Force spring data rest to use https scheme

Question

I’m using spring-data-rest in my application which is behind apache reverse proxy that redirects from HTTP to HTTPS

This in turn leads to wrong hrefs: http instead https scheme.

Example:

{
  "_links" : {
    "profile" : {
      "href" : "http://my.host/api/profile"
    }
  }
}

Is there any way I can configure spring.data.rest to force use https scheme?

It is unclear how you produce your links. Anyway, keep in mind that proxypass(reverse) works on HTTP protocol headers, so it doesn't have anything to do with the protocol you use in your webapp. So probably there is nothing to setup, other than check Apache proxypass configuration, or check your webapp or - hugh - your Tomcat config. — Sampisa, Nov 01 '16 at 15:05

score 6 · Accepted Answer · answered Nov 01 '16 at 14:57

After digging in the source code, I found out that all link creations originates from this point and it seems to be impossible to configure forced use of https scheme in a 'standard' way.

So I created a filter that replaces http:// to https:// in request URL and the problem has gone. Here is the snippet:

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {

        HttpServletRequest request = (HttpServletRequest) servletRequest;
        final HttpServletRequestWrapper wrapped = new HttpServletRequestWrapper(request) {
            @Override
            public StringBuffer getRequestURL() {
                final StringBuffer originalUrl = ((HttpServletRequest) getRequest()).getRequestURL();
                final String updatedUrl = originalUrl.toString().replace("http://", "https://");
                return new StringBuffer(updatedUrl);
            }
        };
        filterChain.doFilter(wrapped, servletResponse);
    }

score 2 · Answer 2 · answered Jun 01 '21 at 10:06

2

I'm a little bit not sure but. I did following and it seems links work.

server:
  forward-headers-strategy: NATIVE

answered Jun 01 '21 at 10:06

Jin Kwon

20,295
14
115
184

score 2 · Answer 3 · answered Oct 28 '21 at 10:39

I was having the same problem and it is all the answers those helped me to find a simple solution in 2 steps :

I added configuration in my spring-data-rest v2.5.4 application to use X-Forwarded-* headers

import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.ForwardedHeaderFilter;


@Configuration()
public class ApiConfiguration {

  @Bean()
  ForwardedHeaderFilter forwardedHeaderFilter() {
    return new ForwardedHeaderFilter();
  }
}

I added comfiguration to my proxy (nginx v1.20.0) to forward scheme, host and port

location /api {
  proxy_pass       http://localhost:8080;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_set_header X-Forwarded-Host  $host;
  proxy_set_header X-Forwarded-Port  $server_port;
}

Hope that it will help next ones

score 0 · Answer 4 · answered Dec 19 '18 at 08:03

Actually, Spring Data Rest uses HATEOAS which support special headers from proxy requests, check this out:

The header you are looking for is: X-Forwarded-Proto

Force spring data rest to use https scheme

4 Answers4