The displayed url of the routes of the apps on Bluemix start with http and did you know that the https is supported (implicitly), well, this had been my recent finding. The next question would be how to enforce routing via https only and not through http. I prefer to do it programmatically, nevertheless, am exploring more on the options offered by Bluemix. The idea is to get the scheme of the incoming request using request.getScheme(), check if it is equal to http then redirect to https url. For a traditional java web app this could be achieved by using a Servlet Filter and for spring based applications create a CustomHandler extending the HandlerInterceptorAdapter, override the preHandle() method. If you are using Spring Boot, the main class need to extend the WebMvcConfigurerAdapter and override the addInterceptor() method to add the CustomHandler to the registry.
No comments:
Post a Comment