问题
I've been struggling with this for a few days now but I think it has something to do with Amazon's AWS. I want to enforce SSH/HTTPS, so that if a user inadvertanly goes to HTTP:// myaddress.com they will be redirected to HTTPS:// myaddress.com. I have added this to my config.groovy file:
environments {
production {
// force all traffic over HTTPS in production
grails.plugins.springsecurity.secureChannel.definition = [
'/**': 'REQUIRES_SECURE_CHANNEL'
]
}
The problem is that when I upload to amazons AWS, my application will not run properly. I get no errors in my catalina.out file. The only indication is that the status will not turn from red to green and there is a warning that the system health check did not pass. When I navigate to either HTTP or HTTPS address the page is blank white with no errors. has anyone come across this or know what the problem is? It seems like the app is fine (due to no errors) but it is not being properly redirected. I have Spring Security installed, and HTTPS is already set up.
also, the web address uses a DNS, so the address for the HTTPS is not the same as the controllers. thanks jason
回答1:
Just a thought... Did you set up https port in the AWS beanstalk application configuration?
http://docs.amazonwebservices.com/elasticbeanstalk/latest/dg/index.html?using-features.managing.elb.html
回答2:
Are you terminating SSL at the EC2 LB? If so, the EC2 will set the x-forwarded-proto header and forward the request over HTTP. Your production config needs to handle that differently. Checkout http://grails-plugins.github.com/grails-spring-security-core/docs/manual/guide/17%20Channel%20Security.html where they talk about Header Checking. If the LB is terminating the SSL, you can't check the HTTP protocol on the webserver. HTH.
来源:https://stackoverflow.com/questions/7571806/grails-and-aws-enforcing-ssh-https