如何在Tomcat+;吉拉
如果有人建议我在Tomcat中启用HSTS(HTTP严格传输安全)头,那将非常有帮助 我的JIRA应用程序在tomcat上运行,前面没有Apache或NGINX 我想为JIRA应用程序设置HSTS响应头,请建议如何在Tomcat中实现如何在Tomcat+;吉拉,tomcat,jira,Tomcat,Jira,如果有人建议我在Tomcat中启用HSTS(HTTP严格传输安全)头,那将非常有帮助 我的JIRA应用程序在tomcat上运行,前面没有Apache或NGINX 我想为JIRA应用程序设置HSTS响应头,请建议如何在Tomcat中实现 提前谢谢。我想这就是你要找的。 我是从你那儿拿的 HST滤波器 org.apache.catalina.filters.HstsFilter 最大秒数 31536000 包含子域 真的 HST滤波器 /* 包org.apache.catalina.filters
提前谢谢。我想这就是你要找的。 我是从你那儿拿的
HST滤波器
org.apache.catalina.filters.HstsFilter
最大秒数
31536000
包含子域
真的
HST滤波器
/*
包org.apache.catalina.filters;
导入java.io.IOException;
导入javax.servlet.FilterChain;
导入javax.servlet.FilterConfig;
导入javax.servlet.ServletException;
导入javax.servlet.ServletRequest;
导入javax.servlet.ServletResponse;
导入javax.servlet.http.HttpServletResponse;
导入org.apache.juli.logging.Log;
导入org.apache.juli.logging.LogFactory;
公共类HstsFilter扩展了FilterBase{
私有静态最终字符串头\u NAME=“严格传输安全”;
私有静态最终字符串MAX\u AGE\u指令=“MAX AGE=%s”;
私有静态最终字符串INCLUDE\u SUB\u DOMAINS\u DIRECTIVE=“includeSubDomains”;
私有静态最终日志日志=LogFactory.getLog(HstsFilter.class);
//默认值为“0”,与RFC 6797第11.2节中建议的值相同
private int maxagesonds=0;
私有布尔值includeSubDomains=false;
私有字符串指令;
公共无效设置maxAgeSeconds(int maxAgeSeconds){
this.maxagesonds=maxagesonds;
}
公共void集合includeSubDomains(布尔值includeSubDomains){
this.includeSubDomains=includeSubDomains;
}
@凌驾
public void doFilter(ServletRequest请求、ServletResponse响应、,
FilterChain链)抛出IOException、ServletException{
链式过滤器(请求、响应);
//请注意,HTTP响应中不得包含HSTS标头
//通过非安全运输进行运输
if(HttpServletResponse的request.isSecure()&&response实例){
HttpServletResponse res=(HttpServletResponse)响应;
res.addHeader(HEADER\u NAME,this.directives);
}
}
@抑制警告(“装箱”)
@凌驾
public void init(FilterConfig FilterConfig)抛出ServletException{
super.init(filterConfig);
如果(this.maxAgeSeconds<0){
抛出新的ServletException(sm.getString(
“hsts.invalidParameterValue”,this.maxAgeSeconds,
"最长时限);;
}
this.directives=String.format(MAX_AGE_指令,this.maxAgeSeconds);
如果(此。包括子域){
this.directives+=(“;”+包含子域指令);
}
}
@凌驾
受保护的日志记录器(){
返回日志;
}
}
检查我附加的链接上的代码
<filter>
<filter-name>HstsFilter</filter-name>
<filter-class>org.apache.catalina.filters.HstsFilter</filter-class>
<init-param>
<param-name>maxAgeSeconds</param-name>
<param-value>31536000</param-value>
</init-param>
<init-param>
<param-name>includeSubDomains</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>HstsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
package org.apache.catalina.filters;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
public class HstsFilter extends FilterBase {
private static final String HEADER_NAME = "Strict-Transport-Security";
private static final String MAX_AGE_DIRECTIVE = "max-age=%s";
private static final String INCLUDE_SUB_DOMAINS_DIRECTIVE = "includeSubDomains";
private static final Log log = LogFactory.getLog(HstsFilter.class);
// The default is "0" like recommended in section 11.2 of RFC 6797
private int maxAgeSeconds = 0;
private boolean includeSubDomains = false;
private String directives;
public void setMaxAgeSeconds(int maxAgeSeconds) {
this.maxAgeSeconds = maxAgeSeconds;
}
public void setIncludeSubDomains(boolean includeSubDomains) {
this.includeSubDomains = includeSubDomains;
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
chain.doFilter(request, response);
// Note that the HSTS header must not be included in HTTP responses
// conveyed over non-secure transport
if (request.isSecure() && response instanceof HttpServletResponse) {
HttpServletResponse res = (HttpServletResponse) response;
res.addHeader(HEADER_NAME, this.directives);
}
}
@SuppressWarnings("boxing")
@Override
public void init(FilterConfig filterConfig) throws ServletException {
super.init(filterConfig);
if (this.maxAgeSeconds < 0) {
throw new ServletException(sm.getString(
"hsts.invalidParameterValue", this.maxAgeSeconds,
"maxAgeSeconds"));
}
this.directives = String.format(MAX_AGE_DIRECTIVE, this.maxAgeSeconds);
if (this.includeSubDomains) {
this.directives += (" ; " + INCLUDE_SUB_DOMAINS_DIRECTIVE);
}
}
@Override
protected Log getLogger() {
return log;
}
}