Support configuring 2 ports for HTTP(S) with WebFlux and Reactor Netty

[juergenzimmermann]

It is documented how to use 2 ports for e.g. HTTP and HTTPS with Spring WebMVC. It would be fine also to have an according section for Spring WebFlux.

[bclozel]

Blocked by reactor/reactor-netty#67

[emvidi]

I am interested in this as well

[tutufool]

I'd also suggest to bring the additional connector feature back to TomcatReactiveWebServerFactory, just like TomcatServletWebServerFactory.

[dawud-tan]

@bclozel does it a good solution? I'd like to bind two connector, http and https, and redirect all http request to https? I got the code from the following so question: Spring webflux: redirect http to https

@Configuration
public class HttpToHttpsRedirectConfig {
    @PostConstruct
    public void startRedirectServer() {
        NettyReactiveWebServerFactory httpNettyReactiveWebServerFactory = new NettyReactiveWebServerFactory(8080);
        httpNettyReactiveWebServerFactory.getWebServer((request, response) -> {
            URI uri = request.getURI();
            URI httpsUri;
            try {
                httpsUri = new URI("https", uri.getUserInfo(), uri.getHost(), 8443, uri.getPath(), uri.getQuery(), uri.getFragment());
            } catch (URISyntaxException e) {
                return Mono.error(e);
            }
            response.setStatusCode(HttpStatus.MOVED_PERMANENTLY);
            response.getHeaders().setLocation(httpsUri);
            return response.setComplete();
        }).start();
    }
}

But I still wonder, how is it differ from ServerHttpSecurity's redirectToHttps() method?

[maslano]

This is pretty important especially for spring cloud gateway, I would like to redirect http to https using gateway

[philwebb]

See also #17144

[rajc28]

I am also interested in it , I am looking for a solution to redirect http requests to https on same port . I have used redirectToHttps() but no luck . After trying multiple ways what I observed is Netty server itself not accepting the http requests when https is enabled. I am using spring webflux

[TalosDx]

2 and a half years have passed since the opening, seriously, no one wants to do this?

[wilkinsona]

@TalosDx If no one wanted this to be supported, the issue would have been closed. As noted above, this issue is blocked by reactor/reactor-netty#67. The best way to move it forward at a pace that meets your needs would be to make a contribution to Reactor Netty.

[TalosDx]

In my opinion, I do not have enough experience to fix reactor/reactor-netty#67. Although I will try.

[ctlove0523]

The latest version of reactor-netty v1.0.0 still does not support more connectors,we need to wait for the next version.

[prettymama]

There's a new comment in reactor/reactor-netty#67, seems to be a workaround. Is it usable in this case? https://github.com/reactor/reactor-netty/issues/67#issuecomment-728132837

[bclozel]

There's no workaround - the Reactor Netty team decided to not support multiple ports in a single server and instead recommend starting several servers. Fortunately, Reactor's immutable server configuration allows us to duplicate the server configuration and just change the port, starting several servers.

We can now work on implementing that feature, but this is a first: we need to start and keep track of multiple server instances: this means considering a few interesting cases like devtools restarts, TLS configuration, metrics, graceful shutdown and more.

I'm removing the "blocked" status as a result but we need to discuss that as a team to figure out the best way to achieve that.

[bclozel]

We've discussed this as a team and we think that right now there's a lot to do if we want to provide this feature. We also feel that supporting this would somehow mean replicating the connector support in other servers. There are many questions about shared Reactor resources (we currently have a shared arrangement between client and server), devtools and others.

For example in the case of metrics, the server is publishing those under specific names and there's no way for two servers to publish metrics to the same registry without overwriting each other.

As a result we're closing this issue for now, since we don't see this happening soon. But we can revisit this decision in the future, depending on the challenges listed here and our priorities.

[yuchonghua]

We've discussed this as a team and we think that right now there's a lot to do if we want to provide this feature. We also feel that supporting this would somehow mean replicating the connector support in other servers. There are many questions about shared Reactor resources (we currently have a shared arrangement between client and server), devtools and others.

For example in the case of metrics, the server is publishing those under specific names and there's no way for two servers to publish metrics to the same registry without overwriting each other.

As a result we're closing this issue for now, since we don't see this happening soon. But we can revisit this decision in the future, depending on the challenges listed here and our priorities.

At present, we are still looking forward to solving this problem

[bennypi]

When using the reactive stack and including the actuator, the management port can be set to a different port. Does this mean this feature is now implemented and ready to be used, or is this a special implementation for actuator that is not viable for other use cases?

[bclozel]

this is only for actuator.