2

My web.xml has the following security constraint:

<security-constraint> 
    <web-resource-collection>     
        <web-resource-name>App</web-resource-name> 
        <url-pattern>/*</url-pattern>
    </web-resource-collection> 
    <user-data-constraint> 
        <transport-guarantee>CONFIDENTIAL</transport-guarantee> 
    </user-data-constraint> 
</security-constraint>

This configuration redirects all http URLs to https via 302 redirects. Is there a way to accomplish the same except via 301 redirects in Wildfly 8.2?

k170
  • 383
  • 5
  • 18
  • The only thing I can think of is to edit undertow itself....no idea how to do that though. – Brooks Oct 21 '15 at 20:21
  • 2
    You indeed need a custom [`ServletExtension`](https://http2.undertow.io/documentation/servlet/servlet-extensions.html). I only can't tell implementation detail from top of head right now. – BalusC Oct 22 '15 at 19:59
  • @BalusC, I'll take a look at this approach. I'd appreciate it if you can find the time to provide an example. Until then I'll keep reading. – k170 Oct 26 '15 at 14:57
  • Have you found an answer to this question in the meantime @k170 ? – Thermometer Feb 29 '16 at 08:10
  • @Thermometer, still no answer unfortunately. If I do find one, I'll be sure to post it. – k170 Mar 18 '16 at 18:21

1 Answers1

0

One way I can think of is using Predicates based handlers in undertow. See the example in the link below:

https://http2.undertow.io/documentation/core/predicates-attributes-handlers.html

The example explains a configurable 302 response based on request path. I think you can tweak it to return 301.

Mohit
  • 1,740
  • 1
  • 15
  • 19
  • Does that really work on j_security_check too? I don't think so. Or have you tried it yourself? – BalusC Oct 26 '15 at 14:59