Spring Security with HTTPS on CloudFoundry

后端未结
关注
 3  1222
暗喜 2020-12-21 08:05
I tried to access my application on CloudFoundry with the following configuration in the spring security xml

      
      
        
          3条回答        

        
                    
            
            
                         
                
              
              
                
                   温柔的废话
                                             
                
                
                (楼主)
            
              
              
                2020-12-21 08:43
              

            
            
                        
In case it's still useful ... I found this post gave the clue to solve something similar to this.

The problem was the org.springframework.security.web.access.channel.SecureChannelProcessor bean was using ServletRequest.isSecure() to decide whether to accept the connection or redirect, which was getting confused inside the cloud.

The following override to that bean seemed to do the job under BlueMix - not sure if the $WSSC request header will apply to all environments.

@Component
public class ChannelProcessorsPostProcessor implements BeanPostProcessor {

    @Override
    public Object postProcessAfterInitialization(final Object bean, final String beanName) throws BeansException {
        if (bean instanceof SecureChannelProcessor) {
            final SecureChannelProcessor scp = (SecureChannelProcessor) bean;
            return new ChannelProcessor() {
                @Override
                public void decide(FilterInvocation invocation,
                        Collection config) throws IOException,
                        ServletException {
                    HttpServletRequest httpRequest = invocation.getHttpRequest();
                    // Running under BlueMix (CloudFoundry in general?), the
                    //   invocation.getHttpRequest().isSecure() in SecureChannelProcessor
                    //   was always returning false
                    if ("https".equals(httpRequest.getHeader("$WSSC"))) {
                        return;
                    }
                    scp.decide(invocation, config);
                }

                @Override
                public boolean supports(ConfigAttribute attribute) {
                    return scp.supports(attribute);
                }
            };
        }

        return bean;
    }

    @Override
    public Object postProcessBeforeInitialization(final Object bean, final String beanName) throws BeansException {

        return bean;
    }
}

    
             
                                                        
            
            
              
                
                0
              
                   
                
               讨论(0)
              
                                                  
              
              
                          
             
       
          
              
                                       
     查看其它3个回答


            
                         
                    


               
            
    发布评论:
    
         
                        
    
    提交评论 
  
  

                    
                    
                    
                        
                        
                         加载中...
                        
                    
                
          
                              			
        
        
        
          
            
            
              
              
            
    


                                 
              
            
                          
    

        
         
                验证码
                
                  
                
                
                   看不清?
                
              
                                  
                    
   
                 
             
              提交回复