Reputation: 47
Added HTTP support for my web app which has SSL certificate
To support HTTP, I have added below code to my web app(Spring Boot 2.5.6v) which has SSL certificate for HTTPS.
@Bean
public ServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}
private Connector redirectConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(8080);
connector.setSecure(false);
connector.setRedirectPort(8443);
return connector;
}
All I can understand from above code, which I copy pasted from an external site(which does not have much explanation), is that whenever it gets request for 8080 port(HTTP://localhost:8080), it will redirect the request to 8443 port(HTTPS://localhost:8443). I am not very sure whether to use this code for production code as well. What are the shortcomings of this code and what all modifications can be done? Please also provide documentation/ explanation related to above code so that I get some clarity of what am doing.
Upvotes: 1
Views: 269
Answers (1)
Reputation: 135
You can consider the following references for your query:
Spring Security- HTTP How to enable HTTPS in a Spring Boot Java application
I think this might work, but you can also consider the tomacat ajp connector as spring-boot uses apache tomacat server for running on your system.
refer to this for more:The AJP Connector
Just enable AJP on Spring Boot 2.2.5.RELEASE version.
And add this:
((AbstractAjpProtocol) ajpConnector.getProtocolHandler()).setSecretRequired(false);
you can see where I've used this in the code below
A demo code for illustration:
@Configuration
public class TomcatConfiguration {
@Value("${tomcat.ajp.port}")
int ajpPort;
@Value("${tomcat.ajp.remoteauthentication}")
String remoteAuthentication;
@Value("${tomcat.ajp.enabled}")
boolean tomcatAjpEnabled;
@Bean
public TomcatServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
if (tomcatAjpEnabled) {
Connector ajpConnector = new Connector("AJP/1.3");
ajpConnector.setPort(ajpPort);
ajpConnector.setSecure(false);
ajpConnector.setAllowTrace(false);
ajpConnector.setScheme("http");
((AbstractAjpProtocol) ajpConnector.getProtocolHandler()).setSecretRequired(false);
tomcat.addAdditionalTomcatConnectors(ajpConnector);
}
return tomcat;
}
}
Also in the application.properties file add this:
server.port=8082
tomcat.ajp.port=9090
tomcat.ajp.remoteauthentication=false
tomcat.ajp.enabled=true
Upvotes: 1
Related Questions
- Spring Boot - enable and configure SSL certificate
- Spring Boot redirect HTTP to HTTPS
- Spring Boot - Creating HTTPS-connection does not work
- Use ssl certificate in spring boot application
- Enable SSL in Spring boot Application
- Configure Http security
- Adding SSL to Spring Boot application
- How to configure SSL / HTTPS on Spring?
- Configure Application using Spring Security to accept HTTP requests and send HTTPS response
- Spring web and tomcat with https