springboot shiro 解决https redirect重定向后https变成http问题

最新推荐文章于 2025-04-11 16:24:16 发布

冰雪Love齐迹

最新推荐文章于 2025-04-11 16:24:16 发布

阅读量1w

点赞数 4

CC 4.0 BY-SA版权

本文链接：https://blog.youkuaiyun.com/liqi_q/article/details/99681873

本文介绍了一种通过Spring Boot配置过滤器实现HTTP到HTTPS重定向的方法。利用AbsoluteSendRedirectFilter过滤器，可以确保所有HTTP请求被重定向到HTTPS，增强网站安全性。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

配置过滤器

import com.lenovo.ruler.manage.system.filter.AbsoluteSendRedirectFilter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;

@Component
@ConditionalOnProperty(name = "server.scheme.chanage.enabled", havingValue = "true") // 开启注解才会启动
public class RedirectFilterConfig {

    @Bean
    public FilterRegistrationBean registFilter() {

        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(new AbsoluteSendRedirectFilter());
        registration.addUrlPatterns("*");
        registration.setName("filterRegistrationBean");
        registration.setOrder(1);
        return registration;
    }

}

import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class AbsoluteSendRedirectFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        RedirectResponseWrapper redirectResponseWrapper = new RedirectResponseWrapper(request, response);
        filterChain.doFilter(request, redirectResponseWrapper);
    }

}

http重写成https

import org.apache.commons.lang.StringUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;

public class RedirectResponseWrapper extends HttpServletResponseWrapper {

    private final HttpServletRequest request;

    public RedirectResponseWrapper(final HttpServletRequest inRequest, final HttpServletResponse response) {
        super(response);
        this.request = inRequest;
    }

    @Override
    public void sendRedirect(final String pLocation) throws IOException {

        if (StringUtils.isBlank(pLocation)) {
            super.sendRedirect(pLocation);
            return;
        }

        try {
            final URI uri = new URI(pLocation);
            if (uri.getScheme() != null) {
                super.sendRedirect(pLocation);
                return;
            }
        } catch (URISyntaxException ex) {
            super.sendRedirect(pLocation);
        }

        // !!! FIX Scheme  !!!
        String finalurl = "https://" + this.request.getServerName();
        if (request.getServerPort() != 80 && request.getServerPort() != 443) {
            finalurl += ":" + request.getServerPort();
        }
        finalurl += pLocation;
        super.sendRedirect(finalurl);
    }

}