Adding the property server.use-forward headers in order for Spring security to function properly behind a Nginx load balancer

This property helps the spring security library derive the host name, protocol and port accurately even while running behind a Nginx load balancer. This is because nginx adds X-Forward-* headers that are parsed by Spring security library.
2020-01-13 10:25:43 +05:30 · 2020-01-13 10:25:43 +05:30 · 7622d76f32
commit 7622d76f32
parent f374638d98
3 changed files with 9 additions and 3 deletions
--- a/app/server/appsmith-server/src/main/resources/application-docker.properties
+++ b/app/server/appsmith-server/src/main/resources/application-docker.properties
@ -1,6 +1,9 @@
 # Appsmith Configurations
 appsmith.baseUri=http://localhost:8080

+# This property allows the server to run behind a proxy server and still resolve all the urls correctly
+server.use-forward-headers=true
+
 #Mongo properties
 spring.data.mongodb.database=mobtools
 spring.data.mongodb.host=mongo
@ -16,7 +19,6 @@ logging.pattern.console=%X - %m%n
 #Spring security
 spring.security.oauth2.client.registration.google.client-id=869021686091-9b84bbf7ea683t1aaefqnmefcnmk6fq6.apps.googleusercontent.com
 spring.security.oauth2.client.registration.google.client-secret=9dvITt4OayEY1HfeY8bHX74p
-spring.security.oauth2.client.registration.google.redirect-uri=${appsmith.baseUri}/login/oauth2/code/google

 # Accounts from specific domains are allowed to login
 oauth2.allowed-domains=appsmith.com
--- a/app/server/appsmith-server/src/main/resources/application-local.properties
+++ b/app/server/appsmith-server/src/main/resources/application-local.properties
@ -1,6 +1,9 @@
 # Appsmith Configurations
 appsmith.baseUri=http://localhost:8080

+# This property allows the server to run behind a proxy server and still resolve all the urls correctly
+server.use-forward-headers=true
+
 #Mongo properties
 spring.data.mongodb.database=mobtools
 spring.data.mongodb.host=localhost
@ -16,7 +19,6 @@ logging.pattern.console=%X - %m%n
 #Spring security
 spring.security.oauth2.client.registration.google.client-id=869021686091-9b84bbf7ea683t1aaefqnmefcnmk6fq6.apps.googleusercontent.com
 spring.security.oauth2.client.registration.google.client-secret=9dvITt4OayEY1HfeY8bHX74p
-spring.security.oauth2.client.registration.google.redirect-uri=${appsmith.baseUri}/login/oauth2/code/google

 # Accounts from specific domains are allowed to login
 oauth2.allowed-domains=appsmith.com
--- a/app/server/appsmith-server/src/main/resources/application-staging.properties
+++ b/app/server/appsmith-server/src/main/resources/application-staging.properties
@ -1,6 +1,9 @@
 # Appsmith Configurations
 appsmith.baseUri=https://release-api.appsmith.com

+# This property allows the server to run behind a proxy server and still resolve all the urls correctly
+server.use-forward-headers=true
+
 #Mongo properties
 spring.data.mongodb.database=mobtools
 spring.data.mongodb.uri=mongodb+srv://admin:Y9PuxM52gcP3Dgfo@mobtools-test-cluster-swrsq.mongodb.net/mobtools?retryWrites=true
@ -14,7 +17,6 @@ logging.pattern.console=%X - %m%n
 #Spring security
 spring.security.oauth2.client.registration.google.client-id=869021686091-9b84bbf7ea683t1aaefqnmefcnmk6fq6.apps.googleusercontent.com
 spring.security.oauth2.client.registration.google.client-secret=9dvITt4OayEY1HfeY8bHX74p
-spring.security.oauth2.client.registration.google.redirect-uri=${appsmith.baseUri}/login/oauth2/code/google

 # Accounts from specific domains are allowed to login
 oauth2.allowed-domains=appsmith.com