Spring Boot Jetty自动将HTTP(端口80)请求重定向到HTTPS(端口8443)
我有以下代码来配置Jetty服务器:
@Configuration
public class RedirectHttpToHttpsOnJetty2Config {
@Bean
public ConfigurableServletWebServerFactory webServerFactory() {
JettyServletWebServerFactory factory = new JettyServletWebServerFactory();
factory.addServerCustomizers(new JettyServerCustomizer() {
@Override
public void customize(Server server) {
ServerConnector connector = new ServerConnector(server);
connector.setPort(80);
server.addConnector(connector);
}
});
return factory;
}
}
和
Application.Properties作为
server.port=8443
server.ssl.key-store=classpath:keystore
server.ssl.key-store-password=xyzxyzxyz
server.ssl.key-password=xyzxyzxyz
@Bean
public ServletWebServerFactory servletContainer(){
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}
private Connector redirectConnector(){
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(80);
connector.setSecure(false);
connector.setRedirectPort(8443);
return connector;
}
但找不到与Jetty相当的东西。非常感谢任何指针。
共有1个答案
在端口80ServerConnector上缺少必要的HttpConfiguration,以告诉Jetty您的安全端口和非安全端口是什么。
Jetty端SecureDreDirectHandler是重定向的实际工作方式。
参见:https://github.com/jetty-project/embedded-jetty-cookbook/blob/master/src/main/java/org/eclipse/jetty/cookbook/securedreDirectHandlerExample.java
package org.eclipse.jetty.cookbook;
import java.net.URL;
import org.eclipse.jetty.cookbook.handlers.HelloHandler;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.HandlerList;
import org.eclipse.jetty.server.handler.SecuredRedirectHandler;
import org.eclipse.jetty.util.ssl.SslContextFactory;
public class SecuredRedirectHandlerExample
{
public static void main(String[] args) throws Exception
{
Server server = new Server();
int httpPort = 8080;
int httpsPort = 8443;
// Setup HTTP Connector
HttpConfiguration httpConf = new HttpConfiguration();
httpConf.setSecurePort(httpsPort);
httpConf.setSecureScheme("https");
// Establish the HTTP ServerConnector
ServerConnector httpConnector = new ServerConnector(server,
new HttpConnectionFactory(httpConf));
httpConnector.setPort(httpPort);
server.addConnector(httpConnector);
// Find Keystore for SSL
ClassLoader cl = SecuredRedirectHandlerExample.class.getClassLoader();
String keystoreResource = "ssl/keystore";
URL f = cl.getResource(keystoreResource);
if (f == null)
{
throw new RuntimeException("Unable to find " + keystoreResource);
}
// Setup SSL
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(f.toExternalForm());
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
// Setup HTTPS Configuration
HttpConfiguration httpsConf = new HttpConfiguration(httpConf);
httpsConf.addCustomizer(new SecureRequestCustomizer()); // adds ssl info to request object
// Establish the HTTPS ServerConnector
ServerConnector httpsConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory,"http/1.1"),
new HttpConnectionFactory(httpsConf));
httpsConnector.setPort(httpsPort);
server.addConnector(httpsConnector);
// Add a Handlers for requests
HandlerList handlers = new HandlerList();
handlers.addHandler(new SecuredRedirectHandler()); // always first
handlers.addHandler(new HelloHandler("Hello Secure World"));
handlers.addHandler(new DefaultHandler()); // always last
server.setHandler(handlers);
server.start();
server.join();
}
}
-
我有一个使用http和https的SpringBoot 2.0应用程序。因此,在端口9080上,它服务于http协议,在端口9443上,它工作正常。我唯一想要的是重定向,如果用户输入例如:http://localhost:9443/e1 综上所述: http://localhost:9080/e1 https://localhost:9443/e1 http://localhost:9443/e1
-
当我们使用AWS应用型负载均衡将传入请求重定向到我们的服务器时,我们创建了一个SSL证书并将其设置为负载均衡器。它同时监听HTTP 80和HTTPS 443端口的流量。在这两种情况下,流量都被重定向到目标组实例的HTTP 80端口。 在这些情况下,有nginx服务器配置为侦听它们所在的实例的HTTP 80端口。 当我更新nginx.conf文件以将传入的HTTP请求重定向到HTTPS协议时,我们面
-
我有一个网站<code>www.example。com使用RewriteEngine将HTTP流量重定向到HTTPS: 我发现的问题是谷歌已经索引了这个URL: 给出此错误: 我尝试重定向流量,添加来自80和443虚拟主机的永久重定向: 没有成功。什么是正确的方法来重定向从http://www.example.com:443(和衍生网页)到https://www.example.com的所有流量?
-
> 我在服务器.xml中同时启用了非SSL(8440)连接器和SSL(8445)连接器,当我启动服务器时,它会将我重定向到“http://localhost:8445/”,但我在SSL连接器中给出了这个端口。 当我尝试访问 http://localhost:8440 时,它允许我进入应用程序(它必须重定向到 ssl 端口,因为我给定了重定向端口) 如果我移除了非ssl连接器,一切都正常。 tomc
-
并打开端口localhost:80,看到docker入门页面。但是,我必须运行我的客户机的项目,它的端口也映射到localhost:80。因此,我无法在localhost:80上运行我客户的项目。除此之外,任何我随机打开docker然后切换到localhost:80的实例,它都会重定向到docker的入门教程。我想重置这个localhost:80端口,这样当我运行客户端的项目时,我可以将它们映射到
-
问题内容: 这是我的standalone-full.xml配置,其中ssl配置了 security realm . Subsystem Socket Binding 问题答案: 重写规则可用于重定向用户。在undertow子系统(standalone.xml或domain.xml)中,你需要创建一个新的重写过滤器,然后在新的fitler-ref中启用该过滤器: 在过滤器部分中创建新的重写过滤器。在