我试图让我的春季安全工作使用亚​​马逊的弹性负载均衡器（ELB）的服务器上。该ELB的端口80上配置为转发到我的应用程序的端口8080和443端口也期待8080。

I'm trying to get my spring security working on a server using Amazon Elastic Load Balancer (ELB). The ELB is configured on port 80 to forward to my app on port 8080 and on port 443 to also forward to 8080.

<security:intercept-url pattern="/login.xhtml"  access="IS_AUTHENTICATED_ANONYMOUSLY" requires-channel="https"  />

<security:port-mappings>
            <security:port-mapping http="80" https="443" />
</security:port-mappings>

每当我访问该页面我进入一个登录循环。不知道如何解决这个问题？不知道春天安全是有这样一个事实问题，ELB是HTTPS流量转发端口443到我在8080端口上的应用程序。

Whenever I access this page I get into a login loop. Any idea how to solve this? Not sure if Spring Security is having issues with the fact ELB is forward traffic from https port 443 to my app on port 8080.

推荐答案

事实证明，Spring Security使用ServletRequest.getServerPort（），以确定它是否正在使用安全端口。使用8080和8443我的tomcat已配置所以当ELB从443请求转发给我的内部的tomcat上8443的Web应用程序并没有接受这是一个安全端口：

It turns out that Spring Security uses ServletRequest.getServerPort() to determine whether it is using a secure port. My tomcat was configured using 8080 and 8443 so when the ELB forward the request from 443 to my internal tomcat on 8443 the webapp did not accept this as a secure port:

20 Jun 18:16:49,184 ["http-bio-8443"-exec-5] DEBUG org.springframework.security. web.access.channel.RetryWithHttpsEntryPoint  - Redirecting to: /login.xhtml

我也尝试过使用proxyport但不可能得到这个工作。 此外，如果你配置Spring Security的端口使用8443，而不是那么它没有做正确的重定向（它将应用程序重定向到8443这犯规存在外部）。

I also tried using the proxyport but couldnt get this to work. Also if you configure the spring security ports to use 8443 instead then it doesnt do the redirect correctly (it will redirect the app to 8443 which doesnt exist externally).

长话短说......以下设置工作： ELB正向80-> 80和443-> 443。 安装Tomcat来使用80和443。 设置端口映射到春季安全使用80和443

Long story short...the following settings worked: ELB forward 80->80 and 443->443. Setup tomcat to use 80 and 443. Setup port mappings to use 80 and 443 on Spring Security