Home > OS >  Spring Boot with embedded Tomcat behind Apache SSL proxy
Spring Boot with embedded Tomcat behind Apache SSL proxy

Time:12-21

I'm searching for a solution to be able to run a Spring application behind an Apache SSL proxy. I tried a lot of configurations without success. All Spring responses go to http causing a Not Found error.

The following is apache configuration:

         SetEnv proxy-initial-not-pooled 1
         ProxyPreserveHost On
         KeepAlive On
         SSLProxyVerify none
         SSLProxyCheckPeerCN off
         SSLProxyCheckPeerName off
         SSLProxyCheckPeerExpire off
         ServerName server.mydomain.dom
         ProxyTimeout 600
         ProxyPass  /excluded !
        RequestHeader set X-Forwarded-Proto https
        RequestHeader set X-Forwarded-Port 443

         ProxyPass / http://127.0.0.1:8081/
         ProxyPassReverse / http://127.0.0.1:8081/

These are the Spring options:

server.port=8081
server.forward-headers-strategy=NATIVE
#server.tomcat.redirect-context-root=false
server.tomcat.remote_ip_header=x-forwarded-for
server.tomcat.protocol_header=x-forwarded-proto
server.tomcat.internal-proxies=.*

I'm using Spring Boot 2.5.6 on Apache Tomcat/9.0.54. The OS Apache is a 2.4.25 version running on a Debian 9.13.

The problem seems to happen after login into the application and logout. If I substitute http to https after the login action, I'm able to navigate into the application. All links works fine until I logout. When I logout the application goes again to http.

CodePudding user response:

I solve the problem. The first step was to add

server.tomcat.use-relative-redirects=true

in the application.properties. With this directive, the proxy works fine.

In the end, I configure the apache/application to use AJP.

  • Related