这是解决此问题的解决方案。根据调查,由于8080和8082用于识别HTTP通信和HTTPS通信,因此添加了一些代码来检查端口号,而不是“
isSecure”,以确定是否重定向HTTP请求。代码如下:
public class IsSecureFilter extends GenericFilterBean {private boolean isSecure;private int port;@Overridepublic void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = new RequestWrapper((HttpServletRequest) request); HttpServletResponse res = (HttpServletResponse) response; this.isSecure = req.isSecure(); this.port = req.getLocalPort(); System.out.println("[DEBUG] : isSecure FILTER :: " + isSecure); System.out.println("[DEBUG] : port FILTER :: " + port); System.out.println("[DEBUG] : URL :: " + req.getRequestURL()); String url = req.getRequestURL().toString().toLowerCase(); if(url.endsWith("/login") && url.startsWith("http:") && port == 8080){ url = url.replace("http:", "https:"); String queries = req.getQueryString(); if (queries == null) { queries = ""; } else { queries = "?" + queries; } url += queries; res.sendRedirect(url); } else { chain.doFilter(req, response); }}public boolean isSecure() { return this.isSecure;}public boolean setIsSecure(boolean isSecure) { return this.isSecure = isSecure;}public int getPort() { return port;}public void setPort(int port) { this.port = port;}}
并在WebSecurityConfiguration类中删除http.requiresChannel()。anyRequest()。requiresSecure()。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)