问题
I need to enforce https on spring-boot application(jhipster generated) deployed on IBM Bluemix.I am deploying spring-boot war without embedded tomcat, the documentation for cloudfoundry specified that the java build pack itself provides Tomcat configured with a RemoteIPValve, so I need not to add below headers as specified by many answers on StackoverFlow.
server.tomcat.remote_ip_header=x-forwarded-for
server.tomcat.protocol_header=x-forwarded-proto
I have also added below code in security configuration
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requiresChannel().anyRequest().requiresSecure();
}
Still my app is not not get redirected to https.
Also I have a doubt like once if enforcing https is done on bluemix domains , will the same work for custom domains also?
Thanks, Vasu
回答1:
Application Yaml configuration
server:
tomcat:
remote_ip_header: x-forwarded-for
protocol_header: x-forwarded-proto
The above tomcat headers tell server whether the original request is http or https,
In method configure(...) which Overrides: configure(...) in ResourceServerConfigurerAdapter, we have to add below lines
if (profile.equalsIgnoreCase(Constants.SPRING_PROFILE_PRODUCTION)) { http.requiresChannel().anyRequest().requiresSecure(); }
来源:https://stackoverflow.com/questions/39729865/ibm-bluemix-enforcing-https-on-spring-boot-applicationjhipster-generated