I have implemented a REST service on glassfish4 + JAX-RS. Now I want use a https connection for authentication.
The URI for http is http://myhost/myapp/services/rest/myservice and for https is https://myhost_2/myapp/services/rest/myservice. I want prevent the usage of http://myhost/myapp/services/rest/myservice.
I think one way is redirect a request over http://myhost in the REST JAX-RS class to https://myhost_2. Is this a good way? How can I implement this?
you could answer requests to http with 301 (Moved permanently, telling the client to use the new location in future requests) pointing to the https equivalent in the location header of the response.
Related
I'm pretty new to Vertx, I'm building a reverse proxy on Quarkus.
I need to handle a redirect response from my Apache to my Quarkus reverse proxy, so that my Client doesn't get redirected directly to the Apache server (bypassing the proxy).
Resource is located in custom.url/myResource/index.php
My reverse proxy is running on localhost:8080
Basically what happens is:
Browser sends a GET request on localhost:8080/myResource, Quarkus is listening on 8080 so he receives the request, remaps the url tocustom.url/myResource and forwards to Apache.
Apache creates a redirect response, because a slash was missing at the end of the url, so he sends a 301 response with the Location header set to custom.url/myResource/ (with slash at the end) to the Quarkus reverse proxy.
Quarkus will forward the redirect response (301 custom.url/myResource/) to the Client, so he will make a GET call straight to custom.url/myResource/ bypassing the Reverse Proxy.
This behavior is not acceptable, since I can't allow the client to know the resource address of my backend service.
Code snippet
Route route = this.proxyRouter.route(method, path)
.handler(CorsHandler.create("*"))
.handler(LoggerHandler.create())
.handler(ctx ->{ //need to create an handler to handle this behaviour })
.handler(ProxyHandler.create(myProxy);
What i have to do is basically setting the Location header of the response to the correct path, including the slash.
I tried to get the request.absoluteURI() hostname, the response subdomain (with the slash) and merge them together.
request URI: localhost:8080/myResource -> localhost:8080 (1)
response Location: custom.url/myResource/ -> /myResource/ (2)
So i get the wanted Location header merging (1) and (2): localhost:8080/myResource/
Logically this works, but I don't know where and if I'm able to do this inside the handler, or if I need to do it some other way. I tried to implement this logic inside the handler, but I'm only able to get the request URI, there was no way to find the 301 response.
Need help plz.
I have the following setup
User Request --> AWS ELB Application load balancer --> Kong Gateway --> Integration
The SSL termination happens at application load balancer.
One of my endpoint makes the Integration respond a redirect URL with a code 302. Ex. when I make a request to https://api.domain.my/a/b/c should make the integration return a redirect path /x/y/z
This redirect request with a status of 302 reaches the API gateway which should add a location header to the response with the complete URL i.e. https://api.domain.my/x/y/z
But the response I get in the header on my browser is http://api.domain.my/x/y/z in the location header. I am guessing this is happening because my SSL termination happens at the ELB and hence Kong is just returning http:// in the location header.
Is there a workaround for this? How can I use the response transformer maybe to achieve this?
Is there any better way to achieve this?
Using Play Framework 2.5.6
I have secured my application with SSL.
Now, page is loaded with https I figured out this error.
Mixed Content: The page at ‘’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘’. This request has been blocked; the content must be served over HTTPS.
because on page i use rest endpoints (http) to fetch data.
I have multiple rest endpoints to fetch the data.
Is there any support that I can configure at one place like application.config,
and all rest endpoints in routes will use https instead of http??
I'm trying to redirect messages internet URL with the Application Request Routing (ARR), the component to the IIS in Windows Server.
I want to redirect that messages by the HTTP Method. Example:
HTTP POST: http://XXX.XXX.XXX.XX:7050/api/createUser
HTTP DELETE: http://XXX.XXX.XXX.XX:7050/api/deleteUser
HTTP PUT: http://XXX.XXX.XXX.XX:7050/api/modifyUser
The endpoint will be Mule (REST API Service with RAML).
Is it possible to make this filter?
I think you could do it by using choice router with this MEL expression #[message.inboundProperties.'http.method'] ?
So i have a assignment to write some REST client calls to a REST web service which does not exist.
To work around it i created a mock web service using Jersey. But i am not sure what technology the actual REST service would use.
Please advise on what technology should i use to send down the REST calls to the server.
Also if possible also give me a sample of how to send down a XML GET request to the REST service.
Thanks much for the help.
Please advise on what technology should i use to send down the REST calls to the server.
REST is HTTP. You can use anything that sends HTTP requests:
Jersey Client
Any web browser
cURL
telnet
carrier pigeon
...
Also if possible also give me a sample of how to send down a XML GET request to the REST service.
It's just an HTTP GET request. How it's built/generated/sent depends on what library and programming language you're writing the client in. But the actual request itself would look something like this:
GET /foo/bar/baz HTTP/1.1
Host: www.example.com
Accept: text/xml
As far as I know Both Java and .Net environment has the tools to generate WebServices (SOAP and rest). What's your client development language ?
REST :Representational state transfer in simple terms used to send data between client and server . As
Client use some persistent URL for communication and it is stateless communication .
Java uses Jersey, the reference implementation of JAX-RS, implements support for the annotations defined in JSR 311, making it easy for developers to build RESTful web services by using the Java programming language.
So All u have to use for creating services is just some dependencies , bean configuration and some annotations (To Expose Service ) .
For calling REST Service , u can either call from browser . Browsers like (chrome ,mozilla ) provide some plugins to calling REST service or u can create a client to call REST Service .