按照下面的配置文件设置Nginx代理Springboot

server {
    listen 443 ssl http2;
    server_name example.com;  # change this to your domain name

    # SSL
    ssl_certificate ssl/full.pem;
    ssl_certificate_key ssl/private.key;

    location / {
        proxy_pass http://localhost:8080;  # assuming your Spring Boot app is running on port 8080
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

当使用Spring Security配置好登录和退出逻辑后

http.formLogin()
                .loginPage("/userLogin").permitAll()
                .usernameParameter("username").passwordParameter("password")
                .defaultSuccessUrl("/")
                .failureUrl("/userLogin?error");

http.logout()
        .logoutUrl("/userLogout")
        .logoutSuccessUrl("/userLogin");

访问/userLogin?error/userLogout时,会重定向到 HTTP,而不是维持在 HTTPS。

解决

application.properties添加

server.tomcat.remoteip.remote-ip-header=x-forwarded-for
server.tomcat.remoteip.protocol-header=x-forwarded-proto

本文参考:

HTTPS login with Spring Security redirects to HTTP

Enable HTTPS When Running behind a Proxy Server

标签: none

评论已关闭