spring boot 应用如果使用了nginx 的proxy 对于spring security 可能会存在退出,重定向到http 跨域的问题(但是我们实际是https)
参考解决方法
- nginx 配置
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
- Spring boot 配置
application.yaml
server:
tomcat:
remoteip:
protocol-header: X-Forwarded-Proto
remote-ip-header: X-Forwarded-For
说明
注意spring boot 版本不同版本以上配置可能会不一样,以上在spring boot 2.5.13 测试通过
参考资料
https://tomcat.apache.org/tomcat-8.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html
https://github.com/spring-projects/spring-framework/blob/v4.3.3.RELEASE/spring-web/src/main/java/org/springframework/web/filter/ForwardedHeaderFilter.java
https://docs.spring.io/spring-boot/docs/2.1.x/reference/html/howto-security.html