If you want to restrict access to SSL on JBoss, you need to either disable the HTTP port in JBoss and enable only the SSL port or configure SSL in the web.xml file. It is not enough to select on the Protected Web Resource page. In the Administration Console, click > > > > > .