Fatal编程技术网
  • servlets/
  • Servlets Jetty BadMessage嵌入式WebSocket Servlet

Servlets Jetty BadMessage嵌入式WebSocket Servlet

servlets ssl websocket jetty

Servlets Jetty BadMessage嵌入式WebSocket Servlet,servlets,ssl,websocket,jetty,Servlets,Ssl,Websocket,Jetty,我使用jetty 9.2.5创建了一个简单的嵌入式WebSocket服务器。使用不安全连接时,服务器工作正常。当我添加SSL连接器时,客户端无法使用https方案“wss”vs“ws”进行连接,我看到一条错误消息警告: 31710 [qtp6566818-16] WARN org.eclipse.jetty.http.HttpParser - badMessage: 400 Illegal character 0x16 in state=START in '\x16<<<\

我使用jetty 9.2.5创建了一个简单的嵌入式WebSocket服务器。使用不安全连接时,服务器工作正常。当我添加SSL连接器时,客户端无法使用https方案“wss”vs“ws”进行连接,我看到一条错误消息警告:

31710 [qtp6566818-16] WARN  org.eclipse.jetty.http.HttpParser  - badMessage: 400 Illegal character 0x16 in state=START in '\x16<<<\x03\x01\x00\xAb\x01\x00\x00\xA7\x03\x037%\x03d\xFf\xBd\xE8...\x01\x05\x01\x02\x01\x04\x03\x05\x03\x02\x03\x04\x02\x02\x02>>>\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00...\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' for HttpChannelOverHttp@f59306{r=0,c=false,a=IDLE,uri=-}
服务器的代码几乎取自我在jetty站点和Internet上遇到的示例。以下是设置WebSocket servlet的代码:

// Setup the websocket server
Server server = new Server(websocketPort);

if (wssEnabled) {
  // Add http/s connectors
  //connector = new ServerConnector(server);
  //connector.setPort(websocketPort);

  // HTTP Configuration
  HttpConfiguration http_config = new HttpConfiguration();
  http_config.setSecureScheme("https");
  http_config.setSecurePort(8443);
  http_config.setOutputBufferSize(32768);
  http_config.setRequestHeaderSize(8192);
  http_config.setResponseHeaderSize(8192);
  http_config.setSendServerVersion(true);
  http_config.setSendDateHeader(false);

  SslContextFactory sslContextFactory = new SslContextFactory();
  sslContextFactory.setKeyStorePath("/home/jedwards/keystore");
  logger.info("keystore path: {}", sslContextFactory.getKeyStorePath());
  sslContextFactory.setKeyStorePassword("1deadparrot");
  sslContextFactory.setKeyManagerPassword("1deadparrot");
  sslContextFactory.setExcludeCipherSuites(
      "SSL_RSA_WITH_DES_CBC_SHA","SSL_DHE_RSA_WITH_DES_CBC_SHA","SSL_DHE_DSS_WITH_DES_CBC_SHA",
      "SSL_RSA_EXPORT_WITH_RC4_40_MD5","SSL_RSA_EXPORT_WITH_DES40_CBC_SHA","SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
      "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");

  // SSL HTTP Configuration
  HttpConfiguration https_config = new HttpConfiguration(http_config);
  https_config.addCustomizer(new SecureRequestCustomizer());

  // SSL Connector
  connector = new ServerConnector(server,
      new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
      new HttpConnectionFactory(https_config));
  connector.setPort(8443);
  connector.setIdleTimeout(500000);
} else {
  // Basic HTTP connector
  connector = new ServerConnector(server);
  connector.setPort(websocketPort);
}
ServletContextHandler ctx = new ServletContextHandler();
ctx.setContextPath("/");
ctx.addServlet(EmergeEchoServiceSocketServlet.class, websocketServicePoint);

server.setHandler(ctx);
server.addConnector(connector);

// Start the websocket server
server.start();
logger.info("server status: {}", server.dump());
server.join();
我使用建议的命令创建了自签名证书和密钥对:

keytool -keystore keystore -alias jetty -genkey -keyalg RSA
我现在不知所措,因为我相信我已经正确地设置了嵌入式WebSocket servlet。因此,我认为这是显而易见的,但我无法解决问题。

