Menu
I have a simple spring boot application that already runs: I can curl to hit the endpoints, etc.
I'm trying to configure it for use with HTTPS per the spring boot reference guide (pg 115) and added code like so to my @Configuration class:
@Bean
@Inject
public EmbeddedServletContainerCustomizer tomcatCustomizer(@Value("${keystore.file}") String keystoreFile,
@Value("${keystore.password}") String keystorePassword,
@Value("${keystore.type}") String keystoreType,
@Value("${keystore.alias}") String keystoreAlias) throws FileNotFoundException
{
final String absoluteKeystoreFile = ResourceUtils.getFile(keystoreFile).getAbsolutePath();
EmbeddedServletContainerCustomizer tomcatCustomizer = (ConfigurableEmbeddedServletContainer factory) -> {
TomcatEmbeddedServletContainerFactory containerFactory = (TomcatEmbeddedServletContainerFactory) factory;
containerFactory.addConnectorCustomizers((TomcatConnectorCustomizer) (Connector connector) -> {
connector.setSecure(true);
connector.setScheme("https");
connector.setAttribute("keystoreFile", absoluteKeystoreFile);
connector.setAttribute("keystorePass", keystorePassword);
connector.setAttribute("keystoreType", keystoreType);
connector.setAttribute("keyAlias", keystoreAlias);
connector.setAttribute("clientAuth", "false");
connector.setAttribute("sslProtocol", "TLS");
connector.setAttribute("SSLEnabled", true);
});
};
return tomcatCustomizer;
}
However, with only this code addition, my previously working app now gets the following stack trace:
Caused by: java.lang.IllegalArgumentException: A ServletContext is required to configure default servlet handling
at org.springframework.util.Assert.notNull(Assert.java:112)
at org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer.<init>(DefaultServletHandlerConfigurer.java:54)
at org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport.defaultServletHandlerMapping(WebMvcConfigurationSupport.java:346)
at org.springframework.web.servlet.config.annotation.DelegatingWebMvcConfiguration$$EnhancerBySpringCGLIB$$f697b5e2.CGLIB$defaultServletHandlerMapping$23(<generated>)
at org.springframework.web.servlet.config.annotation.DelegatingWebMvcConfiguration$$EnhancerBySpringCGLIB$$f697b5e2$$FastClassBySpringCGLIB$$972d2616.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228)
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:312)
at org.springfr.web.servlet.config.annotation.DelegatingWebMvcConfiguration$$EnhancerBySpringCGLIB$$f697b5e2.defaultServletHandlerMapping(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:166)
... 16 more
I verified that the properties are coming in correctly to the method, and tried adding/removing @WebAppConfiguration as suggested by this question
My gradle file is using spring-boot-starter-web:1.0.0.RELEASE.
The questions are: How do I correctly configure https with spring boot? Why does my the app work when I don't try to configure tomcat, and break when I do try to configure tomcat?
Thanks
373
Just after posting this question, I discovered the answer:
For how to correctly configure https with spring boot: The code listed above was originally added to my @Configuration SecurityConfig extends WebSecurityConfigurerAdapter. When I moved the tomcat customization to its own @Configuration class, it worked.
For why: Presumably the WebSecurityConfigurerAdapter is called earlier in the application context lifecycle than the rest of the @Configurations.
187
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
