4

I currently have an application I am working on that I am using in the cloud (Jelastic). I have added SSL certs to my Cloud environment and want to be able o now use https on certain pages. I have implemented the below methods of doing this:

Method 1:

grails.plugins.springsecurity.secureChannel.definition = [
   '/login/**':         'REQUIRES_SECURE_CHANNEL'
]

Method 2:

grails.plugins.springsecurity.secureChannel.definition = [
   '/login/**':         'REQUIRES_SECURE_CHANNEL'
]

grails.plugins.springsecurity.secureChannel.useHeaderCheckChannelSecurity = true
grails.plugins.springsecurity.secureChannel.secureHeaderName = 'X-Forwarded-Proto'
grails.plugins.springsecurity.secureChannel.secureHeaderValue = 'http'
grails.plugins.springsecurity.secureChannel.insecureHeaderName = 'X-Forwarded-Proto'
grails.plugins.springsecurity.secureChannel.insecureHeaderValue = 'https'

So for method 1 it partly works as when you go to the index page in HTTP and then try to go to the login page you will be shown an error message saying:

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

Method 2 however does not seem to work at all and when I go to the Login page on HTTP it does not redirect me as I would expect and just seems to work on HTTP which is strange.

This solution is hosted in Jelastic as I mention so not sure is that could be causing some issues, but any help offered would be great.

Thanks in advance

user723858
  • 1,017
  • 3
  • 23
  • 45
  • What appserver are you running it on ? – allthenutsandbolts May 17 '13 at 13:41
  • Jelastic Tomcat 6 Java 6 – user723858 May 17 '13 at 14:16
  • Two config thoughts: 1) make sure your `grails.serverURL` config setting is defined properly 2) the defaults for `grails.plugins.springsecurity.portMapper.httpPort` and `...httpsPort` are 8080 and 8443, which work fine in default development environments but often must be overridden in test / production. – Andrew May 17 '13 at 15:06
  • Have you configured tomcat to run https ? I know you have to configure tomcat to run on port 8443 and then forward traffic to port 443. Before you deploy this on cloud have you tried to run this application locally and see if you can run it using https ? – allthenutsandbolts May 17 '13 at 18:15
  • Jelastic uses port 8743 for HTTPS requests. The same problem was discussed at Jelastic community here: http://community.jelastic.com/index.php/topic/444-https-gets-redirected-to-port-80-ssl-error-107/page__p__1034__hl__8743#entry1034 – Daria May 21 '13 at 10:40
  • would you have an answer to this question by any chance? I have a very similar problem in AWS (I know the case is cold now but who knows). – peveuve May 19 '15 at 10:35

1 Answers1

3

I used the following config for deploying on to prod server. Then it started on https. I am using jdk 1.8 and Tomcat 8.

grails.plugin.springsecurity.portMapper.httpPort = 80
grails.plugin.springsecurity.portMapper.httpsPort = 443
grails.plugin.springsecurity.secureChannel.secureHeaderName = 'X-FORWARDED-PROTO'
grails.plugin.springsecurity.secureChannel.secureHeaderValue = 'http'
grails.plugin.springsecurity.secureChannel.insecureHeaderName = 'X-FORWARDED-PROTO'
grails.plugin.springsecurity.secureChannel.insecureHeaderValue = 'https'
grails.plugin.springsecurity.auth.forceHttps = true
grails.plugin.springsecurity.secureChannel.definition = [
        '/**':               'REQUIRES_SECURE_CHANNEL'
]
Baldrick
  • 23,882
  • 6
  • 74
  • 79
user3877963
  • 348
  • 3
  • 7