Open xenoterracide opened 7 years ago
any updates on this issue?
Spring Security just uses the information from the container. This is a question about how to setup your container for using a proxy server correct. Try the instructions in Proxy Server Configuration or Running Behind a Front-end Proxy Server
@rwinch ... seems suspect since what I put in this ticket suggested that I did follow those instructions, and it was working for everything else.
P.S. I appreciate the timely response.
... looks at what I wrote very carefully...
actually could be my problem was that I didn't change the header to CloudFront-Forwarded-Proto
... I don't have time to verify this though.
Summary
I've got my spring boot container behind Amazon cloudfront with the following settings
it has worked well for everything so (including some returned Hateoas links) except now for logout. I set the logout url to
/
it's returning the right domain, but not https. `Actual Behavior
post to logout, via proxy via https://domain.tld returns a 302 http://domain.tld/
Expected Behavior
post to logout, via proxy via https://domain.tld should return a 302 https://domain.tld/
Configuration
Version
4.0.x