How to get connector within jboss to redirect 18080 to 18443

Document ID:  TEC1977561
Last Modified Date:  06/19/2017
{{active ? 'Hide' : 'Show'}} Technical Document Details

Products

  • CA Privileged Identity Manager

Releases

  • CA Privileged Identity Manager:Release:12.8
  • CA Privileged Identity Manager:Release:12.9

Components

  • CA ControlMinder:SEOSWG
Introduction:

How to get http url for ENTM UI http://fqdn.of.ENTM.box:18080/iam/ac/ using port 18080 to redirect to use https using secure port 18443 https://fqdn.of.ENTM.box:18443/iam/ac/

Background:

You have users that are directly accessing ENTM UI using non-ssl URL and not the secure https SSL URL because they are not being forced to redirect.

Environment:
ENTM 12.9.01 on Windows 2012R2
Instructions:

For doing the redirection to 18443. Please follow the steps below:

1) Stop Jboss
2) Remove tmp and work
3) Edit server.xml

-- Make sure the redirect port for the http connector is your https port. (18443)

<Connector SSLEnabled="true" URIEncoding="UTF-8" clientAuth="false" emptySessionPath="true" keyAlias="entm" keystoreFile="D:\CA\jboss\jboss-4.2.3.GA\server\default\deploy\IdentityMinder.ear\custom\ppm\truststore\ssl.keystore" keystorePass="secret" maxThreads="150" port="18443" protocol="HTTP/1.1" scheme="https" secure="true" server="PIM" sslProtocols="TLSv1,TLSv1.1,TLSv1.2"/>

<Connector URIEncoding="UTF-8" acceptCount="150" address="${jboss.bind.address}" connectionTimeout="20000" disableUploadTimeout="true" emptySessionPath="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="250" port="18080" protocol="HTTP/1.1" redirectPort="18443" server="PIM"/>

change this line as well so it redirects to 18443:

<Connector address="${jboss.bind.address}" emptySessionPath="true" enableLookups="false" port="18009" protocol="AJP/1.3" redirectPort="18443"/>

4) Edit C:\jboss-4.2.3.GA\server\default\deploy\IdentityMinder.ear\user_console.war\WEB-INF\web.xml

-- add all the below content at the bottom of the page ( right before the closing tag <\web-app> )

<security-constraint>
<web-resource-collection>
<web-resource-name>PIM</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>


5) Restart Jboss

You may also need to change the baseURL info in the idmmanage console under ac-env as mentioned at the bottom of this techdoc TEC606700:

https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.TEC606700.html

Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255

{{status}}

Not what you were looking for?

Search Again >

Product Information

Support by Product >

Communities

Join a Community >

Chat with CA

Just give us some brief information and we'll connect you to the right CA ExpertCA sales representative.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing