Running Spring boot application port 8080 on EC2 instance.

AWS ELB configured to redirect

     80 -> 8080
     443 (SSL termination happens here) -> 8080

Application uses Spring Security and if you user arrives to http://example.com it will redirect to . I would like to login page to use SSL.

Spring security snippet:

 http.requiresChannel().antMatchers("/login", "/logout").requiresSecure();

We are running into redirect loop which makes sense.

To Spring Boot application it looks like all requests are made to non-secured port 8080, it redirects to https://example.com, goes through ELB and again gets request on 8080

Any ideas on how to run this with AWS ELB ???

Looks like this did the trick:

@Component
public class TomcatCustomizer implements EmbeddedServletContainerCustomizer {

@Override
public void customize(ConfigurableEmbeddedServletContainer container) {
    TomcatEmbeddedServletContainerFactory tomcat = (TomcatEmbeddedServletContainerFactory) container;
    tomcat.addConnectorCustomizers(new TomcatConnectorCustomizer() {
        @Override
        public void customize(Connector connector) {
            connector.setSecure(true);  
        }
    });

}

}

You will have to instantiate your own EmbeddedServletContainerFactory and set the secure property on the connector for this container to true. After that your Ant matcher rule will work.

Alternatively, you can check out the Spring Boot source code available on Github, add code for reading a boolean configuration property called server.channel.secure, setting it on the embedded Tomcat connector and submit a pull request for the Spring team to incorporate into the next release.