带嵌入式Jetty HTTPS的CORS

时间:2015-01-21 17:08:45

标签: java https jetty

我想允许CORS for Embedded Jetty HTTPS,但以下代码无效。我设法使用以下代码使代码适用于HTTP。

public class EmbeddingJettyWithServlet {

public static void main(String[] args) throws Exception {
    // Setup Threadpool for multiple server connections
    QueuedThreadPool threadPool = new QueuedThreadPool();
    threadPool.setMaxThreads(500);

    //ThreadPool Server
    Server server = new Server(threadPool);

    // Configure jetty.home 
    String home = ".";

    // Configure ports for http
    ServerConnector http = new ServerConnector(server);
    http.setPort(9889);
    http.setIdleTimeout(30000);

    // Scheduler
    server.addBean(new ScheduledExecutorScheduler());

    //Thread.currentThread().setPriority(Thread.MAX_PRIORITY);

    // HTTPS Configuration
    HttpConfiguration https = new HttpConfiguration();
    https.addCustomizer(new SecureRequestCustomizer());

    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(home + "/keystore.jks");
    sslContextFactory.setKeyStorePassword("XXXXXXXXXX");
    sslContextFactory.setKeyManagerPassword("XXXXXXXXXXX");

    ServerConnector sslConnector = new ServerConnector(server,
            new SslConnectionFactory(sslContextFactory, "http/1.1"),
            new HttpConnectionFactory(https));
            sslConnector.setPort(9888);

    server.setConnectors(new Connector[] { http, sslConnector });

    ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
    context.setContextPath("/kibitz");

    // Enable CORS - cross origin resource sharing (for http and https)
    FilterHolder cors = new FilterHolder();
    cors.setInitParameter("allowedOrigins", "*");
    cors.setInitParameter("allowedHeaders", "*");
    cors.setInitParameter("allowedMethods", "GET, POST");
    cors.setFilter(new CrossOriginFilter());
    context.addFilter(cors, "*", EnumSet.of(DispatcherType.REQUEST, DispatcherType.ASYNC, DispatcherType.INCLUDE));

    server.setHandler(context);

    server.start();
    server.join();
}

但我无法在端口9888上运行HTTPS。非常感谢!

2 个答案:

答案 0 :(得分:1)

@Joakim Erdfelt是正确的,在我的情况下,这是一个密钥库问题。在摸索了这个之后,我发现问题是我的Firefox浏览器和不受信任的证书。 Firefox,而不是直接转到https:// URL,而不是给出“让我离开这里”的消息,相反,如果您的网站是,则Javascript控制台会出现“Cross-Origin Request Blocked”错误试图通过端口访问。

要使用https://,您必须从受信任的证书颁发机构获取证书并将其安装到您的密钥库中。如果您生成自己的证书,某些浏览器将阻止该请求。本文对正确设置密钥库非常有帮助:http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html

答案 1 :(得分:0)

让我们开始正确使用HttpConfiguration

    // Setup Threadpool for multiple server connections
    QueuedThreadPool threadPool = new QueuedThreadPool();
    threadPool.setMaxThreads(500);

    //ThreadPool Server
    Server server = new Server(threadPool);
    int port = 9889;
    int portSecure = 9888;

    // Configure jetty.home 
    String home = ".";

    // HTTP Configuration
    HttpConfiguration http_config = new HttpConfiguration();
    http_config.setSecureScheme("https");
    http_config.setSecurePort(portSecure);

    // Configure Connector for http
    ServerConnector http = new ServerConnector(server,
            new HttpConnectionFactory(http_config));
    http.setPort(port);
    http.setIdleTimeout(30000);

    // HTTPS Configuration
    HttpConfiguration https_config = new HttpConfiguration(http_config);
    https_config.addCustomizer(new SecureRequestCustomizer());

    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(home + "/keystore.jks");
    sslContextFactory.setKeyStorePassword("XXXXXXXXXX");
    sslContextFactory.setKeyManagerPassword("XXXXXXXXXXX");

    ServerConnector sslConnector = new ServerConnector(server,
            new SslConnectionFactory(sslContextFactory, "http/1.1"),
            new HttpConnectionFactory(https_config));
    sslConnector.setPort(portSecure);

    server.setConnectors(new Connector[] { http, sslConnector });

您的代码没有定义什么端口被认为是安全的,并且它也没有将http配置转移到https端。

这在某些方面应该有所帮助。但是,如果您没有正确创建密钥库,那么没有任何Jetty端配置会有所帮助。