CODEWITHSUNDEEP
javaspring-bootgoogle-app-engine
Pamba
Pamba

Reputation: 822

Spring boot application http to https redirect in Google App Engine

I have a spring boot application (version 2.3.0) & successfully hosted in Google App Engine standard environment & working fine. This portal has its own Google managed SSL certificate.

How to redirect the portal from http to https.

I have tried with the '<ssl-enabled>true</ssl-enabled>' option in pom.xml

<plugin>
    <groupId>com.google.cloud.tools</groupId>
    <artifactId>appengine-maven-plugin</artifactId>
    <version>2.2.0</version>
    <configuration>
        <projectId>sample-spring-boot</projectId>
        <version>1</version>
        <ssl-enabled>true</ssl-enabled>
    </configuration>
</plugin>

Also tried with "security.require-ssl=true" in application.properties

But both are not redirecting. Any suggestions?

Upvotes: 0

Views: 321

Answers (1)

Allen D. Ball
Allen D. Ball

Reputation: 2026

Provide a src/main/webapp/WEB-INF/web.xml (which will be installed into WEB-INF if you're using maven-war-plugin) in your project with something like:

<?xml version="1.0" encoding="utf-8"?>                                                                                                                                                                                    
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"                                                                                                                                                                                    
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"                                                                                                                                                                         
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee                                                                                                                                                                        
                             http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"                                                                                                                                                       
                             version="3.1">                                                                                                                                                                                            
  <security-constraint>                                                                                                                                                                                                                
    <web-resource-collection>                                                                                                                                                                                                          
      <web-resource-name>HTTPS Redirect</web-resource-name>                                                                                                                                                                            
      <url-pattern>/*</url-pattern>                                                                                                                                                                                                    
    </web-resource-collection>                                                                                                                                                                                                         
    <user-data-constraint>                                                                                                                                                                                                             
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>                                                                                                                                                                          
    </user-data-constraint>                                                                                                                                                                                                            
  </security-constraint>                                                                                                                                                                                                               
</web-app>

Upvotes: 1

Related Questions