How to disable HTTP interface to ENTM GUI so that it can only be accessed via HTTPS?

Document ID : KB000019289
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

By default HTTP and HTTPS are both enabled to access the JBoss ENTM GUI.

For security reasons it might be desired to disable the HTTP interface only allowing access via HTTPS.

Solution:

In order to disable the JBOSS HTTP interface do the following

  • Ddit the file server.xml located in the following path
    <Drive/Directory>/jboss-4.2.3.GA/server/default/deploy/jboss-web.deployer/server.xml
  • Locate the HTTP connector definition
    ...
    <Connector
    URIEncoding="UTF-8" acceptCount="150" address="${jboss.bind.address}"
    connectionTimeout="20000" disableUploadTimeout="true"
    emptySessionPath="true" enableLookups="false" maxHttpHeaderSize="8192"
    maxThreads="250" port="18080" protocol="HTTP/1.1" redirectPort="18443"
    />
    ...
  • Delete the complete clause or put it in between comments
    <!--
    ...
    -->
  • Save the file and restart JBoss
  • Access the ENTM GUI in your Web Browser via HTTPS
    https://fqdn.of.ENTM.box:18443/iam/ac/
  • Verify that access to the ENTM GUI via HTTP is not working
    http://fqdn.of.ENTM.box:18080/iam/ac/

Finally change the base url of the ac-env

  • Open the ENTM Management Console
    https://fqdn.of.ENTM.box:18443/idmmanage
  • Click on Environments and then on ac-env.
    Locate the "Base URL" field. and update this field to reflect the new URL on port 18443, e.g
    https://fqdn.of.ENTM.box:18443/iam
  • Click on Save and Restart the environment.