带有嵌入式 Jetty HTTPS 的 CORS
CORS with Embedded Jetty HTTPS
我想为嵌入式 Jetty HTTPS 启用 CORS,但以下代码不起作用。我设法使用以下代码使代码适用于 HTTP。
public class EmbeddingJettyWithServlet {
public static void main(String[] args) throws Exception {
// Setup Threadpool for multiple server connections
QueuedThreadPool threadPool = new QueuedThreadPool();
threadPool.setMaxThreads(500);
//ThreadPool Server
Server server = new Server(threadPool);
// Configure jetty.home
String home = ".";
// Configure ports for http
ServerConnector http = new ServerConnector(server);
http.setPort(9889);
http.setIdleTimeout(30000);
// Scheduler
server.addBean(new ScheduledExecutorScheduler());
//Thread.currentThread().setPriority(Thread.MAX_PRIORITY);
// HTTPS Configuration
HttpConfiguration https = new HttpConfiguration();
https.addCustomizer(new SecureRequestCustomizer());
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(home + "/keystore.jks");
sslContextFactory.setKeyStorePassword("XXXXXXXXXX");
sslContextFactory.setKeyManagerPassword("XXXXXXXXXXX");
ServerConnector sslConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, "http/1.1"),
new HttpConnectionFactory(https));
sslConnector.setPort(9888);
server.setConnectors(new Connector[] { http, sslConnector });
ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
context.setContextPath("/kibitz");
// Enable CORS - cross origin resource sharing (for http and https)
FilterHolder cors = new FilterHolder();
cors.setInitParameter("allowedOrigins", "*");
cors.setInitParameter("allowedHeaders", "*");
cors.setInitParameter("allowedMethods", "GET, POST");
cors.setFilter(new CrossOriginFilter());
context.addFilter(cors, "*", EnumSet.of(DispatcherType.REQUEST, DispatcherType.ASYNC, DispatcherType.INCLUDE));
server.setHandler(context);
server.start();
server.join();
}
但是我无法使端口 9888 上的 HTTPS 正常工作。非常感谢帮助!
让我们从正确使用 HttpConfiguration 开始。
// Setup Threadpool for multiple server connections
QueuedThreadPool threadPool = new QueuedThreadPool();
threadPool.setMaxThreads(500);
//ThreadPool Server
Server server = new Server(threadPool);
int port = 9889;
int portSecure = 9888;
// Configure jetty.home
String home = ".";
// HTTP Configuration
HttpConfiguration http_config = new HttpConfiguration();
http_config.setSecureScheme("https");
http_config.setSecurePort(portSecure);
// Configure Connector for http
ServerConnector http = new ServerConnector(server,
new HttpConnectionFactory(http_config));
http.setPort(port);
http.setIdleTimeout(30000);
// HTTPS Configuration
HttpConfiguration https_config = new HttpConfiguration(http_config);
https_config.addCustomizer(new SecureRequestCustomizer());
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(home + "/keystore.jks");
sslContextFactory.setKeyStorePassword("XXXXXXXXXX");
sslContextFactory.setKeyManagerPassword("XXXXXXXXXXX");
ServerConnector sslConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, "http/1.1"),
new HttpConnectionFactory(https_config));
sslConnector.setPort(portSecure);
server.setConnectors(new Connector[] { http, sslConnector });
您的代码没有定义什么端口被认为是安全的,它也没有将 http 配置转移到 https 端。
这在某些方面应该有所帮助。但是,如果您没有正确创建密钥库,那么再多的 Jetty 端配置也无济于事。
@Joakim Erdfelt 在我的情况下是正确的,这是一个密钥库问题。经过一番摸索,我发现问题出在我的 Firefox 浏览器和不受信任的证书上。 Firefox,而不是给出 "Get Me Out of Here" 消息,如果你直接转到 https:// URL,它会给出 Javascript 控制台,而是给出 "Cross-Origin Request Blocked" 错误如果您的网站正在尝试通过端口访问。
要使用 https://,您必须从受信任的证书颁发机构获得证书并将其安装到您的密钥库中。如果您生成自己的证书,某些浏览器会阻止该请求。本文对正确设置密钥库非常有帮助:http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html.
