用例:我们按照文档进行了以下SSL配置,但是我们需要为几条路由禁用此SSL检查(/ healthcheck和/ ping-使它们不安全),并仅针对以下路径进行SSL检查1条路线(/卖方)。我们如何做到这一点?
HTTP服务器选项:
HttpServerOptions secureOptions = new HttpServerOptions();
secureOptions.setSsl(true)
.setPfxKeyCertOptions(new PfxOptions().setPath(sslKeystorePath)
.setPassword(sslKeystorePassword))
.setPfxTrustOptions(new PfxOptions().setPath(sslKeystorePath)
.setPassword(sslKeystorePassword))
.setClientAuth(ClientAuth.REQUIRED)
.addEnabledSecureTransportProtocol(APIConstants.TLS_VERSION_2);
Registering Healthcheck routers:
private void registerHealthChecks(Router router) {
HealthCheckHandler healthCheckHandler =
HealthCheckHandler
.createWithHealthChecks(HealthChecks.create(vertx));
healthCheckHandler
.register("STATUS", 2000, future -> future.complete(Status.OK()));
HealthCheckHandler pingHandler = HealthCheckHandler.create(vertx);
pingHandler.register("DB_STATUS", future -> {
final JDBCClient client = JDBCClient.createShared(vertx, new JsonObject()
.put("url", config().getValue("jdbc.url"))
.put("driver_class", config().getValue("jdbc.driver_class"))
.put("max_pool_size", config().getValue("jdbc.max_pool_size"))
.put("user", config().getValue("jdbc.user"))
.put("password", config().getValue("jdbc.password")));
client.getConnection(conn -> {
if (conn.failed()) {
LOGGER.error(conn.cause().getMessage());
future.complete(Status.KO());
} else if (conn.succeeded()) {
LOGGER.info("DB Connection successful!!!");
future.complete(Status.OK());
}
}).close();
});
// Healthcheck endpoint handler
router.get(APIConstants.SA_HEALCHECK_ENDPOINT).handler(healthCheckHandler);
LOGGER.info("Endpoint added to router " + APIConstants.SA_HEALCHECK_ENDPOINT);
// Ping endpoint handler for database health check
router.get(APIConstants.SA_PING_ENDPOINT).handler(pingHandler);
LOGGER.info("Endpoint added to router " + APIConstants.SA_PING_ENDPOINT);
}
启动方法的实现:
@Override
public void start(Future<Void> startFuture) throws Exception {
Json.mapper.registerModule(new JavaTimeModule());
FileSystem vertxFileSystem = vertx.fileSystem();
// Read properties into config object and use it for further server configuration.
this.configRetriever.configStream().handler(config -> {
// read port from properties file.
this.serverPort = config.getInteger("api.endpoint.port");
// Reading swagger.json and and register router here
vertxFileSystem.readFile("swagger.json", readFile -> {
HttpServer server = null;
if (readFile.succeeded()) {
// Get Swagger file and create routes with api endpoints defined in the swagger.json
Swagger swagger = new SwaggerParser().parse(readFile.result().toString(Charset.forName("utf-8")));
Router swaggerRouter = SwaggerRouter.swaggerRouter(router, swagger, vertx.eventBus(), new OperationIdServiceIdResolver());
// Register /healthcheck and /ping endpoints here
registerHealthChecks(swaggerRouter);
// Configure SSL certifications for https://
HttpServerOptions secureOptions = getSSLConfig(config);
// Initialize HttpServer with above SSL config
server = vertx.createHttpServer(secureOptions);
// deploy theSellerAPIVerticle
deployVerticles(startFuture, config);
// Start the server with all above the routes
if(server != null) {
server.requestHandler(swaggerRouter)
.listen(serverPort, h -> {
if (h.succeeded()) {
startFuture.complete();
} else {
startFuture.fail(h.cause());
}
});
} else {
LOGGER.warn("Server is not initialized properly!!");
}
} else {
startFuture.fail(readFile.cause());
}
});
});
}