Jelastic - Firefox gives “This page isn't redirecting properly” when Accessing a Secure Page using GlassFish Server (HTTPS)
Question
Good day!
I am currently testing my newly developed Web Application ( Online Public Access Catalog ) online using Jelastic as the web hosting site. The Web App is working perfectly when I deploy it on my computer locally. After deploying it in Jelastic, it displays the home page (unsecured page). But when I tried to access any secure page of the Web App (https), like clicking the "Login" button or "Sign Up" button, the Mozilla Firefox browser displays an error "The page isn't redirecting properly". In Chromium , it displays an error "This web page has a redirect loop". I have turned on SSL on my Jelastic account. When I look at the server logs, it gives me this error:
JACC Policy Provider: Failed Permission Check, context(ROOT/ROOT)- permission(("javax.security.jacc.WebUserDataPermission" "/logMeIn.do" "GET"))
Everything works fine except for this situation. I think it has something to do with the security configurations of the server or a bug, but I tried searching it for days but can't find any solution.
Could someone help me fix this?
Here is the security part of the web.xml file.
<security-constraint>
<display-name>AdminSecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>AdminWebResource</web-resource-name>
<description/>
<url-pattern>/administerDB.do</url-pattern>
<url-pattern>/viewBooks.do</url-pattern>
<url-pattern>/addBooks.do</url-pattern>
<url-pattern>/processAddingOfBooks.do</url-pattern>
<url-pattern>/addingOfBooksSuccessful.do</url-pattern>
<url-pattern>/editBooks.do</url-pattern>
<url-pattern>/editBooksForm.do</url-pattern>
<url-pattern>/addingOfBooksFailed.do</url-pattern>
<url-pattern>/bookNumberNotFound.do</url-pattern>
<url-pattern>/processEditingOfBooks.do</url-pattern>
<url-pattern>/removeBooks.do</url-pattern>
<url-pattern>/processRemovingOfBook.do</url-pattern>
<url-pattern>/editSuccess.do</url-pattern>
<url-pattern>/removeBookSuccessful.do</url-pattern>
<url-pattern>/noChanges.do</url-pattern>
<url-pattern>/changeAccountSettings.do</url-pattern>
<url-pattern>/bookNumberNotFoundDel.do</url-pattern>
<url-pattern>/logMeOut.do</url-pattern>
<url-pattern>/logMeIn.do</url-pattern>
<url-pattern>/confirmAdminChanges.do</url-pattern>
<url-pattern>/viewBookRequests.do</url-pattern>
<url-pattern>/verifyAccount.do</url-pattern>
<url-pattern>/removeBorrowRequest.do</url-pattern>
<url-pattern>/Admin/*</url-pattern>
<url-pattern>/Delete/*</url-pattern>
<url-pattern>/Insert/*</url-pattern>
<url-pattern>/Select/*</url-pattern>
<url-pattern>/Update/*</url-pattern>
<url-pattern>/viewReturnedBooks.do</url-pattern>
<url-pattern>/verifyBookReturn.do</url-pattern>
<http-method>GET</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>Admin</role-name>
</auth-constraint>
<user-data-constraint>
<description/>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>MemberSecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>MemberWebResource</web-resource-name>
<description/>
<url-pattern>/logMeOut.do</url-pattern>
<url-pattern>/logMeIn.do</url-pattern>
<url-pattern>/memberPage.do</url-pattern>
<url-pattern>/processBorrowRequest.do</url-pattern>
<url-pattern>/removeBorrowRequest.do</url-pattern>
<url-pattern>/Member/*</url-pattern>
<http-method>GET</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>Member</role-name>
</auth-constraint>
<user-data-constraint>
<description/>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>GuestSecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>IndexWebResource</web-resource-name>
<description/>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/advancedSearch.do</url-pattern>
<url-pattern>/signMeUp.do</url-pattern>
<url-pattern>/confirmSignup.do</url-pattern>
<url-pattern>/errorBookNotFound.do</url-pattern>
<url-pattern>/sortMyBook.do</url-pattern>
<url-pattern>/sortMyBookAdvanced.do</url-pattern>
<url-pattern>/Search/*</url-pattern>
<url-pattern>/Login/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<description/>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>OpacRealm</realm-name>
<form-login-config>
<form-login-page>/Login/loginPage.html</form-login-page>
<form-error-page>/Login/loginError.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>Admin</role-name>
</security-role>
<security-role>
<description/>
<role-name>Member</role-name>
</security-role>
And here is the sun-web.xml file.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD GlassFish Application Server 3.0 Servlet 3.0//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_3_0-0.dtd">
<sun-web-app error-url="">
<security-role-mapping>
<role-name>Admin</role-name>
<group-name>Admin</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>Member</role-name>
<group-name>Member</group-name>
</security-role-mapping>
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java code.</description>
</property>
</jsp-config>
</sun-web-app>
Thanks in advance... And also, how could I make the above code correct in the web.xml file since it seems that the code from Admin/* is read as comment rather than a part of the code. Thanks...
1 answers
solution1
0 2015-05-09 12:34:02
I have checked the provided URL and it's looks like that you did not configured the SSL at the Jelastic account.
In case if there were problems with the deployed application the error code would be like as 502 application down or 500 Internal Server Error.
To solve the Permission Check issue you may try to update web.xml configuration file and add the following content into the web-app section:
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<!-- auth-constraint goes here if you require authentication -->
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
Also, I suppose that mentioned application is deployed like as multiple application. If you develop multiple applications that require more than this default set of permissions, you can add the custom permissions that your applications need. The com.sun.aas.instanceRoot variable refers to the domain-dir. For example:
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/-" {
...
}
You can add permissions to stub code with the following grant block:
grant codeBase "file:${com.sun.aas.instanceRoot}/generated/-" {
...
}
In general, you should add extra permissions only to the applications or modules that require them, not to all applications deployed to a domain. For example:
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/MyApp/-" {
...
}
For a module:
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/MyModule/-" {
...
}
The Permissions settings file is server.policy located at /opt/shared/glassfish/domains/domain1/config/server.policy
Wish you good luck and please keep me posted)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.