My setup: A https loadbalancer with http wildflynodes running in domain mode Entry to the application by https loadbalancer to application nodes : 443 to 8080 & 8180 - application forwarding works, and all functions are usable of the application.
The problem appears only for SOAP-Webservice.
The wsdl is accessible under https//loadbalancerurl:443/.. and the problem comes by accessing the webservice methods.
The problem seems to be forwarding from 443 to confidential port 8443 - the error message is when the access from client to the SOAP-webservice happens:
UT010053: No confidential port is available to redirect the current request.
I know that this comes from Undertow-Servlet from here:
protected URI getRedirectURI(HttpServerExchange exchange) throws URISyntaxException {
int port = portManager.getConfidentialPort(exchange);
if (port < 0) {
throw MESSAGES.noConfidentialPortAvailable();
}
return super.getRedirectURI(exchange, port);
}
So port is < 0.
So the question is how to achieve for Undertow that confidentialport will be delivered = is configured in the right way ?
My domain xml contains:
<server name="default-server">
<ajp-listener name="ajp" socket-binding="ajp"/>
<http-listener name="default" socket-binding="http" certificate-forwarding="true" proxy-address-forwarding="true" />
</server>
<socket-binding-group name="pze4-sockets" default-interface="public">
<socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
<socket-binding name="http" port="${jboss.http.port:8080}"/>
<socket-binding name="https" port="${jboss.https.port:8443}"/>
<socket-binding name="iiop" interface="unsecure" port="3528"/>
<socket-binding name="iiop-ssl" interface="unsecure" port="3529"/>
<socket-binding name="txn-recovery-environment" port="4712"/>
<socket-binding name="txn-status-manager" port="4713"/>
<outbound-socket-binding name="mail-smtp">
<remote-destination host="localhost" port="25"/>
</outbound-socket-binding>
</socket-binding-group>
In the application jboss-webservices.xml Confidential is configured:
<?xml version="1.0" encoding="UTF-8" ?>
<webservices xmlns="http://www.jboss.com/xml/ns/javaee">
<port-component>
<ejb-name>MyWebservice</ejb-name>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</port-component>
</webservices>
The same setup of loadbalancer and wildfly-nodes had worked for Wildfly8 for the SOAP Webservice.
My tries so far:
Adding the https-listener did not help:
<https-listener name="https" socket-binding="https" security-realm="ApplicationRealm"/>
The hint from did not work too:
https://developer.jboss.org/thread/270026
Adding the SSL-cetrifacate to java on the nodes did not help too.
Any ideas ?
Thanks in advance
You are missing redirect-socket attribute in http-listener it solved my problem see here : https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.0/html/configuration_guide/configuring_the_web_server_undertow