-
-
Save ThomasVitale/957198495913f3fe4f50c5a5a8933db5 to your computer and use it in GitHub Desktop.
# Define a custom port instead of the default 8080 | |
server.port=8443 | |
# Tell Spring Security (if used) to require requests over HTTPS | |
security.require-ssl=true | |
# The format used for the keystore | |
server.ssl.key-store-type=PKCS12 | |
# The path to the keystore containing the certificate | |
server.ssl.key-store=classpath:keystore.p12 | |
# The password used to generate the certificate | |
server.ssl.key-store-password=password | |
# The alias mapped to the certificate | |
server.ssl.key-alias=tomcat |
@Configuration | |
public class ConnectorConfig { | |
@Bean | |
public EmbeddedServletContainerFactory servletContainer() { | |
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() { | |
@Override | |
protected void postProcessContext(Context context) { | |
SecurityConstraint securityConstraint = new SecurityConstraint(); | |
securityConstraint.setUserConstraint("CONFIDENTIAL"); | |
SecurityCollection collection = new SecurityCollection(); | |
collection.addPattern("/*"); | |
securityConstraint.addCollection(collection); | |
context.addConstraint(securityConstraint); | |
} | |
}; | |
tomcat.addAdditionalTomcatConnectors(getHttpConnector()); | |
return tomcat; | |
} | |
private Connector getHttpConnector() { | |
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); | |
connector.setScheme("http"); | |
connector.setPort(8080); | |
connector.setSecure(false); | |
connector.setRedirectPort(8443); | |
return connector; | |
} | |
} |
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@stefantwog if you are wondering where did EmbeddedServletContainerFactory and TomcatEmbeddedServletContainerFactory classes go in the latest version of Spring boot (> 2.0.x), these have been renamed to ServletWebServerFactory and TomcatServletWebServerFactory respectively. Refer to the following link: spring-projects/spring-boot@67556ba
// Updated file - spring boot 2.0.x
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class ConnectorConfig {
@Bean
public ServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat =
new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}
private Connector redirectConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(8080);
connector.setSecure(false);
connector.setRedirectPort(8443);
return connector;
}
}
one more thing changed in Spring Boot 2 and doesn't work after upgrade:
security.require-ssl=true
is now depricated and looks like there no obvious replacement
use this instead
server.ssl.enabled=true
Can you share imports for ConnectorConfig.java ?