So I have this app running on openshift that uses the wildfly 8.1 cartridge.
I would like to force all urls to go through https instead of http.
Https is working fine, but I can also access the same pages using http. Which is what I want to disable.
I've found this KB article: https://www.openshift.com/kb/kb-e1044-how-to-redirect-traffic-to-https
but this doesn't describe the configuration for wildfly specifc.
This is my standalone.xml config from wildfly on openshift: http://pastebin.com/hg7WY5Uj
Fixed.
Added the following to my web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Viewpoint Secure URLs</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
This results in a redirect to https for every url. But the port is 8443. To use the default port 443 I've adjusted my config/standalone.xml:
In the socket-binding-group change:
<socket-binding name="https" port="${jboss.https.port:8443}"/>
to
<socket-binding name="https" port="${jboss.https.port:443}"/>
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 老娘就宠你 的文章《How to force https on wildfly 8.1 in openshift?》','https://www.manongdao.com/article-726462.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}