将每个 HTTP 请求重定向到 HTTPS [英] Redirect every HTTP request to HTTPS

问题描述

我知道，答案如下:

<security-constraint> 
    <web-resource-collection> 
        <web-resource-name>All resources</web-resource-name> 
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

它工作得很好，但前提是它是 web.xml 中唯一的安全约束.

and it works pretty good, but only if it is the only one security-constraint in the web.xml.

一旦我添加了第二个安全约束，就像这样:

As soon as I add a second security-constraint, something like this:

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Admin section</web-resource-name>
        <url-pattern>/admin/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>USER</role-name>
    </auth-constraint>
</security-constraint>

重定向对于指向管理部分的 URL 停止工作(在这种情况下，应用程序显示一个登录表单).

redirection stops working for URLs that point to the admin section (in this case the application shows a login form).

有没有办法通过 web.xml 或 wildfly 配置全局启用重定向?

Is there a way to enable redirection globally via web.xml or wildfly configuration?

PS:使用wildfly 8.2 测试

PS: tested with wildfly 8.2

推荐答案

您是否尝试将user-data-constraint"添加到第二个security-constraint"?

Did you try to add "user-data-constraint" to the second "security-constraint"?

这篇关于将每个 HTTP 请求重定向到 HTTPS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！