Spring Boot redirect HTTP to HTTPS

by

For Tomcat to perform a redirect, you need to configure it with one or more security constraints. You can do this by post-processing the Context using a TomcatEmbeddedServletContainerFactory subclass.

For example:

TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
    @Override
    protected void postProcessContext(Context context) {
        SecurityConstraint securityConstraint = new SecurityConstraint();
        securityConstraint.setUserConstraint("CONFIDENTIAL");
        SecurityCollection collection = new SecurityCollection();
        collection.addPattern("/*");
        securityConstraint.addCollection(collection);
        context.addConstraint(securityConstraint);
    }
};

Due to CONFIDENTIAL and /*, this will cause Tomcat to redirect every request to HTTPS. You can configure multiple patterns and multiple constraints if you need more control over what is and is not redirected.

An instance of the above TomcatEmbeddedServletContainerFactory subclass should be defined as a bean using a @Bean method in a @Configuration class.

More Related Contents:

  1. HTTPURLConnection Doesn’t Follow Redirect from HTTP to HTTPS
  2. How do I serve https and http for Jetty from one port?
  3. Sending HTTP POST Request In Java
  4. How to configure port for a Spring Boot application
  5. Unrecognized SSL message, plaintext connection? Exception
  6. Does a TCP socket connection have a “keep alive”?
  7. Passing multiple variables in @RequestBody to a Spring MVC controller using Ajax
  8. Spring-Boot Jersey: allow Jersey to serve static content
  9. Override default Spring-Boot application.properties settings in Junit Test
  10. Spring Boot how to hide passwords in properties file
  11. Why does my Spring Boot App always shutdown immediately after starting?
  12. How to set base url for rest in spring boot?
  13. how to log Spring 5 WebClient call
  14. Spring Boot – Environment @Autowired throws NullPointerException
  15. How does OkHttp get Json string?
  16. Run Spring-boot’s main using IDE
  17. SpringBoot – BeanDefinitionOverrideException: Invalid bean definition
  18. HTTP headers encoding/decoding in Java
  19. Spring Boot Externalizing properties not working
  20. Spring Security 5 : There is no PasswordEncoder mapped for the id “null”
  21. How to exclude *AutoConfiguration classes in Spring Boot JUnit tests?
  22. How to externalize Spring Boot application.properties to tomcat/lib folder
  23. Encoded password does not look like BCrypt
  24. Reading binary file from URLConnection
  25. javax.net.ssl.SSLException: SSL handshake aborted Connection reset by peer while calling webservice Android
  26. Spring Boot access static resources missing scr/main/resources
  27. bootstrap.yml configuration not processed anymore with Spring Cloud 2020.0
  28. How to modify request body before reaching controller in spring boot
  29. Spring Boot – Reading Text File using ResourceLoader
  30. Enabling CORS globally in Spring Boot

Leave a Comment