Home/ Questions/Q 8880041
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T20:05:11+00:00

I have an application which uses spring (also spring security) where few services were

  • 0

I have an application which uses spring (also spring security) where few services were kept outside the secured resource set by specifying like below in the applicationContext.xml:

<http pattern="/services/rest/nohisb/Msgs" security="none"/>

Now these services needs to be accessed only via https. Container is configured to have https. Requirement is when user access the above service on http, he should be redirected to https (port number too changes, as it in not the default 443).

Is it possible to achieve this via spring ?

thanks

Nohsib

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yes, it is possible to achieve using Spring Channel Processing and PortMapper

    Spring Channel Processing used to define http/https access URL Patterns. For Example-

    Https Access URL- 

    https://localhost/myapp/user/myaccount

    Http: Access URL-

    http://localhost/myapp/home

    Then if user access the secure URL in http mode “http://localhost/myapp/user/myaccount” spring channel security redirect the user to secure URL “https://localhost/myapp/user/myaccount” and vice verse.

    PortMapper Bean is used map non-standard port numbers for HTTP and HTTPS mapping

    Sample Configuration:

    Channel Processing Bean Definition And Port Mapper-

    <bean id="channelProcessingFilter" class="org.springframework.security.web.access.channel.ChannelProcessingFilter">
  <property name="channelDecisionManager" ref="channelDecisionManager"/>
  <property name="securityMetadataSource">
        <security:filter-security-metadata-source path-type="ant">
            <security:intercept-url pattern="/services/rest/nohisb/Msgs**" access="REQUIRES_SECURE_CHANNEL" />
            <security:intercept-url pattern="/**/*.html**" access="REQUIRES_SECURE_CHANNEL" />

            <!-- more pattern definition -->

        </security:filter-security-metadata-source>
  </property>
</bean>

<bean id="channelDecisionManager" class="org.springframework.security.web.access.channel.ChannelDecisionManagerImpl">
  <property name="channelProcessors">
    <list>
        <ref bean="secureChannelProcessor"/>
        <ref bean="insecureChannelProcessor"/>
    </list>
  </property>
</bean>

<bean id="secureChannelProcessor" class="org.springframework.security.web.access.channel.SecureChannelProcessor">
    <property name="entryPoint" ref="secureEntryPoint"/>
</bean>

<bean id="insecureChannelProcessor" class="org.springframework.security.web.access.channel.InsecureChannelProcessor">
    <property name="entryPoint" ref="insecureEntryPoint"/>
</bean>

<bean id="secureEntryPoint" class="org.springframework.security.web.access.channel.RetryWithHttpsEntryPoint">
    <property name="portMapper" ref="portMapper"/>
</bean>

<bean id="insecureEntryPoint" class="org.springframework.security.web.access.channel.RetryWithHttpEntryPoint">
    <property name="portMapper" ref="portMapper"/>
</bean>

<bean id="portMapper" class="org.springframework.security.web.PortMapperImpl">
    <property name="portMappings">
        <map>
            <entry key="80" value="443"/>
            <entry key="8081" value="8443"/>
            <entry key="8443" value="8081"/>
            <!-- so on... -->
        </map>
    </property>
</bean>

    Filter Mapping-

    <security:http auto-config="false" 
            entry-point-ref="authenticationProcessingFilterEntryPoint" 
            access-decision-manager-ref="accessDecisionManager" >

    <security:custom-filter position="CHANNEL_FILTER" ref="channelProcessingFilter"/>

    <security:intercept-url pattern="/*.html*" access="ROLE_ANONYMOUS,admin,user"  />
    <security:intercept-url pattern="/*.jsp" access="ROLE_ANONYMOUS,admin,user" />

    <!-- more pattern definition -->

</security:http>
    • 0