4

I am using spring boot (1.2.3) and embedded undertow. For security reasons I would prefer to redirect any http request to https but I cannot find an example for doing this.

Here is an example for spring boot and tomcat: Spring boot - Embeded Tomcat HTTP to HTTPS redirect

Does anyone have a solution for doing this with undertow?

Community
  • 1
  • 1
René Reitmann
  • 364
  • 2
  • 17
  • You can find the working solution here. https://stackoverflow.com/a/54908727/7538821 – sam Feb 27 '19 at 15:51

3 Answers3

3

you could add Spring-Security to your project and then configure Spring-Security to enforce https. You could find a small example in the JavaDoc of

org.springframework.security.config.annotation.web.builders.HttpSecurity#requiresChannel()
Chris
  • 46
  • 1
  • According to the docs that should be a solution but since we are currently running on cloudfoundry I implemented a custom filter using the http headers specified here: http://stackoverflow.com/questions/28227583/pivotal-cloudfoundry-enforcing-https-ssl – René Reitmann Jun 21 '15 at 12:22
0

Actually you're gonna have 2 ports in Spring Boot application, so you will have to create another EmbeddedServletContainerFactory telling the new port either http or https. Once the new port is created you can manage the redirect using Spring Mvc or Spring Security.

Carlos Alberto
  • 7,761
  • 13
  • 52
  • 72
-1

Imho this is a concern of a reverse proxy that is handling the http traffic before it comes to your application. Would that be an option for you?

Telamon
  • 46
  • 3