Hi all -
Here is another HTTPS port redirection question..
I've found a couple on here that have been answered already, but aren't quite delivering the result I'm looking for.
Server info:
Ubuntu 13.04 server x64
Jira 6.1 (using installer bin)
Apache2 -> for mod_redirect
Jira configured for HTTP & HTTPS (redirect)
Desired result:
User goes to http://jira.doma.in and gets redirected to https://jira.doma.in
Service to be running on 8443 (as cannot run on 80/443 unless root)
Base URL to be set to https://jira.doma.in for linking, etc
Current results:
User goes to http://jira.doma.in and is redirected to https://jira.doma.in:8443/, launching JIRA.
User goes to https://jira.doma.in and no page is displayed.
When logged in to JIRA console, notification bar alerts that the base domain is set to https://jira.doma.in yet we are accessing from https://jira.doma.in:8443/
Below is my server.xml and httpd.conf sections that have been edited to attempt to get the desired redirect.
I have attempted to use rinetd with no success, and it doesn't appear iptables is configured in this version of ubuntu (additionally I have read elsewhere not to use iptables for this anyway.)
Please let me know if you have any suggestions to alternative methods / see any errors in my configurations below.
Many thanks!
--
server.xml:
<Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8080" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true" proxyName="jira.doma.in" proxyPort="80" />
<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" keyAlias="jira" keystoreFile="/opt/atlassian/jira/jira.jks" keystorePass="fafdfr3qrvzfffdfsagfgg" keystoreType="JKS" maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="8443" protocol="org.apache.coyote.http11.Http11Protocol" scheme="https" secure="true" sslProtocol="TLS" useBodyEncodingForURI="true"/></Service> </Server>
/etc/apache2/httpd.conf:
LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://jira.doma.in:8080/ ProxyPassReverse / http://jira.doma.in:8080/ <Location /> Order allow,deny Allow from all </Location> LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so <VirtualHost *:443> ServerName jira.doma.in SSLProxyEngine On SSLProxyCheckPeerCN on SSLProxyCheckPeerExpire on ProxyPass / https://jira.doma.in:8443/ ProxyPassReverse / https://jira.doma.in:8443/ </VirtualHost>
<filter>
<filter-name>httpslogin</filter-name>
<filter-class>com.orgname.jira.filter.HttpsFilter</filter-class>
<init-param>
<param-name>destinationport</param-name>
<param-value>8443</param-value>
</init-param>
<init-param>
<param-name>requestedport</param-name>
<param-value>443</param-value>
</init-param>
</filter>
u can write public class HttpsFilter implements Filter and implements doFilter
In the void function rewrite the url with required port. then it should work.
we are using the method to auto redirect to https , when employee is trying to access with http
Hope this may help you.
Effectively, the only thing required is for JIRA to accept connections on :443..
if there is a way (other than mapping to 443 as a root user) for this to occur without simply redirecting the address to :8443 (as this will still alert as an incorrect baseurl) - that would be fantastic.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You can write a filter in web.xml of WEB-INF. This filter can redirect all the url coming on 443 to 8443
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Are you able to provide an example? My experience with this is quite limited..
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.