I have successfully got my app to work with the load balancer. As a cost-cutting measure I'm moving my app to a single instance on Amazon AWS Elastic Beanstalk.
I was able to create an .ebextensions file with a singlessl.config and properly get my SSL cert to work in the WAR file by manually going to https://www.example.com/login
So I know my war file/ssl do work on a single instance.
What I have not been able to get to work is getting spring security to work.
No matter what variation of configuration I try the browser always dies with 'error too many redirects'. This happens when I type in just the home page for the app without https (http://example.com)
I think the redirects are going from http to https and back, or something in the app/apache/tomcat going back between different ports.
There is something amiss between spring security, apache, and/or tomcat, but I'm not sure what.
At this point if the entire website is secure I would take that instead of having secure/non-secure pages.
My grails spring security config (the last variation I tried, there were about 10 I've attempted) is:
grails.serverURL = "https://www.example.com"
grails.plugins.springsecurity.portMapper.httpPort = 80
grails.plugins.springsecurity.portMapper.httpsPort = 443
grails.plugins.springsecurity.auth.forceHttps = true
grails.plugin.springsecurity.secureChannel.definition = [
'/**': 'REQUIRES_SECURE_CHANNEL'
Is there something I have to do in Tomcat or Apache to get this to work in Elastic Beanstalk?
Check here for spring security channel security configuration. Also you may need to provide :
In .ebextensions, you can place server.xml for in which:
to be applied to server container like tomcat. I do not have much knowledge about internalProxies.