Step1 -->locate the server.xml inside jboss/server/<NAME>/deploy/jbossweb-tomcat55.sar/, and then change the port=”8080″ parameter in the HTTP Connector to your wishes, for example port 80 as I have done it here.
<!-- A HTTP/1.1 Connector on port 8080 -->
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}"
maxThreads="250" strategy="ms" maxHttpHeaderSize="8192"
emptySessionPath="true"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true"/>
Step2 -->Find the “Host” section, and uncomment the following Valve
<!-- Uncomment to enable single sign-on across web apps
deployed to this host. Does not provide SSO across a cluster.
If this valve is used, do not use the JBoss ClusteredSingleSignOn
valve shown below.
A new configuration attribute is available beginning with
release 4.0.4:
cookieDomain configures the domain to which the SSO cookie
will be scoped (i.e. the set of hosts to
which the cookie will be presented). By default
the cookie is scoped to "/", meaning the host
that presented it. Set cookieDomain to a
wider domain (e.g. "xyz.com") to allow an SSO
to span more than one hostname.
-->
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
Step3 -->In your jboss-web.xml it’s important that all the web applications that are going to “exchange” credentials points to the same security-domain
<jboss-web>
<security-domain>
java:/jaas/USE_THE_SAME_APPLICATION_POLICY_HERE</security-domain>
<context-root>/YOUR_APPLICATION_ROOT</context-root> (OPTIONAL)
</jboss-web>
Step4 -->I’m using a self-signed certificate in my application, but the procedure would be more or less the same even if you are going to use a certificate from a Certification Authority.
Generate the keystore. keytool -genkey -alias
tomcat -keyalg RSA -keystore NAME_OF_KEYSTORE -validity NUMBER_OF_DAYS
Here is my
Ant Target for it which you can mention in your build.properties file to automate it using build.xml:
<target name="generate-selfsignedcert-keystore" depends="generate-certificate-request">
<delete file="conf/xyz.keystore" failonerror="false" />
<exec executable="${keytool}" spawn="true">
<arg value="-genkey"/>
<arg value="-keystore"/>
<arg value="conf/xyz.keystore"/>
<arg value="-storepass"/>
<arg value="mypassword"/>
<arg value="-keypass"/>
<arg value="mypassword"/>
<arg value="-keyalg"/>
<arg value="RSA"/>
<arg value="-validity"/>
<arg value="365"/>
<arg value="-alias"/>
<arg value="xyz"/>
<arg value="-dname"/>
<arg value="CN=YOUR-APPLICATION-CN,OU=Solutions Engineering,O=YOUR-APPLICATION-ORG,L=YOUR-APPLICATION-LOCATION,S=YOUR-APPLICATION-LOCATION-STATE,C=YOUR-APPLICATION-COUNTRY-CODE"/>
</exec>
</target>
Step5 --> Configure the generated keystore in server.xml:
<!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
<Connector protocol="HTTP/1.1" SSLEnabled="true"
port="8443" address="${jboss.bind.address}"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/xyz.keystore"
keystorePass="mypassword" sslProtocol = "TLS" />
You should be all set.