我正在尝试通过 https 迁移使用 Spring Security 制作的 Web 应用程序。 我遵循了在网上找到的所有指南和文档,但没有任何效果。你能帮我解决问题或找出问题所在吗?
不要工作因为当我去 https://mywebapps我找不到页面。当 http 工作时。
我遵循了本指南 https://www.baeldung.com/spring-channel-security-https用于 keystore 和连接器配置。
我在 AWS EC2 上运行 webapp。
mywebapp/web-application-context.xml
<security:http auto-config="true">
<security:intercept-url pattern="/Secure/**" access="isAuthenticated()" />
<security:intercept-url pattern="/**" requires-channel="https" />
<security:access-denied-handler
error-page="/Unsecure/NoPermission" />
<security:form-login login-page="/Unsecure/Login"
login-processing-url="/Unsecure/Login.do" username-parameter="username"
password-parameter="password" always-use-default-target="true"
default-target-url="/Secure/Home/Dashboard" authentication-failure-url="/Unsecure/Login?err=1" />
<security:logout logout-success-url="/Unsecure/Login"
logout-url="/Secure/Logout" delete-cookies="JSESSIONID" />
<security:csrf />
<security:http-basic/>
</security:http>
tomcat7/server.xml
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" keystoreFile="${user.home}/.keystore" keystorePass="changeit"/>
我的网络应用/web.xml
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/dispatcher-servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/web-application-config.xml</param-value>
</context-param>
<session-config>
<session-timeout>120</session-timeout>
</session-config>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
<filter-name>encoding-filter</filter-name>
<filter-class>
org.springframework.web.filter.CharacterEncodingFilter
</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encoding-filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
最好的问候, 胭脂红
最佳答案
确保您修改了 EC2 实例的安全组以允许传入连接到 TCP 端口 8443。
您还可以使用实例 shell 本身的 wget 来确定其服务页面是否通过 HTTPS 这样:
wget --no-check-certificate https://127.0.0.1:8443
嗯,重新阅读您的配置,您的 Tomcat 前面是否有一个反向代理将端口 443 上的请求路由到监听端口 8443 的 Tomcat?如果不是,您应该使用 https://mywebapp:8443 访问您的 Tomcat对于 HTTPS 不是 https://mywebapp .
关于spring - Spring Security表单登录Tomcat中的SSL实现,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58285531/