Azure 广告登录重定向 url 是 http 而不是 https
[英]Azure Ad login redirect url is http instead of https
问题描述
I am working on the jsp-springboot application,I have implemented the sso using azure and it is working as expected in my local sandbox.
我正在开发 jsp-springboot 应用程序,我已经使用 azure 实现了 sso,它在我的本地沙箱中按预期工作。 As per the document https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-active-directory根据文档https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-active-directory
I have configured我已经配置
azure.activedirectory.tenant-id
azure.activedirectory.client-id
azure.activedirectory.client-secret
Also I have added the redirect url in the azure portal I have not added any configuration classes other that these changes, I am able to login successfully in my local sandbox.For local sandbox I have configured the redirect url as http://localhost/appname/login/oauth2/code/ and for qa environment it is https://qadomain/appname/login/oauth2/code/ During the sso login local sanbox login is successful but for qa the url redirect to此外,我在 azure 门户中添加了重定向 url 除了这些更改之外,我没有添加任何配置类,我能够在本地沙箱中成功登录。对于本地沙箱,我已将重定向 url 配置为http://localhost/appname/login/oauth2/code/对于 qa 环境它是https://qadomain/appname/login/oauth2/code/在 sso 登录期间本地 sanbox 登录成功但是对于 qa url 重定向到
https://login.microsoftonline.com/********/oauth2/v2.0/authorize?
response_type=code&client_id=********&scope=openid%20profile%20offline_access&
state=******&**redirect_uri=http://qadomain/appname/login/oauth2/code/**&nonce=******
The redirect_uri is http instead of https . redirect_uri是http而不是https 。 This url redirect happens from the azure side automatically and I have no control over so this so.这个 url 重定向自动从 azure 端发生,我无法控制所以这个所以。 Can l Know why the protocol is http and not https我能知道为什么协议是 http 而不是 https
I have added certain propertis in the application.properties as well我也在 application.properties 中添加了某些属性
security.oauth2.client.use-current-uri=false
server.tomcat.remote-ip-header=x-forwarded-for
server.tomcat.protocol-header=x-forwarded-proto
server.tomcat.use-relative-redirects=true
server.forward-headers-strategy=NATIVE
server.use-forward-headers=true
server.tomcat.internal-proxies=.*
server.tomcat.redirect-context-root=false
1 个解决方案
解决方案1
0 2022-02-18 07:56:45
Try to add below line in the application.properties files along with tomcat server properties:尝试在 application.properties 文件中添加以下行以及 tomcat 服务器属性:
set spring.security.oauth2.client.registration.azure.redirect-uri-template in the application.properties在 application.properties 中设置spring.security.oauth2.client.registration.azure.redirect-uri-template
ex: spring.security.oauth2.client.registration.azure.redirect-uri=https://{baseHost}{basePort}{basePath}/login/oauth2/code/azure
or或者
If needed place app url in place of localhost and port如果需要放置应用程序 url 代替本地主机和端口
or try add the azure.activedirectory.redirect-uri-template: https://app.example.com/login/oauth2/code/ property.或者尝试添加 azure.activedirectory.redirect-uri-template: https://app.example.com/login/oauth2/code/属性。
And make sure to set the required redirect URLs in the portal too.并确保也在门户中设置所需的重定向 URL。
Please check the below references请检查以下参考资料
References:参考:
- Spring OAuth redirect_uri not using https - Stack Overflow Spring OAuth redirect_uri 不使用 https - 堆栈内存溢出
- azure - Spring redirect happening to "http://...../login" instead of "https://...../login" - Stack Overflow azure - Spring 重定向发生在“http://...../login”而不是“https://...../login” - 堆栈内存溢出
- Spring boot application with Azure AD throws Reply URL does not match - Stack Overflow Spring 启动应用程序与 Azure AD 抛出回复 URL 不匹配 - 堆栈内存溢出
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.