user3236751
Reputation:
Spring Boot forcing https cause redirection too many times in Google App Engine
I enabled https for all the requests within the App Engine - Flexible Environment.
override fun configure(http: HttpSecurity) {
if (securityProperties.isRequireSsl) http.requiresChannel().anyRequest().requiresSecure()
}
But it is causing too many redirects and fails.
How to force https with Spring Boot on App Engine?
Upvotes: 2
Views: 830
Answers (1)
user3236751
Reputation:
The Google Cloud Load Balancer terminates all https connections, and then forwards traffic to App Engine instances over http. Read More
Which was causing the redirects as the Spring Application was unaware of this switch.
App Engine proxies the request to the application by adding the X-Forwarded-Proto and X-Forwarded-For headers with which spring identifies the actual request protocol and where the request actually originated from.
To enable such behavior, I added the following configuration in application.yml:
server:
tomcat:
remote_ip_header: X-Forwarded-For
protocol_header: X-Forwarded-Proto
Upvotes: 2
Related Questions
- When using Spring redirects browser changes request from HTTPs to HTTP
- Spring boot application http to https redirect in Google App Engine
- How to properly Redirect from Spring Boot 2.3 to HTTPS when running behind a Google Front End Load Balancer
- spring boot automatic redirect http to https
- Disable spring security https redirecting
- Cannot stop Spring redirecting https to http
- Setup custom SSL from Google Apps, redirection loops
- Enabling HTTPS with Spring Security : This webpage has a redirect loop
- Adding HTTPS support causes loop redirection
- Google App Engine - Does not redirect HTTP traffic to HTTPS