Currently, I have an application I'm working on that I use in the cloud (Jelastic). I have added SSL certificates to my cloud environment and I want it now to be able to use https on specific pages. I performed the following methods:
Method 1:
grails.plugins.springsecurity.secureChannel.definition = [ '/login/**': 'REQUIRES_SECURE_CHANNEL' ]
Method 2:
grails.plugins.springsecurity.secureChannel.definition = [ '/login/**': 'REQUIRES_SECURE_CHANNEL' ] grails.plugins.springsecurity.secureChannel.useHeaderCheckChannelSecurity = true grails.plugins.springsecurity.secureChannel.secureHeaderName = 'X-Forwarded-Proto' grails.plugins.springsecurity.secureChannel.secureHeaderValue = 'http' grails.plugins.springsecurity.secureChannel.insecureHeaderName = 'X-Forwarded-Proto' grails.plugins.springsecurity.secureChannel.insecureHeaderValue = 'https'
So, for method 1, it partially works, when you go to the index page in HTTP and then try to go to the login page, you will see an error message:
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
Method 2 does not seem to work at all, and when I go to the HTTP login page, it does not redirect me as I expected, and just works on HTTP, which is strange.
This solution is hosted by Jelastic, as I'm not sure if this could cause some problems, but any help offered would be great.
Thank you in advance
source share