Spring Security Add require-ssl flag for webflux apps

Summary

Add require-ssl flag for webflux apps

Configuration

Something like...

@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
  http.requiresChannel()
    .anyExchange()
      .requiresSecure();
}

Comment From: winster

I agree. With spring-boot-starter-webflux, netty server does not seem to check server.ssl.enabed=true Still http requests are being intercepted though a netty exception is raised 'unknown_ca'. I would like to get the similar behavior of tomcat. Tomcat respects above configuration and you get error bad request this combination of host and port requires tls, without flooding the logs with the exception. Though I can use spring-boot-starter-webflux and spring-boot-starter-web together to make tomcat the default server, there are some problems especially when I build a webclient bean with spring security. Exact error is ReactiveClientRegistrationRepository could not be found. It is not a problem with configuration property as it works if there was only spring-boot-starter-webflux and not both