@Configuration
@EnableConfigurationProperties
public class SSLConfig {
@Value("${server.port.http}")
private int httpPort;
@Value("${server.port}")
private int httpsPort;
@Bean
public ServletWebServerFactory serverFactory(){
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(createSslConnector());
return tomcat;
}
private Connector createSslConnector(){
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setPort(httpPort);
connector.setScheme("http");
connector.setSecure(false);
connector.setRedirectPort(httpsPort);
return connector;
}我正在使用这个解决方案。目前,所有用户管理器页面都重定向到https,但您希望管理员页面保持为http。有办法吗?管理员包含在同一个项目中。
1条答案
按热度按时间jtjikinw1#
必须添加新的安全集合以进行管理,并将用户约束设置为NONE。
尝试以下内容: