登录或退出后,Spring会将我重定向到http页面。向页面添加requires-channel="https"
只会导致重定向循环。这在我的本地计算机上工作正常,但是这个项目是在apache和负载均衡器下设置的。
<http pattern="/services/**" create-session="stateless"
entry-point-ref="basicAuthAwareAuthenticationEntryPoint">
<http-basic />
<port-mappings>
<port-mapping http="8009" https="8443"/>
<port-mapping http="80" https="443"/>
</port-mappings>
<intercept-url pattern="/services/**" access="ROLE_SERVICE" />
</http>
<http auto-config="true">
<port-mappings>
<port-mapping http="8009" https="8443"/>
<port-mapping http="80" https="443"/>
</port-mappings>
<intercept-url pattern="/index.*" access="ROLE_USER" />
<intercept-url pattern="/welcome.htm" access="ROLE_USER" />
<intercept-url pattern="/changePassword.htm" access="ROLE_USER" />
<intercept-url pattern="/admin/**" access="ROLE_USER" />
<intercept-url pattern="/notifications/**" access="ROLE_ANONYMOUS,ROLE_USER" />
<intercept-url pattern="/logging/**" access="ROLE_USER" />
<form-login login-page="/login.htm" default-target-url="/welcome.htm"
authentication-failure-url="/loginfailed.htm" />
<logout logout-success-url="/logout.htm" />
</http>