HTTP not redirecting to HTTPS (SpringBoot)

Question

I have deployed a project using Spring boot. I want to redirect all traffic from HTTP to HTTPS. For some reason, the redirect is not working. If I try to access the HTTP website using Chrome, I get 'connection timed out'.

Now, if I try to access the website over HTTPS, chrome is able to load the website. After the initial loading of the HTTPS website, the redirects start working. i.e. HTTP traffic gets redirected to HTTPS successfully.

You can try the above scenario using chrome in incognito mode.

Scenario 1

1. Open chrome in incognito. Visit: http://timelines.co . Chrome will time out.

Scenario 2

1. Visit https://timelines.co. Chrome will load the website.
2. Again visit http://timelines.co. Chrome will redirect to https://www.timelines.co

I would like to know why the redirect is not working in scenario 1.

This is what my code looks like:

@Bean
    public ServletWebServerFactory servletContainer() {
        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
            @Override
            protected void postProcessContext(Context context) {
                SecurityConstraint securityConstraint = new SecurityConstraint();
                securityConstraint.setUserConstraint("CONFIDENTIAL");
                SecurityCollection collection = new SecurityCollection();
                collection.addPattern("/*");
                securityConstraint.addCollection(collection);
                context.addConstraint(securityConstraint);
            }
        };
        tomcat.addAdditionalTomcatConnectors(redirectConnector());
        return tomcat;
    }

    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }

    @Bean
    public CommandLineRunner commandLineRunner(ApplicationContext ctx) {
        return args -> {
        };
    }
    
    private Connector redirectConnector() {
        Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
        connector.setScheme("http");
        connector.setPort(80);
        connector.setSecure(false);
        connector.setRedirectPort(443);
        return connector;
    }




Application.properties

    server.port = 443


build.gradle
    compile group: 'org.springframework.boot', name: 'spring-boot-starter-web', version: '2.2.6.RELEASE'
        compile group: 'org.springframework.boot', name: 'spring-boot-starter-thymeleaf', version: '2.2.6.RELEASE'
        compile group: 'org.springframework.boot', name: 'spring-boot-devtools', version: '2.2.6.RELEASE'
        compile group: 'org.springframework.boot', name: 'spring-boot-starter-data-jpa', version: '2.2.6.RELEASE'
        compile group: 'org.springframework.boot', name: 'spring-boot-starter-security', version: '2.2.6.RELEASE'

Answer 1

Port 80 (HTTP) is not accessible or at least not responding. I did this using a command line:

$ telnet timelines.co 80

That command just hung. This is common when there is a firewall of some sort between the client and the server. You ask about knowing that the server is on AWS. Just do a:

$ host timelines.co
timelines.co has address 54.203.56.245

then

$ host 54.203.56.245
245.56.203.54.in-addr.arpa domain name pointer ec2-54-203-56-245.us-west-2.compute.amazonaws.com.

So you're on an EC2 in the us-west-2 AWS region.

It's easy to miss ports when you're setting up a security group, especially when you change things.

I don't fully know what the browsers are doing under the covers. I feel like they are "helpful" sometimes and, in the process, obscure the underlying causes. For example, Chrome and Firefox start by assuming https. So if you just enter the hostname it would have worked for you by defaulting to port 443 that you had opened. That is why I used a lower level tool (telnet) to help debug it. It doesn't try to guess what I really want to do.