我有一个在amazon ec2上运行tomcat的应用程序。 http和https都正常工作。我只想使用https,这样当访问http://app.com时,它会被重定向到https://app.com。
在使用spring的SpringSecurity中,它有一个拦截器:
<sec:http auto-config='false'>
<sec:intercept-url pattern="/**" requires-channel="https"/>
</sec:http>
如何在grails中执行此操作?
我已经尝试过(以及其他修改)
grails.plugin.springsecurity.secureChannel.useHeaderCheckChannelSecurity = true
grails.plugin.springsecurity.portMapper.httpPort = 8080
grails.plugin.springsecurity.portMapper.httpsPort = 8443
grails.plugin.springsecurity.secureChannel.secureHeaderName = 'X-FORWARDED-PROTO'
grails.plugin.springsecurity.secureChannel.secureHeaderValue = 'http'
grails.plugin.springsecurity.secureChannel.insecureHeaderName = 'X-FORWARDED-PROTO'
grails.plugin.springsecurity.secureChannel.insecureHeaderValue = 'https'
grails.plugin.springsecurity.auth.forceHttps = true
grails.plugin.springsecurity.secureChannel.definition = [
'/**': 'REQUIRES_SECURE_CHANNEL'
]
但仍然没有成功。
答案 0 :(得分:0)
我已经通过删除第一个配置
来实现它grails.plugin.springsecurity.portMapper.httpPort = 8080
grails.plugin.springsecurity.portMapper.httpsPort = 8443
grails.plugin.springsecurity.secureChannel.secureHeaderName = 'X-FORWARDED-PROTO'
grails.plugin.springsecurity.secureChannel.secureHeaderValue = 'http'
grails.plugin.springsecurity.secureChannel.insecureHeaderName = 'X-FORWARDED-PROTO'
grails.plugin.springsecurity.secureChannel.insecureHeaderValue = 'https'
grails.plugin.springsecurity.auth.forceHttps = true
grails.plugin.springsecurity.secureChannel.definition = [
'/**': 'REQUIRES_SECURE_CHANNEL'
]
并按grails run-app -https
对于开发服务器,我只是在配置中将8080替换为80和8443乘443。
答案 1 :(得分:-1)
哟不要将Grails配置为从http重定向到https,但是您将tomcat配置为自动从http重定向到https。
您需要对tomcat配置进行以下更改。
的Server.xml
<Connector port="80" enableLookups="false" redirectPort="443"/>
在您的web.xml中
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>