我试图让灰熊使用SSL加密,但仍然可以使用Jersey.我看过整个互联网,我发现了与Grizzly和Jersey的各种不同的SSL尝试.看起来有不同的方法,取决于您使用的版本,以及您决定如何实现它.我还没有能够使用任何示例来处理我的代码.
这是我启动服务器的方式:
static HttpServer startSecureServer() throws IOException{ ResourceConfig rc=new PackagesResourceConfig("server.grizzlyresources"); SSLContextConfigurator sslCon=new SSLContextConfigurator(); sslCon.setKeyStoreFile(ConfigLoader.getKeystoreLocation()); // contains server keypair sslCon.setKeyStorePass(ConfigLoader.getKeystorePassword()); System.out.println("Starting server on port "+ConfigLoader.getHttpsServerPort()); HttpServer secure=GrizzlyServerFactory.createHttpServer(BASE_URI_SECURED, rc); secure.stop(); HashSetlists=new HashSet (secure.getListeners()); for (NetworkListener listener : lists){ listener.setSecure(true); SSLEngineConfigurator ssle=new SSLEngineConfigurator(sslCon); listener.setSSLEngineConfig(ssle); secure.addListener(listener); System.out.println(listener); } secure.start(); return secure; } private static URI getBaseURISecured(){ return UriBuilder.fromUri("https://0.0.0.0/").port(ConfigLoader.getHttpsServerPort()).build(); } private static final URI BASE_URI_SECURED = getBaseURISecured();
ConfigLoader从配置文件加载信息.当我运行这段代码时,它会启动服务器,它会在server.grizzlyresources包中找到资源,而且效果很好!除了一件事.服务器不安全.我可以telnet到它并以纯文本形式发送我的一个资源的HTTP请求,它将返回它.所以代码适用于启动服务器,但它的整个SSL部分只是被绕过了.任何想法如何解决这个或为什么它可能会这样做?
这是运行时控制台的输出:
Starting server on port 9999 Jan 13, 2014 9:51:08 AM com.sun.jersey.api.core.PackagesResourceConfig init INFO: Scanning for root resource and provider classes in the packages: server.grizzlyresources Jan 13, 2014 9:51:08 AM com.sun.jersey.api.core.ScanningResourceConfig logClasses INFO: Root resource classes found: class server.grizzlyresources.SessionResource class server.grizzlyresources.LoginResource Jan 13, 2014 9:51:08 AM com.sun.jersey.api.core.ScanningResourceConfig init INFO: No provider classes found. Jan 13, 2014 9:51:08 AM com.sun.jersey.server.impl.application.WebApplicationImpl _initiate INFO: Initiating Jersey application, version 'Jersey: 1.12 02/15/2012 04:51 PM' Jan 13, 2014 9:51:09 AM org.glassfish.grizzly.http.server.NetworkListener start INFO: Started listener bound to [0.0.0.0:9999] Jan 13, 2014 9:51:09 AM org.glassfish.grizzly.http.server.HttpServer start INFO: [HttpServer] Started. Jan 13, 2014 9:51:09 AM org.glassfish.grizzly.http.server.NetworkListener stop INFO: Stopped listener bound to [0.0.0.0:9999] NetworkListener{name='grizzly', host='0.0.0.0', port=9999, secure=true} Jan 13, 2014 9:51:09 AM org.glassfish.grizzly.http.server.NetworkListener start INFO: Started listener bound to [0.0.0.0:9999] Jan 13, 2014 9:51:09 AM org.glassfish.grizzly.http.server.HttpServer start INFO: [HttpServer] Started.
我正在使用Grizzly 2.2.1和Jersey 1.12.
谢谢你!
IMO你可以使用不同的Factory方法来初始化安全的Grizzly HttpServer:
HttpServer secure = GrizzlyServerFactory.createHttpServer(BASE_URI_SECURED, ContainerFactory.createContainer(HttpHandler.class, rc), true, new SSLEngineConfigurator(sslCon));
如果像这样初始化服务器,则无需再次停止并重新配置它.
希望这会有所帮助.
很抱歉花这么长时间在这里发布.阿列克谢的回答促使我找到了工作解决方案,这很像Wolfgang Fahl的代码.这是我最终得到的:
static HttpServer startSecureServer() throws IOException { System.out.println("Starting server on port " + ConfigLoader.getHttpsServerPort()); ResourceConfig rc = new PackagesResourceConfig("com.kinpoint.server.grizzlyresources"); SSLContextConfigurator sslCon = new SSLContextConfigurator(); sslCon.setKeyStoreFile(ConfigLoader.getKeystoreLocation()); // contains server keypair sslCon.setKeyStorePass(ConfigLoader.getKeystorePassword()); HttpHandler hand = ContainerFactory.createContainer(HttpHandler.class, rc); HttpServer secure = GrizzlyServerFactory.createHttpServer(BASE_URI_SECURED, hand, true, new SSLEngineConfigurator(sslCon, false, false, false)); return secure; }
SSLEngineConfigurator中的第二个参数告诉它不要使用客户端模式.这就是搞砸了我的原因.谢谢您的帮助.