我稍微简化了代码,并且能够让SSL WebSockets服务器工作。我仍在使用自签名证书,因此它只是本地的。我可以使用IP地址,但不能使用“localhost”,例如。“wss://192.168.2.115:8443/servicePoint“

以下是新代码:

// Setup the websocket server
Server server = new Server();

if (wssEnabled) {
  // HTTP Configuration
  HttpConfiguration https_config = new HttpConfiguration();
  https_config.setSecureScheme("https");
  https_config.setSecurePort(8443);
  https_config.setSendServerVersion(true);
  https_config.setSendDateHeader(false);
  https_config.addCustomizer(new SecureRequestCustomizer());

  SslContextFactory sslContextFactory = new SslContextFactory();
  sslContextFactory.setKeyStorePath("/pathTo//keystore");
  sslContextFactory.setTrustStorePath("/pathTo/keystore");
  logger.info("keystore path: {}", sslContextFactory.getKeyStorePath());
  sslContextFactory.setKeyStorePassword("myPassword");
  sslContextFactory.setKeyManagerPassword("myPassword");
  sslContextFactory.setTrustStorePassword("myPassword");
  sslContextFactory.setExcludeCipherSuites(
      "SSL_RSA_WITH_DES_CBC_SHA",
      "SSL_DHE_RSA_WITH_DES_CBC_SHA",
      "SSL_DHE_DSS_WITH_DES_CBC_SHA",
      "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
      "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
      "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
      "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");

  // SSL Connector
  connector = new ServerConnector(server,
      new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
      new HttpConnectionFactory(https_config));
  connector.setPort(8443);
} else {
  // Basic HTTP connector
  connector = new ServerConnector(server);
  connector.setPort(websocketPort);
}

ServletContextHandler ctx = new ServletContextHandler();
ctx.setContextPath("/");
ctx.addServlet(EmergeEchoServiceSocketServlet.class, "/dF" + websocketServicePoint);

server.setHandler(ctx);
server.addConnector(connector);

// Start the websocket server
server.start();
logger.info("server status: {}", server.dump());
server.join();
}

我很想听听代码清理中是什么导致了这一点,因为我还不清楚。 
// Setup the websocket server
Server server = new Server();

if (wssEnabled) {
  // HTTP Configuration
  HttpConfiguration https_config = new HttpConfiguration();
  https_config.setSecureScheme("https");
  https_config.setSecurePort(8443);
  https_config.setSendServerVersion(true);
  https_config.setSendDateHeader(false);
  https_config.addCustomizer(new SecureRequestCustomizer());

  SslContextFactory sslContextFactory = new SslContextFactory();
  sslContextFactory.setKeyStorePath("/pathTo//keystore");
  sslContextFactory.setTrustStorePath("/pathTo/keystore");
  logger.info("keystore path: {}", sslContextFactory.getKeyStorePath());
  sslContextFactory.setKeyStorePassword("myPassword");
  sslContextFactory.setKeyManagerPassword("myPassword");
  sslContextFactory.setTrustStorePassword("myPassword");
  sslContextFactory.setExcludeCipherSuites(
      "SSL_RSA_WITH_DES_CBC_SHA",
      "SSL_DHE_RSA_WITH_DES_CBC_SHA",
      "SSL_DHE_DSS_WITH_DES_CBC_SHA",
      "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
      "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
      "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
      "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");

  // SSL Connector
  connector = new ServerConnector(server,
      new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
      new HttpConnectionFactory(https_config));
  connector.setPort(8443);
} else {
  // Basic HTTP connector
  connector = new ServerConnector(server);
  connector.setPort(websocketPort);
}

ServletContextHandler ctx = new ServletContextHandler();
ctx.setContextPath("/");
ctx.addServlet(EmergeEchoServiceSocketServlet.class, "/dF" + websocketServicePoint);

server.setHandler(ctx);
server.addConnector(connector);

// Start the websocket server
server.start();
logger.info("server status: {}", server.dump());
server.join();