-
-
Notifications
You must be signed in to change notification settings - Fork 87
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
issue of accept HTTP connection behind a SSL enabled proxy #83
Comments
Will fix. If it's ok for you, I'll just drop the (P.S., you could use cert-manager and letsencrypt to provision certificates with well-known root authority and have end-to-end SSL connection, but I understand that forcing non https when SSL is disabled in Spring can be an issue) |
Just released |
Thanks for you quick fix. BTW, I'm using cert bot to generate certificate automatically. But these are done from ingress nginx side. From java side, it is using non-encrypted communication. |
If at least one channel is not encrypted, then it's not end-to-end encryption ;) I'll have look later this night (Tahiti time) to fix 5.x branch, but if you're using boot 2.7, then your have a foot in spring-security 5 and the other in spring security 6 (boot 2.7 stopped half way IMO...). 5.x branch will keep targeting boot 2.6 (but you can override that in your project, of course) I suggest you bump to boot 3, it shouldn't be much of an effort (mostly search and replace |
Well, I'd like to use spring-boot 3. But some of my dependencies are still with old servlet package name. This is expected to be solved in next few weeks. |
I am releasing a |
tested locally, by simply remove the |
Both |
thanks for your quick support again. |
Describe the bug
I'm running application on Kubernetes. Where SSL connection is handled on ingress (nginx) side, and java application is using HTTP. Now there are to situation:
becuase I set to redirect all http traffic to https on ingress, then this become endless redirect and causing error
Error: Exceeded maxRedirects. Probably stuck in a redirect loop
in the end2. if i defined server.ssl.enabled=true, then I must generate and define certificate / keystore in java, which is not neccessary in my case
Code sample
Problematic code are as below
Expected behavior
when using behind a SSL proxy and not using SSL on java side, do not reject connection or redirect
Additional context
The text was updated successfully, but these errors were encountered: