Grails 和 AWS 强制执行 SSH/HTTPS
我已经为此苦苦挣扎了几天,但我认为这与亚马逊的 AWS 有关。我想强制执行 SSH/HTTPS,这样如果用户无意中访问 HTTP:// myaddress.com,他们将被重定向到 HTTPS:// myaddress.com。我已将其添加到我的 config.groovy 文件中:
environments {
production {
// force all traffic over HTTPS in production
grails.plugins.springsecurity.secureChannel.definition = [
'/**': 'REQUIRES_SECURE_CHANNEL'
]
}
问题是,当我上传到亚马逊 AWS 时,我的应用程序将无法正常运行。我的 catalina.out 文件中没有收到错误。唯一的迹象是状态不会从红色变为绿色,并且有系统健康检查未通过的警告。当我导航到 HTTP 或 HTTPS 地址时,页面为空白,没有错误。有谁遇到过这个或者知道问题是什么?该应用程序似乎很好(由于没有错误),但它没有被正确重定向。我已经安装了 Spring Security,并且已经设置了 HTTPS。
此外,网址使用 DNS,因此 HTTPS 的地址与控制器的地址不同。 谢谢 杰森
I've been struggling with this for a few days now but I think it has something to do with Amazon's AWS. I want to enforce SSH/HTTPS, so that if a user inadvertanly goes to HTTP:// myaddress.com they will be redirected to HTTPS:// myaddress.com. I have added this to my config.groovy file:
environments {
production {
// force all traffic over HTTPS in production
grails.plugins.springsecurity.secureChannel.definition = [
'/**': 'REQUIRES_SECURE_CHANNEL'
]
}
The problem is that when I upload to amazons AWS, my application will not run properly. I get no errors in my catalina.out file. The only indication is that the status will not turn from red to green and there is a warning that the system health check did not pass. When I navigate to either HTTP or HTTPS address the page is blank white with no errors. has anyone come across this or know what the problem is? It seems like the app is fine (due to no errors) but it is not being properly redirected. I have Spring Security installed, and HTTPS is already set up.
also, the web address uses a DNS, so the address for the HTTPS is not the same as the controllers.
thanks
jason
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
只是一个想法...您是否在 AWS beanstalk 应用程序配置中设置了 https 端口?
http://docs.amazonwebservices。 com/elasticbeanstalk/latest/dg/index.html?using-features.managing.elb.html
Just a thought... Did you set up https port in the AWS beanstalk application configuration?
http://docs.amazonwebservices.com/elasticbeanstalk/latest/dg/index.html?using-features.managing.elb.html
您是否要在 EC2 LB 处终止 SSL?如果是这样,EC2 将设置 x-forwarded-proto 标头并通过 HTTP 转发请求。您的生产配置需要以不同的方式处理这个问题。查看 http:// grails-plugins.github.com/grails-spring-security-core/docs/manual/guide/17%20Channel%20Security.html 他们谈论标题检查。如果LB正在终止SSL,您将无法检查Web服务器上的HTTP协议。 HTH。
Are you terminating SSL at the EC2 LB? If so, the EC2 will set the x-forwarded-proto header and forward the request over HTTP. Your production config needs to handle that differently. Checkout http://grails-plugins.github.com/grails-spring-security-core/docs/manual/guide/17%20Channel%20Security.html where they talk about Header Checking. If the LB is terminating the SSL, you can't check the HTTP protocol on the webserver. HTH.