有沒有什麼辦法可以在spring-security的某些頁面上強制https？

Question

目前我正在使用tomcat 6和spring-security 3.0.3.RELEASE沒有Apache。

我可以強制https登錄頁面，它工作得很好。

下一個配置用於阻止通過http訪問某些頁面。

<http use-expressions="true"> 
    <intercept-url pattern="/" access="permitAll" /> 
    <intercept-url pattern="/login" access="permitAll" requires-channel="https" /> 
    <intercept-url pattern="/spring_security_login" access="permitAll" requires-channel="https" /> 
    <intercept-url pattern="https://stackoverflow.com/users/new" access="permitAll" requires-channel="https" /> 
    <intercept-url pattern="https://stackoverflow.com/users/authorize/*" access="isAuthenticated()" /> 


    <!--<form-login /> --> 
    <form-login login-page="/login" /> 
    <logout /> 
    <remember-me /> 

    <!-- 
     Uncomment to enable X509 client authentication support <x509 /> 
    --> 
    <!-- Uncomment to limit the number of sessions a user can have --> 
    <session-management> 
     <concurrency-control max-sessions="10000" 
      error-if-maximum-exceeded="true" /> 
    </session-management> 

</http> 

但是，如果我嘗試訪問，例如，/買家/新非HTTPS鏈接 http://localhost:8085/path/buyers/new我得到一個錯誤：

The page isn't redirecting properly 

Firefox has detected that the server is redirecting the request for this address in a way that will never complete. 

    * This problem can sometimes be caused by disabling or refusing to accept 
      cookies. 

Cookies是允許的，所以我認爲這不是問題。當我嘗試訪問上述鏈接時，我在Chrome中遇到了類似的錯誤。

在我的配置端口8085是非SSL端口。 SSL在端口8443上配置，並且工作正常。

我希望對某些頁面的所有訪問嘗試都重定向到https。

任何意見將不勝感激。

最好的問候， Tiho

Answer 1

添加port-mappings部分，將HTTP配置：

<http use-expressions="true"> 
... 
    <port-mappings> 
     <port-mapping http="8085" https="8443"/> 
    </port-mappings> 
</http>