我有以下代码来配置Jetty服务器:
@Configuration
public class RedirectHttpToHttpsOnJetty2Config {
@Bean
public ConfigurableServletWebServerFactory webServerFactory() {
JettyServletWebServerFactory factory = new JettyServletWebServerFactory();
factory.addServerCustomizers(new JettyServerCustomizer() {
@Override
public void customize(Server server) {
ServerConnector connector = new ServerConnector(server);
connector.setPort(80);
server.addConnector(connector);
}
});
return factory;
}
}
和
application.properties as
server.port=8443
server.ssl.key-store=classpath:keystore
server.ssl.key-store-password=xyzxyzxyz
server.ssl.key-password=xyzxyzxyz
当我访问localhost时,我的应用程序正常工作:8443但无法访问localhost:80。 gradlew bootRun提到
... Jetty在端口8443(ssl,http / 1.1),80(http / 1.1)上启动,带有上下文路径' /' ...
但在访问http://localhost:80时,我收到了消息
无法访问此站点... localhost拒绝连接。
我正在寻找http://localhost:80重定向到https://localhost:8443。
我让它在Tomcat中工作:
@Bean
public ServletWebServerFactory servletContainer(){
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}
private Connector redirectConnector(){
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(80);
connector.setSecure(false);
connector.setRedirectPort(8443);
return connector;
}
但无法找到Jetty的等效物。任何指针都非常赞赏。
答案 0 :(得分:1)
您在端口80 HttpConfiguration上缺少必需的ServerConnector,以告知Jetty您的安全端口与不安全端口是什么。
Jetty端SecuredRedirectHandler是重定向实际运行的方式。
package org.eclipse.jetty.cookbook;
import java.net.URL;
import org.eclipse.jetty.cookbook.handlers.HelloHandler;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.HandlerList;
import org.eclipse.jetty.server.handler.SecuredRedirectHandler;
import org.eclipse.jetty.util.ssl.SslContextFactory;
public class SecuredRedirectHandlerExample
{
public static void main(String[] args) throws Exception
{
Server server = new Server();
int httpPort = 8080;
int httpsPort = 8443;
// Setup HTTP Connector
HttpConfiguration httpConf = new HttpConfiguration();
httpConf.setSecurePort(httpsPort);
httpConf.setSecureScheme("https");
// Establish the HTTP ServerConnector
ServerConnector httpConnector = new ServerConnector(server,
new HttpConnectionFactory(httpConf));
httpConnector.setPort(httpPort);
server.addConnector(httpConnector);
// Find Keystore for SSL
ClassLoader cl = SecuredRedirectHandlerExample.class.getClassLoader();
String keystoreResource = "ssl/keystore";
URL f = cl.getResource(keystoreResource);
if (f == null)
{
throw new RuntimeException("Unable to find " + keystoreResource);
}
// Setup SSL
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(f.toExternalForm());
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
// Setup HTTPS Configuration
HttpConfiguration httpsConf = new HttpConfiguration(httpConf);
httpsConf.addCustomizer(new SecureRequestCustomizer()); // adds ssl info to request object
// Establish the HTTPS ServerConnector
ServerConnector httpsConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory,"http/1.1"),
new HttpConnectionFactory(httpsConf));
httpsConnector.setPort(httpsPort);
server.addConnector(httpsConnector);
// Add a Handlers for requests
HandlerList handlers = new HandlerList();
handlers.addHandler(new SecuredRedirectHandler()); // always first
handlers.addHandler(new HelloHandler("Hello Secure World"));
handlers.addHandler(new DefaultHandler()); // always last
server.setHandler(handlers);
server.start();
server.join();
}
}
答案 1 :(得分:0)
以下配置将设置从HTTP到HTTPS的重定向。假定您已经将Spring Boot配置为侦听端口443,并且SSL配置正确。
@Bean
public ConfigurableServletWebServerFactory webServerFactory() {
JettyServletWebServerFactory factory = new JettyServletWebServerFactory();
factory.addServerCustomizers(new JettyServerCustomizer() {
@Override
public void customize(Server server) {
final HttpConnectionFactory httpConnectionFactory = server.getConnectors()[0].getConnectionFactory(HttpConnectionFactory.class);
final ServerConnector httpConnector = new ServerConnector(server, httpConnectionFactory);
httpConnector.setPort(80 /* HTTP */);
server.addConnector(httpConnector);
final HandlerList handlerList = new HandlerList();
handlerList.addHandler(new SecuredRedirectHandler());
for(Handler handler : server.getHandlers())
handlerList.addHandler(handler);
server.setHandler(handlerList);
}
});
return factory;
}