How can spring use https to request automatically?
I am implementing a web application using spring 3.2.8.RELEASE and tomcat 7.0.55.
I need spring to use https for some requests like '/ login', but not all requests.
The app works on http and https fine, but I want to filter out some request to run on https automatically.
How can I configure spring to do this?
source to share
You can customize this https by adding a require-channel-attribute to each intercept url.
For example:
<security:intercept-url pattern="/your_url" access="your_role" requires-channel="https"/>
EDIT:
Mandatory spring security mappings in web.xml:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
I hope this works.
source to share
If your application supports both HTTP and HTTPS and you need certain URLs to be accessible only over HTTPS, then this is directly supported using the require-channel attribute:
<http>
<intercept-url pattern="/secure/**" access="ROLE_USER" requires-channel="https"/>
<intercept-url pattern="/**" access="ROLE_USER" requires-channel="any"/>
...
</http>
source to share
Spring uses a controller servlet for all of its internal url mapping. To avoid using this controller, change the URL mapping in the Web.xml file.
See a similar answer: Spring MVC URL Sample in web.xml?
OR have a look at the spring documentation on configuring "front controller" here: http://docs.spring.io/spring/docs/current/spring-framework-reference/html/mvc.html . It will also give you a good overview of how it works and fits together.
Good luck and let me know if you need more help!
BTW: I thought I would pick this for good measure. Here you can see that the display matches /example/...
. You can also configure this file type in your spring config file, but it all follows the same principle.
<web-app>
<servlet>
<servlet-name>example</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>example</servlet-name>
<url-pattern>/example/*</url-pattern>
</servlet-mapping>
</web-app>
source to share