Jelastic-使用GlassFish Server(HTTPS)访问安全页面时,Firefox给出“此页面无法正确重定向”
[英]Jelastic - Firefox gives “This page isn't redirecting properly” when Accessing a Secure Page using GlassFish Server (HTTPS)
问题描述
Good day! 
美好的一天!
I am currently testing my newly developed Web Application ( Online Public Access Catalog ) online using Jelastic as the web hosting site. 我目前正在使用Jelastic作为虚拟主机站点Online Public Access Catalog测试我新开发的Web应用程序( Online Public Access Catalog )。 The Web App is working perfectly when I deploy it on my computer locally. 当我在本地计算机上部署Web App时,它运行良好。 After deploying it in Jelastic, it displays the home page (unsecured page). 在Jelastic中部署它之后,它将显示主页(不安全的页面)。 But when I tried to access any secure page of the Web App (https), like clicking the "Login" button or "Sign Up" button, the Mozilla Firefox browser displays an error "The page isn't redirecting properly". 但是,当我尝试访问Web应用程序(https)的任何安全页面时,例如单击“登录”按钮或“注册”按钮时,Mozilla Firefox浏览器将显示错误“页面无法正确重定向”。 In Chromium , it displays an error "This web page has a redirect loop". 在Chromium ,它显示错误“此网页具有重定向循环”。 I have turned on SSL on my Jelastic account. 我已经在我的Jelastic帐户上启用了SSL 。 When I look at the server logs, it gives me this error: 当我查看服务器日志时,它给了我这个错误:
JACC Policy Provider: Failed Permission Check, context(ROOT/ROOT)- permission(("javax.security.jacc.WebUserDataPermission" "/logMeIn.do" "GET"))
Everything works fine except for this situation. 除这种情况外,一切都正常。 I think it has something to do with the security configurations of the server or a bug, but I tried searching it for days but can't find any solution. 我认为这与服务器的安全性配置或错误有关,但我尝试搜索了好几天,但找不到任何解决方案。
Could someone help me fix this? 有人可以帮我解决这个问题吗?
Here is the security part of the web.xml file. 这是web.xml文件的安全性部分。
<security-constraint>
<display-name>AdminSecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>AdminWebResource</web-resource-name>
<description/>
<url-pattern>/administerDB.do</url-pattern>
<url-pattern>/viewBooks.do</url-pattern>
<url-pattern>/addBooks.do</url-pattern>
<url-pattern>/processAddingOfBooks.do</url-pattern>
<url-pattern>/addingOfBooksSuccessful.do</url-pattern>
<url-pattern>/editBooks.do</url-pattern>
<url-pattern>/editBooksForm.do</url-pattern>
<url-pattern>/addingOfBooksFailed.do</url-pattern>
<url-pattern>/bookNumberNotFound.do</url-pattern>
<url-pattern>/processEditingOfBooks.do</url-pattern>
<url-pattern>/removeBooks.do</url-pattern>
<url-pattern>/processRemovingOfBook.do</url-pattern>
<url-pattern>/editSuccess.do</url-pattern>
<url-pattern>/removeBookSuccessful.do</url-pattern>
<url-pattern>/noChanges.do</url-pattern>
<url-pattern>/changeAccountSettings.do</url-pattern>
<url-pattern>/bookNumberNotFoundDel.do</url-pattern>
<url-pattern>/logMeOut.do</url-pattern>
<url-pattern>/logMeIn.do</url-pattern>
<url-pattern>/confirmAdminChanges.do</url-pattern>
<url-pattern>/viewBookRequests.do</url-pattern>
<url-pattern>/verifyAccount.do</url-pattern>
<url-pattern>/removeBorrowRequest.do</url-pattern>
<url-pattern>/Admin/*</url-pattern>
<url-pattern>/Delete/*</url-pattern>
<url-pattern>/Insert/*</url-pattern>
<url-pattern>/Select/*</url-pattern>
<url-pattern>/Update/*</url-pattern>
<url-pattern>/viewReturnedBooks.do</url-pattern>
<url-pattern>/verifyBookReturn.do</url-pattern>
<http-method>GET</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>Admin</role-name>
</auth-constraint>
<user-data-constraint>
<description/>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>MemberSecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>MemberWebResource</web-resource-name>
<description/>
<url-pattern>/logMeOut.do</url-pattern>
<url-pattern>/logMeIn.do</url-pattern>
<url-pattern>/memberPage.do</url-pattern>
<url-pattern>/processBorrowRequest.do</url-pattern>
<url-pattern>/removeBorrowRequest.do</url-pattern>
<url-pattern>/Member/*</url-pattern>
<http-method>GET</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>Member</role-name>
</auth-constraint>
