I'm trying to set up Spring Security to work with Spring Boot's embedded Tomcat instance. There are quite a few basic samples that do this but I'm stuck where they leave off -- they do basic authentication over HTTP (not HTTPS).
I could probably make it work if I had access to the Tomcat configuration files (server.xml
) but since Spring Boot uses an embedded Tomcat instance (which is otherwise a huge convenience), I dont have access to the Tomcat configuration files (at least, not to my knowledge).
There may be an application.properties
setting for this but I haven't been able to track it down. I've seen references to a server.contextPath
field in application.properties
that I suspect may have something to do with replacement Tomcat config files. Even if it is related, I wouldn't know where to begin anyway -- all of the Tomcat SSL instructions I've seen start with editing an existing server.xml
file, not building one from scratch.
Can this be done with Spring Boot (either by somehow specifying a snippet of server.xml
or through other means)? If not, what would be the simplest way to do this? I understand that I may need to exclude the Tomcat component of Spring Boot but I'd prefer to avoid that if possible.
This question is related to
spring
tomcat
spring-boot
And here's an example of the customizer implemented in Groovy:
If you don't want to implement your connector customizer
, you can build and import the library (https://github.com/ycavatars/spring-boot-https-kit) which provides predefined connector customizer
. According to the README, you only have to create your keystore, configure connector.https.*
, import the library and add @ComponentScan("org.ycavatars.sboot.kit")
. Then you'll have HTTPS connection.
Starting with Spring Boot 1.2, you can configure SSL using application.properties
or application.yml
. Here's an example for application.properties
:
server.port = 8443
server.ssl.key-store = classpath:keystore.jks
server.ssl.key-store-password = secret
server.ssl.key-password = another-secret
Same thing with application.yml
:
server:
port: 8443
ssl:
key-store: classpath:keystore.jks
key-store-password: secret
key-password: another-secret
Here's a link to the current reference documentation.
For external keystores, prefix with "file:"
server.ssl.key-store=file:config/keystore
Source: Stackoverflow.com