mercredi 18 février 2015

Java Spring how to force https ssl in webapplicationinitializer?

To force https in web.xml i was using this code snippet:



<security-constraint>
  <web-resource-collection>
      <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
</security-constraint>


Is there an equivalent for this in Spring Java Config? I already figured out that i need a ServletSecurityElement. But how do i connect it to the rest?



public class WebAppInitializer implements WebApplicationInitializer {
    @Override
    public void onStartup(ServletContext container) throws ServletException {
        AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
        container.addListener(new ContextLoaderListener(context));
        context.register(PersistenceJPAConfig.class);

        FilterRegistration filter = container.addFilter("wicket.myproject", WicketFilter.class);
        filter.setInitParameter("applicationClassName", WicketApplication.class.getName());
        filter.setInitParameter(WicketFilter.FILTER_MAPPING_PARAM, "/*");
        filter.addMappingForUrlPatterns(null, false, "/*");

        HttpConstraintElement forceHttpsConstraint = new HttpConstraintElement(ServletSecurity.TransportGuarantee.CONFIDENTIAL, "");
        ServletSecurityElement securityElement = new ServletSecurityElement(forceHttpsConstraint);
    }
}

Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)