有人可以帮助将代码从jetty 8迁移到9.2.1.
我需要让jetty监听端口80(http)并将每个请求重定向到443(https).
这是jetty 8的代码,但它在9.2.1上不起作用.版本9使用ServerConnector但我找不到有关如何使用setConfidentialPort属性的示例.
Server server = new Server();
//Create a connector on port 80 to listen for HTTP requests
SelectChannelConnector httpConnector = new SelectChannelConnector();
httpConnector.setPort(80);
server.addConnector(httpConnector);
//Create a connector on port 443 to listen for HTTPS requests
SslSocketConnector httpsConnector = new SslSocketConnector();
httpsConnector.setPort(443);
httpsConnector.setKeystore("name_of_the_keystore");
httpsConnector.setPassword("password_for_the_keystore");
httpsConnector.setKeyPassword("password_for_the_key");
server.addConnector(httpsConnector);
//Redirect the HTTP requests to HTTPS port
httpConnector.setConfidentialPort(443);
enc*_*est 10
我自己也遇到了麻烦.我通过使用https://serverfault.com/questions/367660/how-to-have-jetty-redirect-http-to-https中的 web.xml转换示例来解决这个问题:
基本上,您必须添加一个安全约束,强制所有路径中的所有数据都是机密的,否则会引发!403错误.然后配置http连接器将所有!403错误重定向到https:
Server server = new Server();
// HTTP Configuration
HttpConfiguration http_config = new HttpConfiguration();
http_config.addCustomizer(new SecureRequestCustomizer());
//these two settings allow !403 errors to be redirected to https
http_config.setSecureScheme("https");
http_config.setSecurePort(443);
//setup the secure config using the original http config + SecureRequestCustomizer
HttpConfiguration https_config = new HttpConfiguration(http_config);
https_config.addCustomizer(new SecureRequestCustomizer());
// SSL Context Factory - tells how to access certificate info
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(EmbeddedJetty.class.getResource("/keystore.jks").toExternalForm());
sslContextFactory.setKeyStorePassword("keystorepassword");
sslContextFactory.setKeyManagerPassword("keymanagerpassword");
//Create a connector on port 80 to listen for HTTP requests (that will get redirected)
ServerConnector httpConnector = new ServerConnector(server);
httpConnector.addConnectionFactory(new HttpConnectionFactory(http_config));
httpConnector.setPort(80);
//Connector on port 443 for HTTPS requests
ServerConnector sslConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.toString()),
new HttpConnectionFactory(https_config));
sslConnector.setPort(443);
//setup the constraint that causes all http requests to return a !403 error
ConstraintSecurityHandler security = new ConstraintSecurityHandler();
Constraint constraint = new Constraint();
constraint.setDataConstraint(Constraint.DC_CONFIDENTIAL);
//makes the constraint apply to all uri paths
ConstraintMapping mapping = new ConstraintMapping();
mapping.setPathSpec( "/*" );
mapping.setConstraint( constraint );
security.addConstraintMapping(mapping);
//in my case I also define a ServletContextHandler for managing SpringMVC beans
//that I daisy-chain into the security handler like so:
//security.setHandler(servletContextHandler);
server.setHandler(security);
server.setConnectors(new Connector[] { httpConnector, sslConnector });
server.start();
server.join();
| 归档时间: |
|
| 查看次数: |
6991 次 |
| 最近记录: |