-
Notifications
You must be signed in to change notification settings - Fork 5.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
hello world sample reverse proxy problem #7081
Comments
Thanks for creating the issue. As this is a hello world sample, we aren't attempting to handle this scenario. |
Hello, I have not created this issue because of helloworld project is not able to run behind proxy. I have used helloworld just as codebase for start. Point of my issue is that documentation is not correct/full. Specifically after applying its suggestions to make project configured for proxy usage, it fails to work. I have found, that problem is not documentation itself, but there is missing requirement for reverse proxy config/behavior. As I have found out, spring project configured as I have described, does need Forwarded header with host filled in and X-Forwarded-prefix. Something like this:
References for nginx an Forwarded header can be found at https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/ (beware of missing host parameter. You should fill it in manually) PS: applying these configs and settings for proxy for project spring-security-oauth2login does not work. But that is another issue (probably documentation issue again). |
If ForwadedHeaderFilter is not working, please report it to https://github.com/spring-projects/spring-framework/issues with details on how to reproduce the issue. |
issue.patch.zip
Summary
I have used sample/boot/helloworld sample project behind reverse proxy and it generates wrong 302 redirection (Location header does not respect X-Forwarded-* headers from reverse proxy).
I have used settings according documentation to allow processing of X-Forwarded-* headers to work, but only with partial success.
Hostname from X-Forwarded-Host is not being used when constructing login form redirect Location header. There is some missing documentation or code/config.
Actual Behavior
Note Location header.
I have done some modifications (all acording spring latest documentation) to "enable behind proxy behavior".
I have modified base project located at https://github.com/spring-projects/spring-security/tree/master/samples/boot/helloworld with these changes:
After this mod, only protocol has been changed according X-Forwarded-proto. i.e. response have header:
Location: https://localhost/index
Header is not changed from previous attempt, i.e. header is
Location: https://localhost/index
.Here is some more progress, url prefix is present:
You can have also a look at similar issue spring-projects/spring-boot#15046 for possible solution. Note that given solution is not in line with documentation.
Expected Behavior
Response header should be
Location: https://example.com/myDevelApp/index
instead ofLocation: https://localhost/myDevelApp/index
.Version
Current version from repository sample, i.e. spring boot v2.2.0.M3.
Sample
To run project I have used this cmdline:
gradle clean build bootRun
Project is based on this:
issue.patch file (also as zipped atachement):
The text was updated successfully, but these errors were encountered: