RED HAT JBOSS® ENTERPRISE APPLICATION PLATFORM
Action Required: EAP Schema Validation Endpoint Redirection to https
You are receiving this notification because your organization has active entitlements for Red Hat JBoss Enterprise Application Platform (EAP) or related dependent products. To enhance security, schema validation endpoints used by EAP and related products and referenced inside customer’s applications will be redirected to secure (https) servers as of January 13, 2020. For some customers this will require an update to their EAP configuration and/or applications.
What is changing?
Requests to http://www.jboss.org will be redirected to https://www.jboss.org.
Why the change?
For security reasons, requests to http endpoints on jboss.org will be redirected to the secure https to prevent any 'man in the middle' issues where the wrong dtd/schema could be used.
What does this mean?
After January 13, 2020, all http requests made to jboss.org endpoints will redirect to https. Some older frameworks and JBoss components may be enabling schema / dtd validation when parsing xmls, and if the xml references one of these via http, then they will be redirected to https, and Apache Xerces will not handle successfully. It is therefore required that the customer update their configuration XML files to use the https endpoints. For more details about these required changes, please reference the FAQ document below.
LINK REDIRECTION FAQ
- Red Hat Process Automation Manager (RHPAM)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.