<user-data-constraint>
<description/>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>GuestSecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>IndexWebResource</web-resource-name>
<description/>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/advancedSearch.do</url-pattern>
<url-pattern>/signMeUp.do</url-pattern>
<url-pattern>/confirmSignup.do</url-pattern>
<url-pattern>/errorBookNotFound.do</url-pattern>
<url-pattern>/sortMyBook.do</url-pattern>
<url-pattern>/sortMyBookAdvanced.do</url-pattern>
<url-pattern>/Search/*</url-pattern>
<url-pattern>/Login/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<description/>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>OpacRealm</realm-name>
<form-login-config>
<form-login-page>/Login/loginPage.html</form-login-page>
<form-error-page>/Login/loginError.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>Admin</role-name>
</security-role>
<security-role>
<description/>
<role-name>Member</role-name>
</security-role>
And here is the sun-web.xml file. 这是sun-web.xml文件。
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD GlassFish Application Server 3.0 Servlet 3.0//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_3_0-0.dtd">
<sun-web-app error-url="">
<security-role-mapping>
<role-name>Admin</role-name>
<group-name>Admin</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>Member</role-name>
<group-name>Member</group-name>
</security-role-mapping>
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java code.</description>
</property>
</jsp-config>
</sun-web-app>
Thanks in advance... And also, how could I make the above code correct in the web.xml file since it seems that the code from Admin/* is read as comment rather than a part of the code. 在此先感谢...而且,我该如何在web.xml文件中使上面的代码正确,因为似乎Admin / *中的代码被视为注释而不是代码的一部分。 Thanks... 谢谢...
1 个解决方案
解决方案1
0 2015-05-09 12:34:02
I have checked the provided URL and it's looks like that you did not configured the SSL at the Jelastic account. 我检查了提供的URL,看来您没有在Jelastic帐户中配置SSL。
In case if there were problems with the deployed application the error code would be like as 502 application down or 500 Internal Server Error. 如果部署的应用程序出现问题,则错误代码将类似于502 application down或500 Internal Server Error。
To solve the Permission Check issue you may try to update web.xml configuration file and add the following content into the web-app section: 要解决权限检查问题,您可以尝试更新web.xml配置文件,并将以下内容添加到web-app部分:
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<!-- auth-constraint goes here if you require authentication -->
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
Also, I suppose that mentioned application is deployed like as multiple application. 另外,我想提到的应用程序像多个应用程序一样部署。 If you develop multiple applications that require more than this default set of permissions, you can add the custom permissions that your applications need. 如果您开发的多个应用程序需要的权限超出此默认权限集,则可以添加应用程序所需的自定义权限。 The com.sun.aas.instanceRoot variable refers to the domain-dir. com.sun.aas.instanceRoot变量引用域目录。 For example: 例如:
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/-" {
...
}
You can add permissions to stub code with the following grant block: 您可以使用以下授予块将权限添加到存根代码:
grant codeBase "file:${com.sun.aas.instanceRoot}/generated/-" {
...
}
In general, you should add extra permissions only to the applications or modules that require them, not to all applications deployed to a domain. 通常,应仅向需要它们的应用程序或模块添加额外权限,而不应向部署到域的所有应用程序添加额外权限。 For example: 例如:
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/MyApp/-" {
...
}
For a module: 对于模块:
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/MyModule/-" {
...
}
The Permissions settings file is server.policy located at /opt/shared/glassfish/domains/domain1/config/server.policy 权限设置文件是server.policy,位于/opt/shared/glassfish/domains/domain1/config/server.policy
Wish you good luck and please keep me posted) 祝你好运,请让我发布)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.