当我在我的网站上使用我的https登录页面时,Spring安全转发正在使用错误的端口:
我的登录bean执行以下操作:
ExternalContext ec = context.getExternalContext();
String encodedURL = ec.encodeResourceURL(ec.getRequestContextPath() + "/j_spring_security_check?j_username=" + userId + "&j_password=" + password + "&_spring_security_remember_me=" + rememberMe );
logger.info(encodedURL);
ec.redirect(encodedURL);
也尝试过:
ExternalContext context = FacesContext.getCurrentInstance()
.getExternalContext();
RequestDispatcher dispatcher = ((ServletRequest) context.getRequest())
.getRequestDispatcher("/j_spring_security_check");
dispatcher.forward((ServletRequest) context.getRequest(),
(ServletResponse) context.getResponse());
FacesContext.getCurrentInstance().responseComplete();
// It's OK to return null here because Faces is just going to exit.
return null;
的Server.xml:
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<Connector port="443" protocol="HTTP/1.1" scheme="https" secure="true"/>
不确定为什么使用错误的端口...
答案 0 :(得分:2)
您需要在命名空间配置中配置SSL / HTTPS端口,如下所示:
<security:port-mappings>
<security:port-mapping http="8090" https="8443"/>
<security:port-mapping http="8080" https="8443"/>
</security:port-mappings>
答案 1 :(得分:1)
将<Connector port="443" protocol="HTTP/1.1" scheme="https" secure="true"/>更改为
<Connector port="443" proxyPort="443" protocol="HTTP/1.1" scheme="https" secure="true"/>并且有效