我是一名Java / Web新手,我希望有人可以帮助我。
我正在使用Spring in Eclipse(Juno Windows 7)构建一个GAE应用程序。该项目是使用Eclipse的Maven插件(使用Maven 3.1.0)和Maven的appengine-maven-plugin(使用GAE SDK 1.8.3)生成的。
我的大多数邮件必须通过HTTPS发送,我在Spring配置中强制执行此操作。但是,我对如何配置本地DevAppServer以支持HTTPS感到茫然。
我开始创建证书
keytool -keystore myKeystore -genkey -keyalg RSA
我希望提供给服务器。但是,GAE似乎在自己的Jetty版本中运行,我不清楚是否可以修改它。
我试图通过命令行参数
来推送它<plugin>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-maven-plugin</artifactId>
<version>${appengine.target.version}</version>
<configuration>
<useJava7>true</useJava7>
<address>127.0.0.1</address>
<port>8080</port>
<compileEncoding>utf-8</compileEncoding>
<jvmFlags>
<jvmFlag>-Xdebug</jvmFlag>
<jvmFlag>-Xrunjdwp:transport=dt_socket,address=1044,server=y,suspend=y</jvmFlag>
<jvmFlag>-Djavax.net.ssl.keyStore=C:\STEVEN-DEV\projects\apps\testserver\src\main\webapp\WEB-INF\myKeystore</jvmFlag>
<jvmFlag>-Djavax.net.ssl.keyStorePassword=testpass</jvmFlag>
</jvmFlags>
</configuration>
</plugin>
我知道正在加载密钥库,因为如果路径错误,我会看到异常。但是,我不确定它被装入的内容,如果这甚至是我想做的事情。
当我从Eclipse调试应用程序时,应用程序打包后会出现在我的日志中:
Running C:\Program Files\Java\jdk1.7.0_10\jre\bin\java -javaagent:C:\Users\Steven\.m2\repository\com\google\appengine\appengine-java-sdk\1.8.3\appengine-java-sdk\appengine-java-sdk-1.8.3\lib\agent\appengine-agent.jar -Xbootclasspath/p:C:\Users\Steven\.m2\repository\com\google\appengine\appengine-java-sdk\1.8.3\appengine-java-sdk\appengine-java-sdk-1.8.3\lib\override\appengine-dev-jdk-overrides.jar -Dappengine.fullscan.seconds=5 -classpath C:\Users\Steven\.m2\repository\com\google\appengine\appengine-java-sdk\1.8.3\appengine-java-sdk\appengine-java-sdk-1.8.3\lib\appengine-tools-api.jar -Xdebug -Xrunjdwp:transport=dt_socket,address=1044,server=y,suspend=y -Djavax.net.ssl.keyStore=C:\STEVEN-DEV\projects\apps\testserver\src\main\webapp\WEB-INF\myKeystore -Djavax.net.ssl.keyStorePassword=testpass com.google.appengine.tools.development.DevAppServerMain --allow_remote_shutdown -a 127.0.0.1 -p 8080 C:\STEVEN-DEV\projects\apps\testserver\target/testserver-0.0.1-SNAPSHOT
如果我打开chrome并尝试访问
https://localhost:8080/test/retval
我看到“SSL连接错误”和“错误代码:ERR_SSL_PROTOCOL_ERROR”
如果我尝试浏览
http://localhost:8080/test/retval
我将被转发到
https://localhost:8443/test/retval
并被告知“此网页不可用”。
更新2:再看一下我找到的文档
开发Web服务器不支持HTTPS连接。它 忽略传输保证,因此要与HTTPS一起使用的路径 可以使用常规HTTP连接来测试开发Web 服务器
所以我的问题似乎是我的Spring配置强制HTTPS。我可以把它拿出来并允许任何连接类型。但是,我并不热衷于这样做,并且更愿意配置/破解开发服务器以支持SSL。
(回到旧问题:我一直在尝试的事情)
我不知道我的错误在哪里:GAE,Maven或Spring。
以下是我的完整pom.xml
我一直在阅读文档并在网上搜索几个小时。任何帮助将不胜感激。
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<groupId>com.steven</groupId>
<artifactId>testserver</artifactId>
<properties>
<java.version>1.7</java.version>
<maven.enforcer.plugin-version>1.3.1</maven.enforcer.plugin-version>
<maven.version.range>[2.2.1,3.1.0]</maven.version.range>
<appengine.app.version>1</appengine.app.version>
<appengine.target.version>1.8.3</appengine.target.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<org.springframework-version>3.2.3.RELEASE</org.springframework-version>
<org.springframework.security-version>3.1.4.RELEASE</org.springframework.security-version>
<org.slf4j-version>1.7.5</org.slf4j-version>
<ch.qos.logback-version>1.0.13</ch.qos.logback-version>
<org.codehaus.jackson-version>1.9.12</org.codehaus.jackson-version>
</properties>
<dependencies>
<!-- Compile/runtime dependencies -->
<dependency>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-api-1.0-sdk</artifactId>
<version>${appengine.target.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>jstl</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<!-- Test Dependencies -->
<dependency>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-testing</artifactId>
<version>${appengine.target.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-api-stubs</artifactId>
<version>${appengine.target.version}</version>
<scope>test</scope>
</dependency>
<!-- Spring Core -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${org.springframework-version}</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<!-- Spring Security -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${org.springframework.security-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${org.springframework.security-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${org.springframework.security-version}</version>
</dependency>
<!-- JSON -->
