Grails和AWS实施SSH / HTTPS [英] Grails and AWS enforcing SSH/HTTPS
问题描述
我一直在努力奋斗着这个几天了,但我认为这是与亚马逊的AWS。我想执行的SSH / HTTPS,这样,如果一个用户inadvertanly去HTTP:// myaddress.com,他们将被重定向到https:// myaddress.com。我已经加入这个我Config.groovy中的文件:
I've been struggling with this for a few days now but I think it has something to do with Amazon's AWS. I want to enforce SSH/HTTPS, so that if a user inadvertanly goes to HTTP:// myaddress.com they will be redirected to HTTPS:// myaddress.com. I have added this to my config.groovy file:
environments {
production {
// force all traffic over HTTPS in production
grails.plugins.springsecurity.secureChannel.definition = [
'/**': 'REQUIRES_SECURE_CHANNEL'
]
}
现在的问题是,当我上传到亚马逊AWS,我的应用程序将无法正常运行。我在catalina.out的文件中得到任何错误。唯一的迹象是,状态将不会由红色变为绿色,并有该系统的健康检查没有通过的警告。当我浏览到HTTP或HTTPS地址的页面是空白的,没有错误。有没有人遇到这样或知道问题是什么呢?好像该应用程序是罚款(因没有错误),但它没有被正确地重定向。我安装了春季安全和HTTPS已经建立起来。
The problem is that when I upload to amazons AWS, my application will not run properly. I get no errors in my catalina.out file. The only indication is that the status will not turn from red to green and there is a warning that the system health check did not pass. When I navigate to either HTTP or HTTPS address the page is blank white with no errors. has anyone come across this or know what the problem is? It seems like the app is fine (due to no errors) but it is not being properly redirected. I have Spring Security installed, and HTTPS is already set up.
也,Web地址使用一个DNS,所以地址HTTPS是不一样的控制器。 谢谢 杰森
also, the web address uses a DNS, so the address for the HTTPS is not the same as the controllers. thanks jason
推荐答案
您在EC2 LB终止SSL?如果是这样,将EC2设置x-转发-原头和转发通过HTTP请求。您的生产配置需要处理不同。结帐<一href="http://grails-plugins.github.com/grails-spring-security-core/docs/manual/guide/17%20Channel%20Security.html" rel="nofollow">http://grails-plugins.github.com/grails-spring-security-core/docs/manual/guide/17%20Channel%20Security.html他们谈论头检查的地方。如果LB被终止SSL,则无法检查Web服务器的HTTP协议。 HTH。
Are you terminating SSL at the EC2 LB? If so, the EC2 will set the x-forwarded-proto header and forward the request over HTTP. Your production config needs to handle that differently. Checkout http://grails-plugins.github.com/grails-spring-security-core/docs/manual/guide/17%20Channel%20Security.html where they talk about Header Checking. If the LB is terminating the SSL, you can't check the HTTP protocol on the webserver. HTH.
这篇关于Grails和AWS实施SSH / HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
