热门文章
 当前位置:技术文章 > 编程面试题 >

添加HTTPS支持会导致循环重定向

问题内容

我在Web应用程序中使用Spring Secutiry框架。我已经安装了SSL证书,并能够通过进入我的应用程序https。现在,当我requires- channel="https"向所有intercept-url指令添加属性时,服务器响应:

Error 310 (net::ERR_TOO_MANY_REDIRECTS) to many connections

Spring每次都会运行以下代码:

64050 [http-bio-8080-exec-1] DEBUG org.springframework.security.web.FilterChainProxy  - / at position 1 of 12 in additional filter chain; firing Filter: 'ChannelProcessingFilter'
64050 [http-bio-8080-exec-1] DEBUG org.springframework.security.web.util.AntPathRequestMatcher  - Checking match of request : '/'; against '/'
64050 [http-bio-8080-exec-1] DEBUG org.springframework.security.web.access.channel.ChannelProcessingFilter  - Request: FilterInvocation: URL: /; ConfigAttributes: [REQUIRES_SECURE_CHANNEL]
64050 [http-bio-8080-exec-1] DEBUG org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint  - Redirecting to: https://sky-handling.ejl-group.com/
64050 [http-bio-8080-exec-1] DEBUG org.springframework.security.web.DefaultRedirectStrategy  - Redirecting to 'https://sub.domain.com/'

我该如何解决?

谢谢

UPD#1:

<http use-expressions="true">
  <form-login login-page="/wellcome/" login-processing-url="/login" default-target-url="/" always-use-default-target="false"
            authentication-failure-url="/wellcome/?error=1" username-parameter="email" password-parameter="password" />
  <remember-me key="temp" token-validity-seconds="-1" />
  <logout invalidate-session="true" logout-success-url="/" logout-url="/logout"/>
  <intercept-url pattern="/" access="authenticated"/>
  <intercept-url pattern="/administration/**" access="authenticated"/>
  <intercept-url pattern="/wellcome/" access="permitAll"/>
  <intercept-url pattern="/login" access="permitAll"/>
  <custom-filter ref="ajaxTimeoutRedirectFilter" after="EXCEPTION_TRANSLATION_FILTER"/>
</http>

我将现有证书导入密钥库并配置了tomcat,但是如果添加以下行:

<VirtualHost _default_:443>
        SSLEngine on
        SSLCertificateFile /usr/local/ssl/crt/public.crt
        SSLCertificateKeyFile /usr/local/ssl/private/*.ejl-group.com.key
        SSLCACertificateFile /usr/local/ssl/crt/intermediate.crt
        ServerName sub.domain.com
        ProxyRequests Off
        ProxyPreserveHost On
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
        ProxyPass / http://localhost:8443/
        ProxyPassReverse / http://localhost:8443/
</VirtualHost>

它因503 Service Temporarily Unavailable错误而失败


问题答案:

我通过在security.xml文件中添加端口映射来解决此问题:

<http>
   <port-mappings>
        <port-mapping http="8088" https="8443"/>
        <port-mapping http="80" https="443"/>
   </port-mappings>
</http>

这个博客对我有帮助:http :
//consultingblogs.emc.com/richardtiffin/archive/2010/10/15/applying-ssl-to-a-
spring-web-application-on-
tomcat.aspx