Spring Security Https Wrong Port

1
votes

When I use my https login page on my site the spring security forward is using the wrong port:

https://www.mywebsite.com:80/j_spring_security_check?j_username=test&j_password=test&_spring_security_remember_me=false

My login bean does the following:

    ExternalContext ec = context.getExternalContext();


    String encodedURL = ec.encodeResourceURL(ec.getRequestContextPath() + "/j_spring_security_check?j_username=" + userId + "&j_password=" + password + "&_spring_security_remember_me=" + rememberMe );
    logger.info(encodedURL);
    ec.redirect(encodedURL);

Also tried:

ExternalContext context = FacesContext.getCurrentInstance()
            .getExternalContext();

    RequestDispatcher dispatcher = ((ServletRequest) context.getRequest())
            .getRequestDispatcher("/j_spring_security_check");

    dispatcher.forward((ServletRequest) context.getRequest(),
            (ServletResponse) context.getResponse());

    FacesContext.getCurrentInstance().responseComplete();
    // It's OK to return null here because Faces is just going to exit.
    return null;

Server.xml:

<Connector port="80" protocol="HTTP/1.1" 
           connectionTimeout="20000" 
            redirectPort="443" />

<Connector port="443" protocol="HTTP/1.1" scheme="https" secure="true"/>

Not sure why its using the wrong port...

2
jsfspring-security

2 Answers

2
votes

You need to configure your SSL/HTTPS port in your namespace config like this:

<security:port-mappings>
    <security:port-mapping http="8090" https="8443"/>
    <security:port-mapping http="8080" https="8443"/>
</security:port-mappings>
1
votes

Changed <Connector port="443" protocol="HTTP/1.1" scheme="https" secure="true"/> to <Connector port="443" proxyPort="443" protocol="HTTP/1.1" scheme="https" secure="true"/> and it worked