-header"/>
                <filter-ref name="x-powered-by-header"/>
            </host>
        </server>

Socket Binding

   <socket-binding name="http" port="${jboss.http.port:8080}"/>
    <socket-binding name="https" port="${jboss.https.port:8443}"/>

How to redirect to https:///localhost:8443/myApp when user hits http://localhost:8080/myApp

3
springsslhttpsjbosswildfly-10

3 Answers

27
votes

A rewrite rule can be used to redirect users. In the undertow subsystem (standalone.xml or domain.xml) you will need to create a new rewrite filter and then enable the filter in a new fitler-ref:

Create the new rewrite filter in the filters section. In the example below, users will be redirected to https://myhostname:443/my-app. %U is a placeholder for the original request URL path; you want to use %U to make the redirect friendly and keep users' original request URL path.

<filters>
<rewrite name="http-to-https" redirect="true" target="https://myhostname:8443%U"/>
</filters>

Then, enable the filter and configure a predicate in the host section. The predicate is where you configure what the rewrite filter applies to. In the example below, our rewrite filter will only apply to requests going to port 8080.

    <server name="default-server">
        <host name="default-host" alias="localhost">
            ...
            <filter-ref name="http-to-https" predicate="equals(%p,8080)"/>

Here are the JBoss CLI steps for the same configuration changes above:

/subsystem=undertow/configuration=filter/rewrite=http-to-https:add(redirect="true",target="https://myhostname:8443%U")
/subsystem=undertow/server=default-server/host=default-host/filter-ref=http-to-https:add(predicate="equals(%p,8080)")
1
votes

As of WildFly 15: admin console -> web -> filters -> add rewrite rule https://%v%U

Then add it to every host you wish with the condition equals(%p,80).

No need to create a rule for every host.

https://leponceau.org/programming/2019-02-06-configuring-wildfly-to-redirect-https-to-http.html

0
votes

I tried 

<rewrite name="http-to-https" redirect="true" target="https://my.website.com:443/Web/"/>

As you can see without %U

It redirects all HTTP traffic to HTTPS