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-mapper-asl</artifactId>
<version>${org.codehaus.jackson-version}</version>
</dependency>
<!-- Logging -->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<version>${org.slf4j-version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${org.slf4j-version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>${ch.qos.logback-version}</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>${ch.qos.logback-version}</version>
</dependency>
</dependencies>
<repositories>
<repository>
<id>springsource-repo</id>
<name>SpringSource Repository</name>
<url>http://repo.springsource.org/release</url>
</repository>
</repositories>
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.eclipse.m2e</groupId>
<artifactId>lifecycle-mapping</artifactId>
<version>1.0.0</version>
<configuration>
<lifecycleMappingMetadata>
<pluginExecutions>
<pluginExecution>
<pluginExecutionFilter>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<versionRange>[1.0.0,)</versionRange>
<goals>
<goal>enforce</goal>
</goals>
</pluginExecutionFilter>
<action>
<ignore />
</action>
</pluginExecution>
</pluginExecutions>
</lifecycleMappingMetadata>
</configuration>
</plugin>
</plugins>
</pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<version>2.5.1</version>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.7</source>
<target>1.7</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.3</version>
<configuration>
<archiveClasses>true</archiveClasses>
<webResources>
<!-- in order to interpolate version from pom into appengine-web.xml -->
<resource>
<directory>${basedir}/src/main/webapp/WEB-INF</directory>
<filtering>true</filtering>
<targetPath>WEB-INF</targetPath>
</resource>
</webResources>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>${maven.enforcer.plugin-version}</version>
<executions>
<execution>
<id>enforce-banned-dependencies</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<bannedDependencies>
<searchTransitive>true</searchTransitive>
<excludes>
<exclude>javassist:javassist</exclude>
<exclude>commons-logging</exclude>
<exclude>aspectj:aspectj*</exclude>
<exclude>hsqldb:hsqldb</exclude>
<exclude>log4j:log4j</exclude>
<exclude>org.slf4j:[1.5, 1.6.5]</exclude>
<exclude>org.springframework:2.*</exclude>
<exclude>org.springframework:3.0.*</exclude>
</excludes>
</bannedDependencies>
<requireMavenVersion>
<version>${maven.version.range}</version>
</requireMavenVersion>
<requireJavaVersion>
<version>${java.version}</version>
</requireJavaVersion>
</rules>
<fail>true</fail>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-maven-plugin</artifactId>
<version>${appengine.target.version}</version>
<configuration>
<useJava7>true</useJava7>
<address>127.0.0.1</address>
<port>8080</port>
<compileEncoding>utf-8</compileEncoding>
<jvmFlags>
<jvmFlag>-Xdebug</jvmFlag>
<jvmFlag>-Xrunjdwp:transport=dt_socket,address=1044,server=y,suspend=y</jvmFlag>
<jvmFlag>-Djavax.net.ssl.keyStore=C:\STEVEN-DEV\projects\apps\testserver\src\main\webapp\WEB-INF\myKeystore</jvmFlag>
<jvmFlag>-Djavax.net.ssl.keyStorePassword=testpass</jvmFlag>
</jvmFlags>
</configuration>
</plugin>
</plugins>
</build>
</project>
更新:我在我的web.xml中尝试了这个有和没有安全限制的内容
我不禁想到我需要找到一种方法来配置应用引擎插件使用的Jetty来使用SSL
<?xml version="1.0" encoding="utf-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>Test Server</display-name>
<!-- Spring MVC -->
<servlet>
<servlet-name>mvc-dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvc-dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/mvc-dispatcher-servlet.xml, /WEB-INF/spring-security.xml</param-value>
</context-param>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>test</web-resource-name>
<url-pattern>/test/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
答案 0 :(得分:2)
As described in the docs,只需在您的src / main / webapp / WEB-INF / web.xml文件中添加security-contraint
,即可在您应用的某些网址上强制使用SSL(例如/ rest / * ):
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
...
<security-constraint>
<web-resource-collection>
<url-pattern>/rest/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
...
</web-app>
您应该能够在本地使用HTTP和HTTPS。我不确定是否在localhost上强制实施仅SSL约束。将应用部署到GAE后,将根据您的web.xml设置强制执行 。
答案 1 :(得分:2)
我在上面的回答中将其作为评论发布,但我也应该把它放在这里:
根据文档
https://developers.google.com/appengine/docs/java/config/webxml#Secure_URLs
“开发Web服务器不支持HTTPS连接。它忽略了传输保证,因此可以使用与开发Web服务器的常规HTTP连接来测试用于HTTPS的路径。”