Mrk*_*rkK 5 ssl spring jetty spring-mvc spring-security
我在为Spring MVC REST资源强制使用SSL时遇到问题.我不需要身份验证,因为它是通过HTTP头中传递的安全令牌处理的,我只需要禁止使用http.由于我已经在项目的其他部分使用Spring安全性,我宁愿继续使用它而不是在Web服务器中配置SSL.当我尝试连接到资源时,我收到" 错误:140770FC:SSL例程:SSL23_GET_SERVER_HELLO:未知协议 ",我认为这意味着服务器正在尝试不通过SSL进行响应.
<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>Mongoose Rest Server</display-name>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/application-security.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>mongoose</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mongoose</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
</web-app>
<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.2.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:http auto-config="true" use-expressions="true">
<security:intercept-url pattern="/**" requires-channel="https" />
</security:http>
<security:authentication-manager>
</security:authentication-manager>
</beans>
@Controller
@RequestMapping("/mongoose")
public class HarmonyRestController {
private final Logger logger = LoggerFactory.getLogger(getClass());
public HarmonyRestController() {
}
@RequestMapping(value = "policies", method = RequestMethod.GET, produces = "application/json")
public
@ResponseBody
String requestPolicies() {
return "test...";
}
}
我也尝试在安全配置中使用端口重定向
<security:http auto-config="true" use-expressions="true">/
<security:intercept-url pattern="/**" requires-channel="https" security="none"/>
<security:port-mappings>
<security:port-mapping http="8080" https="8443" />
</security:port-mappings>
</security:http>
并将Jetty绑定到8443,但它没有帮助.每次我尝试通过https连接到/ mongoose/policies资源时我都会收到curl:(35)错误:140770FC:SSL例程:SSL23_GET_SERVER_HELLO:未知协议
也许我的问题与使用Spring MVC使用的servlet的isSecure属性设置为false有什么关系?
| 归档时间: |
|
| 查看次数: |
6226 次 |
| 最近记录: |