Bug 1029687 - [GSS] (6.3) Logout of secured (ssl) admin console setup redirects to http address
Summary: [GSS] (6.3) Logout of secured (ssl) admin console setup redirects to http add...
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web Console
Version: 6.2.0
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: DR2
: EAP 6.3.0
Assignee: Darran Lofthouse
QA Contact: Jakub Cechacek
Russell Dickenson
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 1051171
TreeView+ depends on / blocked
 
Reported: 2013-11-12 22:32 UTC by Chris Dolphy
Modified: 2018-12-04 16:18 UTC (History)
12 users (show)

(edit)
In previous versions of JBoss EAP 6, users logging out of a secured administration console (over HTTPS) would be incorrectly redirected to standard HTTP addresses and the logout would fail.

This was because the redirects were hardcoded to use HTTP addresses. 

In this release of the product, the redirects have been updated to take into account if the user is accessing the interface over HTTP or HTTPS and redirect appropriately.
Clone Of:
: 1051171 (view as bug list)
(edit)
Last Closed: 2014-06-28 15:28:22 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker WFLY-2498 Major Resolved Logout of secured (ssl) admin console setup redirects to http address 2014-07-24 07:29:09 UTC

Description Chris Dolphy 2013-11-12 22:32:59 UTC
Description of problem:
Logging out of an admin console secured with SSL (on port 9443) redirects to http address (e.g. http://localhost:9443/logout?logout) which leads to a Page Not Found error.


Version-Release number of selected component (if applicable):
EAP 6.2-beta (and 6.1.1)

How reproducible:
reliably

Steps to Reproduce:
1. Setup HTTPS for admin console (I uesd the standalone instructions at  https://access.redhat.com/site/solutions/229963) 
2. Login to admin console (e.g. https://localhost:9443/console)
3. Click logout button and see address bar go to http address.

Actual results:
Page Not Foun

Expected results:
Logout without error.  Not sure that you can logout with basic auth, but at least there shouldn't be the wrong page.

Additional info:

Comment 3 JBoss JIRA Server 2014-01-03 18:19:11 UTC
Darran Lofthouse <darran.lofthouse@jboss.com> updated the status of jira WFLY-2498 to Coding In Progress

Comment 5 FIlip Bogyai 2014-02-24 14:00:58 UTC
Verification on EAP 6.3.0.DR0 failed. The behavior is the same as in comment #1

Comment 6 FIlip Bogyai 2014-02-24 14:47:41 UTC
Source code for 6.3.0.DR0 doesn't contain fix for this issue : https://github.com/jbossas/jboss-eap/pull/748

Comment 7 Kabir Khan 2014-02-25 09:40:42 UTC
Seems I had not merged this anyway. Merged now

Comment 8 FIlip Bogyai 2014-02-26 09:55:41 UTC
Verification on EAP 6.3.0.DR1 failed. This is already merged in 6.x branch, but it didn't get into DR1. I will verify it in DR2.

Comment 9 FIlip Bogyai 2014-03-06 09:51:10 UTC
Verified on EAP 6.3.0.DR2


Note You need to log in before you can comment on or make changes to this bug.