Spring boot Spring Boot Jetty自动将HTTP(端口80)请求重定向到HTTPS(端口8443)
我有以下代码来配置Jetty server:Spring boot Spring Boot Jetty自动将HTTP(端口80)请求重定向到HTTPS(端口8443),spring-boot,embedded-jetty,http-redirect,Spring Boot,Embedded Jetty,Http Redirect,我有以下代码来配置Jetty server: @Configuration public class RedirectHttpToHttpsOnJetty2Config { @Bean public ConfigurableServletWebServerFactory webServerFactory() { JettyServletWebServerFactory factory = new JettyServletWebServerFactory();
@Configuration
public class RedirectHttpToHttpsOnJetty2Config {
@Bean
public ConfigurableServletWebServerFactory webServerFactory() {
JettyServletWebServerFactory factory = new JettyServletWebServerFactory();
factory.addServerCustomizers(new JettyServerCustomizer() {
@Override
public void customize(Server server) {
ServerConnector connector = new ServerConnector(server);
connector.setPort(80);
server.addConnector(connector);
}
});
return factory;
}
}
及
application.properties作为
server.port=8443
server.ssl.key-store=classpath:keystore
server.ssl.key-store-password=xyzxyzxyz
server.ssl.key-password=xyzxyzxyz
当我访问localhost:8443时,我的应用程序可以正常工作,但无法访问localhost:80。gradlew bootRun提到
。。。
Jetty在端口8443(ssl,http/1.1)、80(http/1.1)上启动,上下文路径为“/”
但一到这里我就明白了
无法访问此网站。。。本地主机拒绝连接
我正在寻找重定向到
我让它在Tomcat中工作:
@Bean
public ServletWebServerFactory servletContainer(){
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}
private Connector redirectConnector(){
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(80);
connector.setSecure(false);
connector.setRedirectPort(8443);
return connector;
}
但找不到与Jetty相同的产品。非常感谢任何指针。您缺少端口80
ServerConnector
上所需的HttpConfiguration
,无法告诉Jetty您的安全端口和非安全端口是什么
Jetty端的SecuredRedirectHandler是重定向实际运行的方式
见:
SecuredRedirectHandlerExample.java
package org.eclipse.jetty.cookbook;
导入java.net.URL;
导入org.eclipse.jetty.cookbook.handlers.HelloHandler;
导入org.eclipse.jetty.server.HttpConfiguration;
导入org.eclipse.jetty.server.HttpConnectionFactory;
导入org.eclipse.jetty.server.SecureRequestCustomizer;
导入org.eclipse.jetty.server.server;
导入org.eclipse.jetty.server.ServerConnector;
导入org.eclipse.jetty.server.SslConnectionFactory;
导入org.eclipse.jetty.server.handler.HandlerList;
导入org.eclipse.jetty.server.handler.SecuredDirectHandler;
导入org.eclipse.jetty.util.ssl.SslContextFactory;
公共类SecuredDirectHandlerExample
{
公共静态void main(字符串[]args)引发异常
{
服务器=新服务器();
int httpPort=8080;
int httpsPort=8443;
//安装HTTP连接器
HttpConfiguration httpConf=新的HttpConfiguration();
httpConf.setSecureReport(httpsPort);
httpConf.setSecureScheme(“https”);
//建立HTTP服务器连接器
ServerConnector httpConnector=新的ServerConnector(服务器,
新的HttpConnectionFactory(httpConf));
httpConnector.setPort(httpPort);
addConnector(httpConnector);
//查找SSL的密钥库
ClassLoader cl=SecuredRedirectHandlerExample.class.getClassLoader();
字符串keystoresource=“ssl/keystore”;
URL f=cl.getResource(keystoreResource);
如果(f==null)
{
抛出新的RuntimeException(“找不到”+keystoreResource);
}
//设置SSL
SslContextFactory SslContextFactory=新的SslContextFactory();
setkeystrepath(f.toExternalForm());
setKeyStorePassword(“OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4”);
sslContextFactory.setKeyManagerPassword(“OBF:1u2u1wml1z7s1z7a1wnl1u2g”);
//设置HTTPS配置
HttpConfiguration httpsConf=新的HttpConfiguration(httpConf);
httpsConf.addCustomizer(新的SecureRequestCustomizer());//向请求对象添加ssl信息
//建立HTTPS服务器连接器
ServerConnector httpsConnector=新的ServerConnector(服务器,
新的SslConnectionFactory(sslContextFactory,“http/1.1”),
新的HttpConnectionFactory(httpsConf));
httpsConnector.setPort(httpsPort);
addConnector(httpsConnector);
//为请求添加一个处理程序
HandlerList handlers=new HandlerList();
handlers.addHandler(新的SecuredRedirectHandler());//始终是第一个
addHandler(新HelloHandler(“Hello安全世界”);
handlers.addHandler(新的DefaultHandler());//总是最后一个
setHandler(处理程序);
server.start();
join();
}
}
以下配置将设置从HTTP到HTTPS的重定向。它假设您已经将Spring引导配置为在端口443上侦听,并且SSL配置正确
@Bean
public ConfigurableServletWebServerFactory webServerFactory() {
JettyServletWebServerFactory factory = new JettyServletWebServerFactory();
factory.addServerCustomizers(new JettyServerCustomizer() {
@Override
public void customize(Server server) {
final HttpConnectionFactory httpConnectionFactory = server.getConnectors()[0].getConnectionFactory(HttpConnectionFactory.class);
final ServerConnector httpConnector = new ServerConnector(server, httpConnectionFactory);
httpConnector.setPort(80 /* HTTP */);
server.addConnector(httpConnector);
final HandlerList handlerList = new HandlerList();
handlerList.addHandler(new SecuredRedirectHandler());
for(Handler handler : server.getHandlers())
handlerList.addHandler(handler);
server.setHandler(handlerList);
}
});
return factory;
}
您的
ServerConnector
上缺少一个HttpConfiguration
,该配置至少需要存在才能识别端口是什么(安全还是非安全)。谢谢!这有帮助。在生成过程中,server.start()失败:“ConfigServletWebServerApplicationContext:上下文初始化期间遇到异常-取消刷新尝试:org.springframework.context.ApplicationContextException:无法启动web服务器;嵌套异常为java.lang.IllegalStateException:无法启动服务器”。如果server.start()被注释,那么还有另一个:“BeanInstationException:未能实例化…servlet.HandlerMapping]:工厂方法'resourceHandlerMapping'抛出了IllegalStateException:没有ServletContext集”。很好!securedDirectHandler的“始终第一”部分帮助:)