Spring Boot 将 HTTP 重定向到 HTTPS [英] Spring Boot redirect HTTP to HTTPS

问题描述

对于基于 Spring Boot 的应用程序，我在 application.properties 配置了 ssl 属性，请在此处查看我的配置:

server.port=8443server.ssl.key-alias=tomcatserver.ssl.key-password=123456server.ssl.key-store=classpath:key.p12server.ssl.key-store-provider=SunJSSEserver.ssl.key-store-type=pkcs12

并且我在 Application.class 中添加了连接，例如

@Bean公共 EmbeddedServletContainerFactory tomcatEmbeddedServletContainerFactory() {最终 TomcatEmbeddedServletContainerFactory factory = new TomcatEmbeddedServletContainerFactory();factory.addAdditionalTomcatConnectors(this.createConnection());返厂；}私人连接器 createConnection() {final String protocol = "org.apache.coyote.http11.Http11NioProtocol";最终连接器连接器 = 新连接器(协议)；connector.setScheme("http");连接器.setPort(9090);连接器.setRedirectPort(8443);返回连接器；}

但是当我尝试以下操作时

http://127.0.0.1:9090/

重定向到

https://127.0.0.1:8443/

不执行.谁遇到过类似的问题?

解决方案

为了让 Tomcat 执行重定向，您需要为其配置一个或多个安全约束.您可以通过使用 TomcatEmbeddedServletContainerFactory 子类对 Context 进行后处理来实现这一点.

例如:

TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {@覆盖protected void postProcessContext(上下文上下文){SecurityConstraint securityConstraint = new SecurityConstraint();securityConstraint.setUserConstraint(机密");SecurityCollection collection = new SecurityCollection();collection.addPattern("/*");securityConstraint.addCollection(集合)；context.addConstraint(securityConstraint);}};

由于CONFIDENTIAL 和/*，这将导致Tomcat 将每个请求重定向到HTTPS.如果您需要更多地控制重定向和未重定向的内容，您可以配置多个模式和多个约束.

上述 TomcatEmbeddedServletContainerFactory 子类的实例应使用 @Configuration 类中的 @Bean 方法定义为 bean.

For Spring Boot based application I have configurared ssl properties at application.properties, see my configuration here:

server.port=8443
server.ssl.key-alias=tomcat
server.ssl.key-password=123456
server.ssl.key-store=classpath:key.p12
server.ssl.key-store-provider=SunJSSE
server.ssl.key-store-type=pkcs12

And I have added conection at Application.class, like

@Bean
public EmbeddedServletContainerFactory tomcatEmbeddedServletContainerFactory() {
    final TomcatEmbeddedServletContainerFactory factory = new TomcatEmbeddedServletContainerFactory();
    factory.addAdditionalTomcatConnectors(this.createConnection());
    return factory;
}

private Connector createConnection() {
    final String protocol = "org.apache.coyote.http11.Http11NioProtocol";
    final Connector connector = new Connector(protocol);

    connector.setScheme("http");
    connector.setPort(9090);
    connector.setRedirectPort(8443);
    return connector;
}

But when I try the following by

http://127.0.0.1:9090/

redirect to

https://127.0.0.1:8443/

is not performed. Who faced a similar problem?

解决方案

For Tomcat to perform a redirect, you need to configure it with one or more security constraints. You can do this by post-processing the Context using a TomcatEmbeddedServletContainerFactory subclass.

For example:

TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
    @Override
    protected void postProcessContext(Context context) {
        SecurityConstraint securityConstraint = new SecurityConstraint();
        securityConstraint.setUserConstraint("CONFIDENTIAL");
        SecurityCollection collection = new SecurityCollection();
        collection.addPattern("/*");
        securityConstraint.addCollection(collection);
        context.addConstraint(securityConstraint);
    }
};

Due to CONFIDENTIAL and /*, this will cause Tomcat to redirect every request to HTTPS. You can configure multiple patterns and multiple constraints if you need more control over what is and is not redirected.

An instance of the above TomcatEmbeddedServletContainerFactory subclass should be defined as a bean using a @Bean method in a @Configuration class.

这篇关于Spring Boot 将 HTTP 重定向到 HTTPS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！