Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/ssl/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring安全表单登录Tomcat中的SSL实现_Spring_Ssl_Spring Security_Https_Tomcat7 - Fatal编程技术网
Fatal编程技术网
  • spring/
  • Spring安全表单登录Tomcat中的SSL实现

Spring安全表单登录Tomcat中的SSL实现

spring ssl spring-security https

Spring安全表单登录Tomcat中的SSL实现,spring,ssl,spring-security,https,tomcat7,Spring,Ssl,Spring Security,Https,Tomcat7,我正在尝试通过https迁移使用Spring Security制作的Web应用程序。 我在网上找到了所有的指南和文档,但都没用。你能帮我解决这个问题还是找出问题 不要工作,因为当我去我得到一个页面没有找到。当http工作时 我遵循此指南了解密钥库和连接器配置 我在AWSEC2上运行webapp mywebapp/web-application-context.xml <security:http auto-config="true"> <security:int

我正在尝试通过https迁移使用Spring Security制作的Web应用程序。 我在网上找到了所有的指南和文档,但都没用。你能帮我解决这个问题还是找出问题

不要工作,因为当我去我得到一个页面没有找到。当http工作时

我遵循此指南了解密钥库和连接器配置

我在AWSEC2上运行webapp

mywebapp/web-application-context.xml

<security:http auto-config="true">
        <security:intercept-url pattern="/Secure/**" access="isAuthenticated()" />
        <security:intercept-url pattern="/**" requires-channel="https" />
        <security:access-denied-handler
            error-page="/Unsecure/NoPermission" />
        <security:form-login login-page="/Unsecure/Login" 
            login-processing-url="/Unsecure/Login.do" username-parameter="username"
            password-parameter="password" always-use-default-target="true"
            default-target-url="/Secure/Home/Dashboard" authentication-failure-url="/Unsecure/Login?err=1" />
        <security:logout logout-success-url="/Unsecure/Login"
            logout-url="/Secure/Logout" delete-cookies="JSESSIONID" />
        <security:csrf />
        <security:http-basic/>
    </security:http>
tomcat7/server.xml

<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" 
            maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" 
            sslProtocol="TLS" keystoreFile="${user.home}/.keystore" keystorePass="changeit"/>
mywebapp/web.xml

    <servlet>
    <servlet-name>dispatcher</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/dispatcher-servlet.xml</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>dispatcher</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/web-application-config.xml</param-value>
</context-param>
<session-config>
    <session-timeout>120</session-timeout>
</session-config>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>


<filter>
    <filter-name>encoding-filter</filter-name>
    <filter-class>
        org.springframework.web.filter.CharacterEncodingFilter
    </filter-class>
    <init-param>
        <param-name>encoding</param-name>
        <param-value>UTF-8</param-value>
    </init-param>
    <init-param>
    <param-name>forceEncoding</param-name>
    <param-value>true</param-value>
    </init-param>
</filter>

<filter-mapping>
    <filter-name>encoding-filter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>


调度员
org.springframework.web.servlet.DispatcherServlet
上下文配置位置
/WEB-INF/dispatcher-servlet.xml
1.
调度员
/
上下文配置位置
/WEB-INF/WEB-application-config.xml
120
org.springframework.web.context.ContextLoaderListener
编码过滤器
org.springframework.web.filter.CharacterEncodingFilter
编码
UTF-8
强制编码
真的
编码过滤器
/*
springSecurityFilterChain
org.springframework.web.filter.DelegatingFilterProxy
springSecurityFilterChain
/*
最好的规则,
Carmine

确保修改了EC2实例的安全组,以允许传入到TCP端口8443的连接

您还可以使用实例shell本身的wget来确定其是否通过HTTPS提供页面:

wget --no-check-certificate https://127.0.0.1:8443
嗯,重新阅读您的配置,您的Tomcat前面是否有一个反向代理,用于将端口443处的请求路由到端口8443上侦听的Tomcat?如果没有,您应该使用for HTTPS not访问您的Tomcat。

Hi,我运行上述命令并得到:--2019-10-08 12:47:21--解析mywebapps(mywebapps)。。。xx.xx.xxx.xxx连接到mywebapps(mywebapps)| xx.xx.xxx.xxx |:8443。。。有联系的。OpenSSL:错误:14077410:SSL例程:SSL23\u GET\u SERVER\u HELLO:sslv3警报握手失败无法建立SSL连接。您是否确认这不是安全组问题?以及您使用的wget版本(wget--version)?使用-v和--debug选项运行wget,这样我们就可以获得有关其失败原因的更多详细信息:wget-v--debug--no check certificate“127.0.0.1:8443”是的,我确认。安全组设置正确。将--check certificate(checkcertificate)设置为0调试输出,该输出由WGET1.18在linux gnu上创建。从/home/user/.wget HSTS URI encoding读取HSTS条目='UTF-8'转换文件名'index.html'(UTF-8)->'index.html'(UTF-8)--2019-10-08 13:14:41--解析mywebapps(mywebapps)。。。xx.xx.xxx.xxx缓存mywebapps=>xx.xx.xxx.xxx连接到mywebapps(mywebapps)| xx.xx.xxx.xxx |:8443。。。有联系的。创建了套接字3。释放0x0000000002491f30(新引用计数1)。