我想为嵌入式 Jetty HTTPS 启用 CORS,但以下代码不起作用。我设法使用以下代码使代码适用于 HTTP。
public class EmbeddingJettyWithServlet {
public static void main(String[] args) throws Exception {
// Setup Threadpool for multiple server connections
QueuedThreadPool threadPool = new QueuedThreadPool();
threadPool.setMaxThreads(500);
//ThreadPool Server
Server server = new Server(threadPool);
// Configure jetty.home
String home = ".";
// Configure ports for http
ServerConnector http = new ServerConnector(server);
http.setPort(9889);
http.setIdleTimeout(30000);
// Scheduler
server.addBean(new ScheduledExecutorScheduler());
//Thread.currentThread().setPriority(Thread.MAX_PRIORITY);
// HTTPS Configuration
HttpConfiguration https = new HttpConfiguration();
https.addCustomizer(new SecureRequestCustomizer());
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(home + "/keystore.jks");
sslContextFactory.setKeyStorePassword("XXXXXXXXXX");
sslContextFactory.setKeyManagerPassword("XXXXXXXXXXX");
ServerConnector sslConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, "http/1.1"),
new HttpConnectionFactory(https));
sslConnector.setPort(9888);
server.setConnectors(new Connector[] { http, sslConnector });
ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
context.setContextPath("/kibitz");
// Enable CORS - cross origin resource sharing (for http and https)
FilterHolder cors = new FilterHolder();
cors.setInitParameter("allowedOrigins", "*");
cors.setInitParameter("allowedHeaders", "*");
cors.setInitParameter("allowedMethods", "GET, POST");
cors.setFilter(new CrossOriginFilter());
context.addFilter(cors, "*", EnumSet.of(DispatcherType.REQUEST, DispatcherType.ASYNC, DispatcherType.INCLUDE));
server.setHandler(context);
server.start();
server.join();
}
但是我无法使端口 9888 上的 HTTPS 正常工作。非常感谢帮助!
让我们从正确使用 HttpConfiguration 开始。
// Setup Threadpool for multiple server connections
QueuedThreadPool threadPool = new QueuedThreadPool();
threadPool.setMaxThreads(500);
//ThreadPool Server
Server server = new Server(threadPool);
int port = 9889;
int portSecure = 9888;
// Configure jetty.home
String home = ".";
// HTTP Configuration
HttpConfiguration http_config = new HttpConfiguration();
http_config.setSecureScheme("https");
http_config.setSecurePort(portSecure);
// Configure Connector for http
ServerConnector http = new ServerConnector(server,
new HttpConnectionFactory(http_config));
http.setPort(port);
http.setIdleTimeout(30000);
// HTTPS Configuration
HttpConfiguration https_config = new HttpConfiguration(http_config);
https_config.addCustomizer(new SecureRequestCustomizer());
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(home + "/keystore.jks");
sslContextFactory.setKeyStorePassword("XXXXXXXXXX");
sslContextFactory.setKeyManagerPassword("XXXXXXXXXXX");
ServerConnector sslConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, "http/1.1"),
new HttpConnectionFactory(https_config));
sslConnector.setPort(portSecure);
server.setConnectors(new Connector[] { http, sslConnector });
您的代码没有定义什么端口被认为是安全的,它也没有将 http 配置转移到 https 端。
这在某些方面应该有所帮助。但是,如果您没有正确创建密钥库,那么再多的 Jetty 端配置也无济于事。
@Joakim Erdfelt 在我的情况下是正确的,这是一个密钥库问题。经过一番摸索,我发现问题出在我的 Firefox 浏览器和不受信任的证书上。 Firefox,而不是给出 "Get Me Out of Here" 消息,如果你直接转到 https:// URL,它会给出 Javascript 控制台,而是给出 "Cross-Origin Request Blocked" 错误如果您的网站正在尝试通过端口访问。
要使用 https://,您必须从受信任的证书颁发机构获得证书并将其安装到您的密钥库中。如果您生成自己的证书,某些浏览器会阻止该请求。本文对正确设置密钥库非常有帮助:http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html.