Login/Register
How to configure Spring HATEOAS behind proxy?
Asked Answered
Solved springrestspring-data-resthateoasspring-hateoas
A

4

21

I have Spring Data Rest with Hateoas as my backed. It is behind a proxy.

Backend url: backend.com

Proxy url: proxy.com

When I query proxy url, e.g. http://proxy.com/items/1, I get a response with href links with domain backend.com. I need the domain to be proxy.com.

Archibald answered 3/5, 2015 at 22:37 Comment(0)
A
17

Make sure your proxy is adding X-Forwarded-Host: proxy.com header to the request that is passed to backend.com. Then Spring Hateoas will automatically generate link hrefs with proxy.com.

X-Forwarded-Host can contain port.

Also see other X-Forwarded-* headers, which are supported too.

Archibald answered 3/5, 2015 at 22:37 Comment(2)
Hi, I also want to implement same thing in my REST API. I tried to set IP of my proxy server but its giving me "NumberFormatException". See the exception: org.springframework.web.util.NestedServletException: Request processing failed; nested exception is java.lang.NumberFormatException: For input string: " 192.168.1.1"Cyanocobalamin
Hi, can you show me the line of code where you try to set X-Forwarded-Host header?Allanallana
W
33

As of Spring-Boot 2.1 / Spring 5.1, Spring shifts the responsibility of handling X-Forwarded-* from Spring HATEOAS to Spring MVC.

https://jira.spring.io/browse/SPR-16668

You now require the registration of a filter bean.

Minimal implementation:

@Bean
FilterRegistrationBean<ForwardedHeaderFilter> forwardedHeaderFilter()
{
    FilterRegistrationBean<ForwardedHeaderFilter> bean = new FilterRegistrationBean<>();
    bean.setFilter(new ForwardedHeaderFilter());
    return bean;
}
Warden answered 12/11, 2018 at 20:4 Comment(3)
If you use Spring HATEOAS and Spring Boot, there seems to be a parameter for that: github.com/spring-projects/spring-hateoas/issues/… : If the proxy adds conventional X-Forwarded-For and X-Forwarded-Proto headers (most proxy servers do so), the absolute links should be rendered correctly, provided server.use-forward-headers is set to true in your application.properties.Neeley
On AWS using a load balancer and cloudfront, the combination of server.use-forward-headers=true in application.properties and a lambda that sets the host and the proto for the Forwareded header and that is configured in Cloudfront as origin request does the trickPetersen
Hi, this was working fine until I add Spring Cloud Gateway as a proxy. After adding the gateway, now the HATEOAS links are rplaced to http from https. On gateway, tried forward-headers-strategy: framework/native and ForwardedHeaderTransformer Bean, but nothing is working. Any suggestions to make it working?Lundin
A
17

Make sure your proxy is adding X-Forwarded-Host: proxy.com header to the request that is passed to backend.com. Then Spring Hateoas will automatically generate link hrefs with proxy.com.

X-Forwarded-Host can contain port.

Also see other X-Forwarded-* headers, which are supported too.

Archibald answered 3/5, 2015 at 22:37 Comment(2)
Hi, I also want to implement same thing in my REST API. I tried to set IP of my proxy server but its giving me "NumberFormatException". See the exception: org.springframework.web.util.NestedServletException: Request processing failed; nested exception is java.lang.NumberFormatException: For input string: " 192.168.1.1"Cyanocobalamin
Hi, can you show me the line of code where you try to set X-Forwarded-Host header?Allanallana
L
7

Inspired by the comment from Cyril Gambis, Spring offers a property server.use-forward-headers, which exists at least from 1.3.0.RELEASE. From Spring Boot 2.2.0.RELEASE, that property is deprecated, use server.forward-headers-strategy instead.

When you use Spring Data Rest, I suggest set server.forward-headers-strategy = framework, then Spring Hatoaes generates the proxied URI for href with the help of x-forwarded-* headers.

Reference

Limnetic answered 16/5, 2020 at 14:39 Comment(0)
V
2

Though this has been answered by Mariano, I wanted to add that it works for Spring Boot. However, if you don't use Spring Boot and instead use Spring 5.1.X in a traditional web application deployed within J2EE container (like mine), you will need to add a filter to your web application's web.xml similar to below:

    <filter>
    <filter-name>forwardedHeaderFilter</filter-name>
    <filter-class>org.springframework.web.filter.ForwardedHeaderFilter</filter-class>
    <init-param>
        <param-name>relativeRedirects</param-name>
        <param-value>true</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>forwardedHeaderFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Besides this, you will also need to upgrade Hateoas to version 0.25.1 where this issue has been fixed from Hateoas side.

Vulgarize answered 20/3, 2019 at 5:57 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.