Bug 1029687

Summary: [GSS] (6.3) Logout of secured (ssl) admin console setup redirects to http address
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Chris Dolphy <cdolphy>
Component: Web ConsoleAssignee: Darran Lofthouse <darran.lofthouse>
Status: CLOSED CURRENTRELEASE QA Contact: Jakub Cechacek <jcechace>
Severity: urgent Docs Contact: Russell Dickenson <rdickens>
Priority: urgent    
Version: 6.2.0CC: ahoness, bmaxwell, brian.stansberry, darran.lofthouse, erich, fbogyai, hbraun, jkudrnac, kkhan, krathod, myarboro, smumford
Target Milestone: DR2   
Target Release: EAP 6.3.0   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
In previous versions of JBoss EAP 6, users logging out of a secured administration console (over HTTPS) would be incorrectly redirected to standard HTTP addresses and the logout would fail. This was because the redirects were hardcoded to use HTTP addresses. In this release of the product, the redirects have been updated to take into account if the user is accessing the interface over HTTP or HTTPS and redirect appropriately.
Story Points: ---
Clone Of:
: 1051171 (view as bug list) Environment:
Last Closed: 2014-06-28 15:28:22 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 1051171    

Description Chris Dolphy 2013-11-12 22:32:59 UTC
Description of problem:
Logging out of an admin console secured with SSL (on port 9443) redirects to http address (e.g. http://localhost:9443/logout?logout) which leads to a Page Not Found error.

Version-Release number of selected component (if applicable):
EAP 6.2-beta (and 6.1.1)

How reproducible:

Steps to Reproduce:
1. Setup HTTPS for admin console (I uesd the standalone instructions at  https://access.redhat.com/site/solutions/229963) 
2. Login to admin console (e.g. https://localhost:9443/console)
3. Click logout button and see address bar go to http address.

Actual results:
Page Not Foun

Expected results:
Logout without error.  Not sure that you can logout with basic auth, but at least there shouldn't be the wrong page.

Additional info:

Comment 3 JBoss JIRA Server 2014-01-03 18:19:11 UTC
Darran Lofthouse <darran.lofthouse@jboss.com> updated the status of jira WFLY-2498 to Coding In Progress

Comment 5 FIlip Bogyai 2014-02-24 14:00:58 UTC
Verification on EAP 6.3.0.DR0 failed. The behavior is the same as in comment #1

Comment 6 FIlip Bogyai 2014-02-24 14:47:41 UTC
Source code for 6.3.0.DR0 doesn't contain fix for this issue : https://github.com/jbossas/jboss-eap/pull/748

Comment 7 Kabir Khan 2014-02-25 09:40:42 UTC
Seems I had not merged this anyway. Merged now

Comment 8 FIlip Bogyai 2014-02-26 09:55:41 UTC
Verification on EAP 6.3.0.DR1 failed. This is already merged in 6.x branch, but it didn't get into DR1. I will verify it in DR2.

Comment 9 FIlip Bogyai 2014-03-06 09:51:10 UTC
Verified on EAP 6.3.0.DR2