diff --git a/pom.xml b/pom.xml
index 1ae56d4..640651b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
org.springframework.boot
spring-boot-starter-parent
- 2.1.2.RELEASE
+ 2.1.4.RELEASE
com.charego
@@ -17,7 +17,7 @@
UTF-8
- 1.8
+ 11
diff --git a/server/pom.xml b/server/pom.xml
index 8388075..df0a1f7 100644
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -24,6 +24,16 @@
spring-boot-starter-websocket
+
+
+ org.springframework.security
+ spring-security-config
+
+
+ org.springframework.security
+ spring-security-web
+
+
org.springframework.boot
diff --git a/server/src/main/java/com/charego/lingo/server/WebSecurityConfig.java b/server/src/main/java/com/charego/lingo/server/WebSecurityConfig.java
new file mode 100644
index 0000000..ae7caab
--- /dev/null
+++ b/server/src/main/java/com/charego/lingo/server/WebSecurityConfig.java
@@ -0,0 +1,17 @@
+package com.charego.lingo.server;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.util.matcher.RequestMatcher;
+
+@Configuration
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+ private RequestMatcher proxyRequest = r -> r.getHeader("X-Forwarded-Proto") != null;
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.requiresChannel().requestMatchers(proxyRequest).requiresSecure();
+ }
+}