我似乎不敢大张旗鼓地处理https。我尝试了很多东西,但仍然出现相同的错误。
这是我的HTTPS配置
@Configuration
public class HttpsConfig {
@Bean
public ServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(httpToHttpsRedirectConnector());
return tomcat;
}
private Connector httpToHttpsRedirectConnector() {
Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
connector.setScheme("http");
connector.setPort(8000);
connector.setSecure(false);
connector.setRedirectPort(8080);
return connector;
}
}
在这里,我将显示我的spring安全配置
@EnableGlobalMethodSecurity(
securedEnabled = true,jsr250Enabled = true,prePostEnabled = true)
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private CustomUserDetailsService service;
private UserService users;
public SecurityConfig(CustomUserDetailsService service,UserService users) {
this.service = service;
this.users = users;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/v2/**").permitAll()
.antMatchers("/webjars/**").permitAll()
.antMatchers("/swagger-resources/**").permitAll()
.antMatchers("/swagger-ui.html").permitAll()
.antMatchers(HttpMethod.POST,"/login").permitAll()
.antMatchers(HttpMethod.POST,"/signup").permitAll()
.anyRequest().authenticated()
.and()
.addFilterBefore(new UserPasswordauthenticationFilterToJWT("/login",super.authenticationmanager()),BasicAuthenticationFilter.class)
.addFilterBefore(new UserPasswordSignUpFilterToJWT("/signup",users),BasicAuthenticationFilter.class)
.addFilterBefore(new JWTAuthenticationFilter(),BasicAuthenticationFilter.class);
}
@Override
protected void configure(AuthenticationmanagerBuilder auth) throws Exception {
auth.inmemoryAuthentication()
.withUser("professor").password(new BCryptPasswordEncoder().encode("password")).roles("PROFESSOR").and()
.withUser("student").password(new BCryptPasswordEncoder().encode("password")).roles("STUDENT").and()
.withUser("staff").password(new BCryptPasswordEncoder().encode("password")).roles("STAFF").and()
.withUser("admin").password(new BCryptPasswordEncoder().encode("password")).roles("ADMIN")
.authorities(Collections.emptyList())
.and()
.passwordEncoder(new BCryptPasswordEncoder())
.and()
.userDetailsService(service)
.passwordEncoder(new BCryptPasswordEncoder());
}
}
这是我的应用程序属性
server.ssl.enabled = true
server.ssl.key-store: src/main/resources/clip.p12
server.ssl.key-store-password: 1230012300
server.ssl.key-storeType: pkcs12
server.ssl.keyAlias: clip
我不会介绍这种摇摇欲坠的配置,因为我知道它可以工作,因为它可以在其他项目中工作,并且如果我只是禁用安全性和https,但是如果我使用它们,它会说:
Bad Request
This combination of host and port requires TLS.
我该如何解决?