Hi,
I am using grails spring security to secure the url. I specify in
grails:
grails.plugins.springsecurity.secureChannel.definition = [
'/': 'REQUIRES_INSECURE_CHANNEL',
'/**': 'REQUIRES_SECURE_CHANNEL',
]
to make the homepage use http and all other url use https. This works fine
locally with port: 8080 and 8443.
On tomcat, I configure server.xml in this way:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443" />
<Connector protocol="org.apache.coyote.http11.Http11AprProtocol"
port="8443"
maxThreads="200" scheme="https" secure="true" SSLEnabled="true"
SSLCertificateKeyFile="${catalina.base}/conf/www.domain.com.key"
SSLPassword="password"
SSLCertificateFile="${catalina.base}/conf/www.domain.com.crt"
SSLCertificateChainFile="${catalina.base}/conf/www.domain.com.ca-bundle"
enableLookups="false" clientAuth="false" sslProtocol="TLS"
/>
To make the server could visited through 80 and 443. I add to iptables
rules:
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 8080
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 443 -j REDIRECT
--to-port 8443
The problem is that:
1. If I visit https://www.domain.com , it says there is a infinite redirect
loop
2.If I visit http://www.domain.com:8080, it works perfectly.
3. If I visit http://www.domain.com, it only download the content and can
not download css, js since the https://www.domain.com/css is not accessible
as described in 1.
Anyone could help me on this problem? Thank you so much.
Best,
Gavin
