首页 > 编程入门 文章详情

有什么办法可以在spring

编程入门 行业动态 更新时间:2024-10-25 14:30:14
本文介绍了有什么办法可以在spring-security中为某些页面强制使用https吗?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

限时送ChatGPT账号..

目前我使用的是没有 apache 的 tomcat 6 和 spring-security 3.0.3.RELEASE.

currently I'm using tomcat 6 and spring-security 3.0.3.RELEASE without apache.

我可以为登录页面强制使用 https,而且效果很好.

I can force https for login page and it works just fine.

下一个配置用于防止http访问某些页面.

Next configuration is used to prevent accessing to some pages by http. 

<http use-expressions="true">
    <intercept-url pattern="/" access="permitAll" />
    <intercept-url pattern="/login" access="permitAll" requires-channel="https" />
    <intercept-url pattern="/spring_security_login" access="permitAll" requires-channel="https" />
    <intercept-url pattern="/users/new" access="permitAll" requires-channel="https" />
    <intercept-url pattern="/users/authorize/*" access="isAuthenticated()" />


    <!--<form-login /> -->
    <form-login  login-page="/login" />
    <logout />
    <remember-me />

    <!--
        Uncomment to enable X509 client authentication support <x509 />
    -->
    <!-- Uncomment to limit the number of sessions a user can have -->
    <session-management>
        <concurrency-control max-sessions="10000"
            error-if-maximum-exceeded="true" />
    </session-management>

</http>

但是如果我尝试通过非 https 链接访问例如 /buyers/newhttp://localhost:8085/path/buyers/new 我得到下一个错误:

But if I try to access to, for example, /buyers/new by non https link http://localhost:8085/path/buyers/new I get next error:

The page isn't redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

    *   This problem can sometimes be caused by disabling or refusing to accept
          cookies.

Cookie 是允许的,所以我认为这不是问题.当我尝试访问上述链接时,我在 Chrome 中遇到了类似的错误.

Cookies are allowed so I think that this is not problem. Similar error I got in Chrome when I tried to access above link.

在我的配置中,8085 端口是非 ssl 端口.SSL 在端口 8443 上配置并且工作正常.

In my configuration port 8085 is non ssl port. SSL is configured on port 8443 and it works fine.

我希望对某些页面的所有访问尝试都重定向到 https.

I want that all access attempts to some pages are redirected to https.

任何建议将不胜感激.

最好的问候,蒂霍

推荐答案

添加port-mappings 部分到您的 http 配置:

Add a port-mappings section to your http configuration:

<http use-expressions="true">
 ...
    <port-mappings>
        <port-mapping http="8085" https="8443"/>
    </port-mappings>
</http>

这篇关于有什么办法可以在spring-security中为某些页面强制使用https吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

更多推荐

[db:关键词]

本文发布于:2023-04-30 04:15:48,感谢您对本站的认可!
本文链接:https://www.elefans.com/category/jswz/34/1389277.html
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。
本文标签:有什么办法可以   spring

发布评论

评论列表 (有 0 条评论)

最近发表

草根站长

>www.elefans.com

编程频道|电子爱好者 - 技术资讯及电子产品介绍!

热门文章

标签列表