SEC-1642: Expand ChannelProcessingFilter to different sub-domains #1883

spring-issuemaster opened this Issue Dec 17, 2010 · 1 comment

1 participant


Scott Murphy (Migrated from SEC-1642) said:

The ChannelProcessingFilter is great if you use the same subdomain for http and https traffic, but if you are a site like facebook ( where you use a different subdomain for https traffic then you can't take advantage of the filter.

The current situation I am trying to use it in is and

As you can see, the channel filter won't work because it will redirect to which is not a valid url.

Have a server-name-mappings tag for mapping http subdomains to https subdomains.


<http use-expressions="true">
    <port-mapping http="8080" https="8443"/>        
        <sever-name-mapping http="" https=""/>  

Luke Taylor said:

I'd prefer not to add something like this to the namespace at this point. It seems like something that would be ideally accomplished using mod_rewrite or UrlRewriteFilter to adjust the domain, rather than by further additions to Spring Security.

It would be possible to accomodate by adding an explicit ChannelProcessingFilter with customized ChannelEntryPoint implementations. But I think something like a Url-rewriting rule would make most sense.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.RC1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment