user2115378
Reputation: 931
Spring MVC 4 + Tomcat 7, How to implement HTTPS with JavaConfig?
i use Spring MVC 4 and Tomcat 7 and i have created a self-signed certificate. Spring MVC is only a Server-Backend for REST-Services. But how can i activate and configure https with java config ? Can someone give me an example ? And i want that only my login rest service runs with https.
Upvotes: 2
Views: 1774
Answers (1)
Adrian Lopez
Reputation: 1784
On Tomcat you will have to configure an SSL connector similar to this: (more details here: http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html)
<Connector
protocol="HTTP/1.1"
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="${user.home}/.keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS"/>
Then you can go ahead and set up Spring Security using JavaConfig or XML in a normal way. If using JavaConfig it you will want to require https for your form and require http for the rest, so the configuration would be similar to this:
http
.authorizeUrls()
.antMatchers("/secure/**").hasRole("USER")
.antMatchers("/login").permitAll()
.and()
.requiresChannel()
.antMatchers("/login").requiresSecure()
.anyRequest().requiresInsecure()
Upvotes: 2
Related Questions
- How to configure tomcat for https when you already setup https in application level
- Enable SSL in Spring boot Application
- Configure Http security
- Adding SSL to Spring Boot application
- How to configure Spring MVC HttpSecurity using Java config for login page
- How spring use https for request automatically?
- How to run Spring application by Maven Tomcat7 via HTTPS?
- Spring web and tomcat with https
- Apache WebServer + Tomcat + Spring + Https
- Spring MVC https how to enable?