How to serve both http and https layers on the "same" ports with tomcat and Springboot

Thanhpv

New Member
30/3/18
27
6
3
Chào các bạn!

Hoặc là redirect http request -> https cũng tốt.

Mình search về nội dung này trên google thì toàn thấy giải pháp là mỗi layer 1 port riêng thôi.


Bạn nào bíêt concept / giải pháp về vấn đề này giải thich giúp mình với?

Haha mình muốn nó hiện lên là secured (https) trông cho nó đáng tin tưởng =((
 
Sửa lần cuối:

Joe

Thành viên VIP
21/1/13
2,963
1,307
113
Tunneling. HTTP distinguishes from HTTPS in form of the starting communication.
  • HTTP usually starts with POST or PUT or GET.
  • HTTPS always starts with CONNECT.
The communication sequence:
  • PUT or POST always waits for a reply from the server before it (client) starts to send messages.
  • The CONNECT gives the Server the hint that it works with encrypting content and then starts to sends the messages without waiting for the 1st. reply from the server.
 
Sửa lần cuối:

Thanhpv

New Member
30/3/18
27
6
3
I meant:


Client: I am doing this: HTTP: //domain .... ... ...

Server: Hi client. we are pro and safe.

From now on, use my secured protocol and then we serve you. Lets agree on this...
You don't even need to switch the port. Love it!?

HTTPS://domain
{
Beautifull page
}


How to do this with tomcat and Springboot?
 
Sửa lần cuối:

Joe

Thành viên VIP
21/1/13
2,963
1,307
113
Sorry. I am always reluctant to talk about 3rd party software.
 

Thanhpv

New Member
30/3/18
27
6
3
I am sorry my 'so concrete' question. I did not understand your reply was actually what I need to learn.

Is this right what you really meant is something like TUNNELING MULTIPLE PROTOCOLS THROUGH THE SAME PORT ?

If i am right, please continue your share.
 

Thanhpv

New Member
30/3/18
27
6
3
Ok. for Springboot 2.x, here is my solution

1. define separate HTTP and HTTPS ports
2. create config component implement WebServerFactoryCustomizer<TomcatServletWebServerFactory> interface to override default tomcat container
3. Set factory port to https port to override default port of 8080
3. Add another connector to serve the non SSL port
4.Redirect non ssl port to ssl port
5. Rememeber you must have ssl enableed for https port.



Code:
@SpringBootApplication
public class WebApplication extends SpringBootServletInitializer { //Extends SpringBootServletInitializer to support war bundle

// //HTTP port
   @Value("${http.port}")
   private int httpPort;

   @Value("${server.port}")
   private int httpsPort;

    public static void main(String[] args)  {
        SpringApplication.run(WebApplication.class, args);
    }


   @Component
   public class CustomContainer implements WebServerFactoryCustomizer<TomcatServletWebServerFactory> {

      @Override
      public void customize(TomcatServletWebServerFactory factory) {
         factory.setPort(httpsPort);
      }

      private Connector createConnector(String scheme, boolean secure) {
         Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");

         connector.setScheme(scheme);
         connector.setSecure(secure);
         connector.setPort(httpPort);
         connector.setRedirectPort(httpsPort);

         return connector;
      }

      // spring boot 2.x
      @Bean
      public ServletWebServerFactory servletContainer() {
         TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
            @Override
            protected void postProcessContext(Context context) {
               SecurityConstraint securityConstraint = new SecurityConstraint();
               securityConstraint.setUserConstraint("CONFIDENTIAL");
               SecurityCollection collection = new SecurityCollection();
               collection.addPattern("/*");
               securityConstraint.addCollection(collection);
               context.addConstraint(securityConstraint);
            }
         };
         tomcat.setPort(httpsPort);
         tomcat.addAdditionalTomcatConnectors(createConnector("http", false));
         return tomcat;
      }

   }



}