How to rewrite a RewriteValve for Undertow / JBoss 7.2 EAP?

Question

I'm migrating from JBoss 6.4.3 to JBoss 7.2 and saw a Valves are no longer supported warning during deployment. This came from a jboss-web.xml file with:

<valve>
    <class-name>org.jboss.web.rewrite.RewriteValve</class-name>
</valve>

...and a corresponding rewrite.properties file:

RewriteCond %{HTTP:X-Forwarded-Proto} http
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

Could anyone advise how to rewrite this (no pun intended) for Undertow?

This is not really a regex question. The rewrite rule just sends all http requests to https. — jdaz, Jul 22 '20 at 07:53

score 1 · Accepted Answer · edited Jul 25 '20 at 07:32

You can create a rewrite filter in the Undertow subsystem, and then reference it in the server host within the configuration file (standalone.xml or domain.xml - depending on the mode in which you start the application server).

I can think of two options, which might help you:

Using the JBoss Application Server Client (should be placed in path/to/jboss-7.2/bin/)

Creating the rewrite filter with the custom name redirect-http-to-https:

./jboss-cli.sh --connect --command="/subsystem=undertow/configuration=filter/rewrite=redirect-http-to-https:add(redirect=\"true\",target=\"https://%{LOCAL_SERVER_NAME}%{REQUEST_URL}\")"

Using/referencing the filter redirect-http-to-https:

./jboss-cli.sh --connect --command="/subsystem=undertow/server=default-server/host=default-host/filter-ref=redirect-http-to-https:add(predicate=\"equals(%p,80)\")"

Manually editing the respective config file (e.g. standalone.xml)

<subsystem xmlns="urn:jboss:domain:undertow:11.0" default-server="default-server" [...]>
            <buffer-cache name="default"/>
    <server name="default-server">
        [...]
        <host name="default-host" alias="localhost">
            <filter-ref name="redirect-http-to-https" predicate="equals(%p,80)"/>
        </host>
    </server>
    [...]
    <filters>
        <rewrite name="redirect-http-to-https" target="https://%{LOCAL_SERVER_NAME}%{REQUEST_URL}" redirect="true"/>
    </filters>
</subsystem>

Note: For the Undertow exchange attributes (e.g. LOCAL_SERVER_NAME) refer to Undertow documentation. Further, the part predicate=\"equals(%p,80)\" in the filter-refchecks the requested port (%p -> just another Undertow exchange attribute) and if it equals to 80, then it triggers our redirect filter redirect-http-to-https - you can change the port 80 as per your need.

Thanks for the answer. Do you know if there is a way of doing this in a jboss-web.xml file? — Steve Chambers, Jul 24 '20 at 07:29
@SteveChambers Sorry, I never worked with `jboss-web.xml` before. If you have the possibility to use a reverse-proxy-server like Nginx, I would rather use it instead of reconfiguring the Undertow. — Kenan Güler, Aug 17 '20 at 21:47
@SteveChambers My port is not getting changed (stays 8080) if I'm using any exchange attributes. It works without, for example: `target="https://localhost:8443/myapp"`. Any idea? I've tried multiple combinations, but one sample is `https://%{LOCAL_SERVER_NAME}:8443%{REQUEST_URL}` — user3758745, Aug 27 '20 at 19:45

How to rewrite a RewriteValve for Undertow / JBoss 7.2 EAP?

1 Answers1