如何使用Spring Security Java配置将HTTP请求重定向到HTTPS? [英] How to redirect HTTP requests to HTTPS using Spring Security Java configuration?

问题描述

我有一个同时侦听HTTP和HTTPS的Spring Security版本3.2.3应用程序.我希望对HTTP端口的任何请求都重定向到HTTPS.我该如何仅使用Java进行配置?

I have a Spring Security version 3.2.3 application that listens to both HTTP and HTTPS. I want any request to the HTTP port to be redirected to HTTPS. How do I configure that using Java only?

Spring Security javadoc for HttpSecurity proposes the following solution (trimmed to the essential):

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    protected void configure(HttpSecurity http) {
        http.channelSecurity().anyRequest().requiresSecure();
    }
}

但是这不起作用，因为HttpSecurity没有方法channelSecurity().

However that doesn't work because HttpSecurity doesn't have method channelSecurity().

推荐答案

在问题代码中用requiresChannel()替换channelSecurity()似乎可以提供所需的行为.工作代码如下:

Replacing channelSecurity() with requiresChannel() in the code in the question appears to give the desired behaviour. The working code then looks as following:

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    protected void configure(HttpSecurity http) {
        http.requiresChannel().anyRequest().requiresSecure();
    }
}

这篇关于如何使用Spring Security Java配置将HTTP请求重定向到HTTPS?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！