Maximo Open Forum

 View Only

 Allowing both HTTP and HTTPS connections

  • Everything Maximo
Terry Melbourne's profile image
Terry Melbourne posted 02-21-2022 04:42
Hello,

I am using WebSphere 9.0.5.9 and Maximo Asset Management 7.6.1.2

We have an unusual requirement to allow some users to access the system by HTTP and the majority by HTTPS.

However when I enter an HTTP address into the URL it automatically gets converted to HTTPS.
eg HTTP://maximotest.com/maximo gets converted to HTTPS://maximotest.com/maximo 

In my webserver httpd.conf file I have created a 443 stanza but no redirection rule for port 80. In the web.xml files I have left transport guarantee as NONE. I have used FORMS authentication.
Ports 443 and 80 are both defined in the virtual hosts in WebSphere.
The HTTPS login works as expected. 

Please can someone explain why this behavior would happen and what I can do to stop it and allow HTTP access.

Many thanks

Terry
 





Biplab Choudhury's profile image
Biplab Choudhury posted 02-22-2022 17:05
First thing to check is that the behaviour same in private or incognito mode.

Then, Is there a Load balancer or F5 or reverse proxy server between client and Maximo Web server? If yes, then redirection can happen from there as well.
Terry Melbourne's profile image
Terry Melbourne posted 02-23-2022 10:26
Thank you Biplab,

in our environment we have private browsing disabled, so I can't check to see if it functions the same.

We are using the IBM HTTP server for load balancing​​,I thought you had to use the rewrite mod to get it to force http to redirect to https and I haven't set that up. 

kind regards

Terry
Terry Melbourne's profile image
Terry Melbourne posted 03-01-2022 09:25
Hello,

in case it is of use to anyone else, I have found a solution. The http plugin has a default value for StrictSecurity set to true in WebSphere 9.0.5. I added a custom property to set this to false and regenerated and deployed the plugin. 
After doing that I could log in via HTTP and the url did not change it to HTTPS.

kind regards

Terry

Related Content