问
SSL与Grizzly和Jersey
mobiledu2502926527 发布于 2023-02-03 10:52我试图让灰熊使用SSL加密,但仍然可以使用Jersey.我看过整个互联网,我发现了与Grizzly和Jersey的各种不同的SSL尝试.看起来有不同的方法,取决于您使用的版本,以及您决定如何实现它.我还没有能够使用任何示例来处理我的代码.
这是我启动服务器的方式:
static HttpServer startSecureServer() throws IOException{
ResourceConfig rc=new PackagesResourceConfig("server.grizzlyresources");
SSLContextConfigurator sslCon=new SSLContextConfigurator();
sslCon.setKeyStoreFile(ConfigLoader.getKeystoreLocation()); // contains server keypair
sslCon.setKeyStorePass(ConfigLoader.getKeystorePassword());
System.out.println("Starting server on port "+ConfigLoader.getHttpsServerPort());
HttpServer secure=GrizzlyServerFactory.createHttpServer(BASE_URI_SECURED, rc);
secure.stop();
HashSet lists=new HashSet(secure.getListeners());
for (NetworkListener listener : lists){
listener.setSecure(true);
SSLEngineConfigurator ssle=new SSLEngineConfigurator(sslCon);
listener.setSSLEngineConfig(ssle);
secure.addListener(listener);
System.out.println(listener);
}
secure.start();
return secure;
}
private static URI getBaseURISecured(){
return UriBuilder.fromUri("https://0.0.0.0/").port(ConfigLoader.getHttpsServerPort()).build();
}
private static final URI BASE_URI_SECURED = getBaseURISecured();
ConfigLoader从配置文件加载信息.当我运行这段代码时,它会启动服务器,它会在server.grizzlyresources包中找到资源,而且效果很好!除了一件事.服务器不安全.我可以telnet到它并以纯文本形式发送我的一个资源的HTTP请求,它将返回它.所以代码适用于启动服务器,但它的整个SSL部分只是被绕过了.任何想法如何解决这个或为什么它可能会这样做?
这是运行时控制台的输出:
Starting server on port 9999
Jan 13, 2014 9:51:08 AM com.sun.jersey.api.core.PackagesResourceConfig init
INFO: Scanning for root resource and provider classes in the packages:
server.grizzlyresources
Jan 13, 2014 9:51:08 AM com.sun.jersey.api.core.ScanningResourceConfig logClasses
INFO: Root resource classes found:
class server.grizzlyresources.SessionResource
class server.grizzlyresources.LoginResource
Jan 13, 2014 9:51:08 AM com.sun.jersey.api.core.ScanningResourceConfig init
INFO: No provider classes found.
Jan 13, 2014 9:51:08 AM com.sun.jersey.server.impl.application.WebApplicationImpl _initiate
INFO: Initiating Jersey application, version 'Jersey: 1.12 02/15/2012 04:51 PM'
Jan 13, 2014 9:51:09 AM org.glassfish.grizzly.http.server.NetworkListener start
INFO: Started listener bound to [0.0.0.0:9999]
Jan 13, 2014 9:51:09 AM org.glassfish.grizzly.http.server.HttpServer start
INFO: [HttpServer] Started.
Jan 13, 2014 9:51:09 AM org.glassfish.grizzly.http.server.NetworkListener stop
INFO: Stopped listener bound to [0.0.0.0:9999]
NetworkListener{name='grizzly', host='0.0.0.0', port=9999, secure=true}
Jan 13, 2014 9:51:09 AM org.glassfish.grizzly.http.server.NetworkListener start
INFO: Started listener bound to [0.0.0.0:9999]
Jan 13, 2014 9:51:09 AM org.glassfish.grizzly.http.server.HttpServer start
INFO: [HttpServer] Started.
我正在使用Grizzly 2.2.1和Jersey 1.12.
谢谢你!
2 个回答
-
IMO你可以使用不同的Factory方法来初始化安全的Grizzly HttpServer:
HttpServer secure = GrizzlyServerFactory.createHttpServer(BASE_URI_SECURED, ContainerFactory.createContainer(HttpHandler.class, rc), true, new SSLEngineConfigurator(sslCon));如果像这样初始化服务器,则无需再次停止并重新配置它.
希望这会有所帮助.
2023-02-03 10:55 回答
dmcm0011 -
很抱歉花这么长时间在这里发布.阿列克谢的回答促使我找到了工作解决方案,这很像Wolfgang Fahl的代码.这是我最终得到的:
static HttpServer startSecureServer() throws IOException { System.out.println("Starting server on port " + ConfigLoader.getHttpsServerPort()); ResourceConfig rc = new PackagesResourceConfig("com.kinpoint.server.grizzlyresources"); SSLContextConfigurator sslCon = new SSLContextConfigurator(); sslCon.setKeyStoreFile(ConfigLoader.getKeystoreLocation()); // contains server keypair sslCon.setKeyStorePass(ConfigLoader.getKeystorePassword()); HttpHandler hand = ContainerFactory.createContainer(HttpHandler.class, rc); HttpServer secure = GrizzlyServerFactory.createHttpServer(BASE_URI_SECURED, hand, true, new SSLEngineConfigurator(sslCon, false, false, false)); return secure; }SSLEngineConfigurator中的第二个参数告诉它不要使用客户端模式.这就是搞砸了我的原因.谢谢您的帮助.
2023-02-03 10:55 回答
北京超凡传媒
撰写答案
今天,你开发时遇到什么问题呢?
立即提问
京公网安备 11010802041100号