[英]Forcing Https connection during the spring security login success
I have one spring boot app which contains spring security with formLogin being added and custom loginPage .我有一个 spring boot 应用程序,其中包含 spring security,添加了 formLogin 和自定义 loginPage 。 Whenever I get authenticated then it will send me to the defaultSuccessUrl which is /app/dashboard and it sends with the schema http I been trying all day to just make the successUrl schema to be https just tweaking some changes on application.properties and sometimes with Bean but i am still not able to make it happen.
每当我通过身份验证时,它都会将我发送到 /app/dashboard 的 defaultSuccessUrl 并发送模式http我一整天都在尝试将 successUrl 模式设置为 https 只是调整 application.properties 上的一些更改,有时使用Bean,但我仍然无法实现它。 My application is in cloudfoundry which and i don't have 80 port but only 443(https) .
我的应用程序在 cloudfoundry 中,我没有 80 端口,但只有 443(https) 。
My configuration in spring is like this :我在spring的配置是这样的:
http
.authorizeRequests()
.antMatchers("/", "/forbidden", "/index.html", "/webjars/*", "/app.js", "/access/*", "/signup", "/l10n/*.js", "/", "/tpl/**/*.html", "/fonts/**/*.woff").permitAll()
.anyRequest().authenticated()
.and().addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class).
csrf().csrfTokenRepository(repo)
.and() .httpBasic().disable()
.formLogin()
.loginPage("/access/signin").permitAll()
.failureUrl("/error")
.defaultSuccessUrl("/app/dashboard")
.and().logout()
.logoutRequestMatcher(new AntPathRequestMatcher("access/logout"))
.logoutSuccessUrl("/access/signin").permitAll();
I did also tried to use absolute url with https but it is not working good.我也尝试过将绝对 url 与https一起使用,但效果不佳。
Did you try requiresChannel()
and requiresSecure()
?您是否尝试过
requiresChannel()
和requiresSecure()
? For particular url to be accessible via https, you can try对于可以通过 https 访问的特定 url,您可以尝试
.defaultSuccessUrl("/app/dashboard").and().requiresChannel().antMatchers("/app/dashboard").requiresSecure()
For all requests to go through https, you can use like对于通过 https 的所有请求,您可以使用 like
.and().requiresChannel().anyRequest().requiresSecure()
You can use port mapping like below.您可以使用如下所示的端口映射。
http
.portMapper()
.http(8080).mapsTo(443);
Please refer this and this for more details.请参阅this和this了解更多详情。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.