View Javadoc
1   package pk.lucidxpo.ynami.spring.security;
2   
3   import org.apache.catalina.Context;
4   import org.apache.catalina.connector.Connector;
5   import org.apache.tomcat.util.descriptor.web.SecurityCollection;
6   import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
7   import org.springframework.beans.factory.annotation.Value;
8   import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
9   import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
10  import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
11  import org.springframework.context.annotation.Bean;
12  import org.springframework.context.annotation.Configuration;
13  import org.springframework.context.annotation.Profile;
14  
15  import static java.lang.Integer.parseInt;
16  import static org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.DEFAULT_PROTOCOL;
17  
18  @Configuration
19  @Profile("https")
20  @ConditionalOnProperty(name = "config.redirect.http.to.https.enabled", havingValue = "true")
21  public class ServletContainerRedirectHttpToHttpsConfiguration {
22      @Bean
23      public ServletWebServerFactory servletContainer(@Value("${server.secure.port}") final String serverSecurePort,
24                                                      @Value("${server.insecure.port}") final String serverInsecurePort) {
25          final TomcatServletWebServerFactory tomcatServletWebServerFactory = getTomcatServletWebServerFactory();
26          final Connector portRedirectHttpConnector = getPortRedirectHttpConnector(serverSecurePort, serverInsecurePort);
27          tomcatServletWebServerFactory.addAdditionalTomcatConnectors(portRedirectHttpConnector);
28          return tomcatServletWebServerFactory;
29      }
30  
31      private TomcatServletWebServerFactory getTomcatServletWebServerFactory() {
32          return new TomcatServletWebServerFactory() {
33              @Override
34              protected void postProcessContext(final Context context) {
35                  final SecurityConstraint securityConstraint = new SecurityConstraint();
36                  securityConstraint.setUserConstraint("CONFIDENTIAL");
37  
38                  final SecurityCollection collection = new SecurityCollection();
39                  collection.addPattern("/*");
40                  securityConstraint.addCollection(collection);
41  
42                  context.addConstraint(securityConstraint);
43              }
44          };
45      }
46  
47      private Connector getPortRedirectHttpConnector(final String serverSecurePort, final String serverInsecurePort) {
48          final Connector connector = new Connector(DEFAULT_PROTOCOL);
49          connector.setSecure(false);
50          connector.setScheme("http");
51          connector.setPort(parseInt(serverInsecurePort));
52          connector.setRedirectPort(parseInt(serverSecurePort));
53          return connector;
54      }
55  }