开发者

Is there any way to force https for some pages in spring-security?

开发者 https://www.devze.com 2023-02-20 03:43 出处:网络
currently I\'m using tomcat 6 and spring-security 3.0.3.RELEASE without apache. I can force https for login page and it works just fine.

currently I'm using tomcat 6 and spring-security 3.0.3.RELEASE without apache.

I can force https for login page and it works just fine.

Next configuration is used to prevent accessing to some pages by http.

<http use-expressions="true">
    <intercept-url pattern="/" access="permitAll" />
    <intercept-url pattern="/login" access="permitAll" requires-channel="https" />
    <intercept-url pattern="/spring_security_login" access="permitAll" requires-channel="https" />
    <intercept-url pattern="/users/new" access="permitAll" requires-channel="https" />
    <intercept-url pattern="/users/authorize/*" access="isAuthenticated()" />


    <!--<form-login /> -->
    <form-login  login-page="/login" />
    <logout />
    <remember-me />

    <!--
        Uncomment to enable X509 client authentication support <x509 />
    -->
    <!-- Uncomment to limit the number of sessions a user can have -->开发者_如何转开发
    <session-management>
        <concurrency-control max-sessions="10000"
            error-if-maximum-exceeded="true" />
    </session-management>

</http>

But if I try to access to, for example, /buyers/new by non https link http://localhost:8085/path/buyers/new I get next error:

The page isn't redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

    *   This problem can sometimes be caused by disabling or refusing to accept
          cookies.

Cookies are allowed so I think that this is not problem. Similar error I got in Chrome when I tried to access above link.

In my configuration port 8085 is non ssl port. SSL is configured on port 8443 and it works fine.

I want that all access attempts to some pages are redirected to https.

Any advice will be highly appreciated.

Best regards, Tiho


Add a port-mappings section to your http configuration:

<http use-expressions="true">
 ...
    <port-mappings>
        <port-mapping http="8085" https="8443"/>
    </port-mappings>
</http>
0

精彩评论

暂无评论...
验证码 换一张
取 消