stackoom
  简体   繁体   中英

how to spring boot redirect http to https except admin in this code

 原文  2023-01-13 04:51:32       java/ spring/ spring-boot/ spring-security

Question

@Configuration
@EnableConfigurationProperties
public class SSLConfig {

    @Value("${server.port.http}")
    private int httpPort;

    @Value("${server.port}")
    private int httpsPort;

    @Bean
    public ServletWebServerFactory serverFactory(){
        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
            @Override
            protected void postProcessContext(Context context) {
                SecurityConstraint securityConstraint = new SecurityConstraint();
                securityConstraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                securityConstraint.addCollection(collection);
                context.addConstraint(securityConstraint);
            }
        };


        tomcat.addAdditionalTomcatConnectors(createSslConnector());

        return tomcat;
    }

    private Connector createSslConnector(){
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        connector.setPort(httpPort);
        connector.setScheme("http");
        connector.setSecure(false);
        connector.setRedirectPort(httpsPort);
        return connector;
    }

I'm using this solution. Currently, all User Manager pages are redirected to https, but you want to keep the Administrator page as http. Is there a way? Administrators are included in the same project.

1 answers

solution1
 0  2023-01-13 09:14:16

You must add a new security collection for administration and set the user constraint to NONE.

Try something like:

   SecurityConstraint securityConstraint = new SecurityConstraint();
   securityConstraint.setUserConstraint("NONE");
   SecurityCollection collection = new SecurityCollection();
   /*for example I will choose /admin as pattern here, you can choose whatever 
   you want*/
   collection.addPattern("/admin/*"); 
   securityConstraint.addCollection(collection);
   context.addConstraint(securityConstraint);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Spring Boot redirect HTTP to HTTPS How to redirect http traffic to https with spring boot 2.3.1 Redirect from http to https in Spring Boot 2.0.4 Redirect http to https on spring boot embedded undertow Spring-boot redirect:/ to http instead of https Redirect Post method HTTP -> HTTPS - HTTP Status 405 (Spring boot) Spring Boot with Spring Security behind Load Balancer: redirect HTTP to HTTPS Spring Boot HTTPS and redirect Spring Boot Admin uses HTTP instead of HTTPS Actuator Endpoints Spring boot application http to https redirect in Google App Engine
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM