由于HTTPS具有良好的安全性,在开发中得到了越来越广泛的应用。在jdk中提供了一个JAVA数字证书管理工具keytool,在\jdk\bin目录下,通过这个工具可以自己生成一个数字证书,生成命令如下:
keytool -genkey -alias tomcathttps -keyalg RSA -keysize 2048 -keystore lmc22 -validity 365keytool -genkey -alias tomcathttps -keyalg RSA -keysize 2048 -keystore lmc22 -validity 365keytool -genkey -alias tomcathttps -keyalg RSA -keysize 2048 -keystore lmc22 -validity 365
注意:该命令要在bin目录下执行
命令解释:
- genkey:表示要创建一个新的秘钥。
- -alias:表示keystone的别名。
- -keyalg:表示使用的加密算法是RSA,一种非对称加密算法。
- -keysize:表示密钥的长度。
- -keystore:表示生成的密钥存放位置。
- -validity:表示密钥的有效时间,单位为天。
当控制台执行完该命令后,会在bin目录下生成一个名为lmc22的文件,将这个文件复制到项目的根目录下,然后在application.properties中做以下配置:
server.ssl.key-store=lmc22 server.ssl.key-alias=tomcathttps server.ssl.key-store-password=123456server.ssl.key-store=lmc22 server.ssl.key-alias=tomcathttps server.ssl.key-store-password=123456server.ssl.key-store=lmc22 server.ssl.key-alias=tomcathttps server.ssl.key-store-password=123456
属性说明:
- key-store:表示密钥文件名
- key-alias:表示密钥别名
- key-store-password:在控制台执行过程中输入的密码
·配置完毕后,启动项目,在浏览器输入URL来查看结果(此时URL的协议是https,即URL为 https://主机号:端口号/**)
此时,如果以HTTP的方式访问接口,就会访问失败。这是因为Spring Boot不支持同时在配置中启用HTTP和HTTPS。这个时候可以配置请求重定向,将HTTP请求重定向为HTTPS请求。配置方式如下:
<span class="token keyword">package</span> com<span class="token punctuation">.</span>lmc<span class="token punctuation">.</span>config<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>apache<span class="token punctuation">.</span>catalina<span class="token punctuation">.</span>Context<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>apache<span class="token punctuation">.</span>catalina<span class="token punctuation">.</span>connector<span class="token punctuation">.</span>Connector<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>apache<span class="token punctuation">.</span>tomcat<span class="token punctuation">.</span>util<span class="token punctuation">.</span>descriptor<span class="token punctuation">.</span>web<span class="token punctuation">.</span>SecurityCollection<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>apache<span class="token punctuation">.</span>tomcat<span class="token punctuation">.</span>util<span class="token punctuation">.</span>descriptor<span class="token punctuation">.</span>web<span class="token punctuation">.</span>SecurityConstraint<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>springframework<span class="token punctuation">.</span>boot<span class="token punctuation">.</span>web<span class="token punctuation">.</span>embedded<span class="token punctuation">.</span>tomcat<span class="token punctuation">.</span>TomcatServletWebServerFactory<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>springframework<span class="token punctuation">.</span>context<span class="token punctuation">.</span>annotation<span class="token punctuation">.</span>Bean<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>springframework<span class="token punctuation">.</span>context<span class="token punctuation">.</span>annotation<span class="token punctuation">.</span>Configuration<span class="token punctuation">;</span> <span class="token annotation punctuation">@Configuration</span> <span class="token keyword">public</span> <span class="token keyword">class</span> <span class="token class-name">TomcatConfig</span> <span class="token punctuation">{<!-- --></span> <span class="token annotation punctuation">@Bean</span> TomcatServletWebServerFactory <span class="token function">tomcatServletWebServerFactory</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> TomcatServletWebServerFactory factory<span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">TomcatServletWebServerFactory</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">{<!-- --></span> <span class="token keyword">protected</span> <span class="token keyword">void</span> postProcessContext <span class="token punctuation">(</span>Context context<span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> SecurityConstraint constraint <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">SecurityConstraint</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span> constraint<span class="token punctuation">.</span><span class="token function">setUserConstraint</span><span class="token punctuation">(</span><span class="token string">"CONFIDENTIAL"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> SecurityCollection collection <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">SecurityCollection</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span> collection<span class="token punctuation">.</span><span class="token function">addPattern</span><span class="token punctuation">(</span><span class="token string">"/*"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> constraint<span class="token punctuation">.</span><span class="token function">addCollection</span><span class="token punctuation">(</span>collection<span class="token punctuation">)</span> <span class="token punctuation">;</span> context<span class="token punctuation">.</span><span class="token function">addConstraint</span><span class="token punctuation">(</span>constraint<span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span><span class="token punctuation">;</span> factory<span class="token punctuation">.</span><span class="token function">addAdditionalTomcatConnectors</span><span class="token punctuation">(</span><span class="token function">createTomcatConnector</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token keyword">return</span> factory<span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token keyword">private</span> org<span class="token punctuation">.</span>apache<span class="token punctuation">.</span>catalina<span class="token punctuation">.</span>connector<span class="token punctuation">.</span>Connector createTomcatConnector <span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> Connector connector <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">Connector</span><span class="token punctuation">(</span><span class="token string">"org.apache.coyote.http11.Http11NioProtocol"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> connector<span class="token punctuation">.</span><span class="token function">setScheme</span><span class="token punctuation">(</span><span class="token string">"http"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> connector<span class="token punctuation">.</span><span class="token function">setPort</span><span class="token punctuation">(</span><span class="token number">8080</span><span class="token punctuation">)</span> <span class="token punctuation">;</span> connector<span class="token punctuation">.</span>setSecure <span class="token punctuation">(</span><span class="token boolean">false</span><span class="token punctuation">)</span><span class="token punctuation">;</span> connector<span class="token punctuation">.</span><span class="token function">setRedirectPort</span><span class="token punctuation">(</span><span class="token number">8081</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token keyword">return</span> connector<span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span><span class="token keyword">package</span> com<span class="token punctuation">.</span>lmc<span class="token punctuation">.</span>config<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>apache<span class="token punctuation">.</span>catalina<span class="token punctuation">.</span>Context<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>apache<span class="token punctuation">.</span>catalina<span class="token punctuation">.</span>connector<span class="token punctuation">.</span>Connector<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>apache<span class="token punctuation">.</span>tomcat<span class="token punctuation">.</span>util<span class="token punctuation">.</span>descriptor<span class="token punctuation">.</span>web<span class="token punctuation">.</span>SecurityCollection<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>apache<span class="token punctuation">.</span>tomcat<span class="token punctuation">.</span>util<span class="token punctuation">.</span>descriptor<span class="token punctuation">.</span>web<span class="token punctuation">.</span>SecurityConstraint<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>springframework<span class="token punctuation">.</span>boot<span class="token punctuation">.</span>web<span class="token punctuation">.</span>embedded<span class="token punctuation">.</span>tomcat<span class="token punctuation">.</span>TomcatServletWebServerFactory<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>springframework<span class="token punctuation">.</span>context<span class="token punctuation">.</span>annotation<span class="token punctuation">.</span>Bean<span class="token punctuation">;</span> <span class="token keyword">import</span> org<span class="token punctuation">.</span>springframework<span class="token punctuation">.</span>context<span class="token punctuation">.</span>annotation<span class="token punctuation">.</span>Configuration<span class="token punctuation">;</span> <span class="token annotation punctuation">@Configuration</span> <span class="token keyword">public</span> <span class="token keyword">class</span> <span class="token class-name">TomcatConfig</span> <span class="token punctuation">{<!-- --></span> <span class="token annotation punctuation">@Bean</span> TomcatServletWebServerFactory <span class="token function">tomcatServletWebServerFactory</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> TomcatServletWebServerFactory factory<span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">TomcatServletWebServerFactory</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">{<!-- --></span> <span class="token keyword">protected</span> <span class="token keyword">void</span> postProcessContext <span class="token punctuation">(</span>Context context<span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> SecurityConstraint constraint <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">SecurityConstraint</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span> constraint<span class="token punctuation">.</span><span class="token function">setUserConstraint</span><span class="token punctuation">(</span><span class="token string">"CONFIDENTIAL"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> SecurityCollection collection <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">SecurityCollection</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span> collection<span class="token punctuation">.</span><span class="token function">addPattern</span><span class="token punctuation">(</span><span class="token string">"/*"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> constraint<span class="token punctuation">.</span><span class="token function">addCollection</span><span class="token punctuation">(</span>collection<span class="token punctuation">)</span> <span class="token punctuation">;</span> context<span class="token punctuation">.</span><span class="token function">addConstraint</span><span class="token punctuation">(</span>constraint<span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span><span class="token punctuation">;</span> factory<span class="token punctuation">.</span><span class="token function">addAdditionalTomcatConnectors</span><span class="token punctuation">(</span><span class="token function">createTomcatConnector</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token keyword">return</span> factory<span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token keyword">private</span> org<span class="token punctuation">.</span>apache<span class="token punctuation">.</span>catalina<span class="token punctuation">.</span>connector<span class="token punctuation">.</span>Connector createTomcatConnector <span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token punctuation">{<!-- --></span> Connector connector <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">Connector</span><span class="token punctuation">(</span><span class="token string">"org.apache.coyote.http11.Http11NioProtocol"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> connector<span class="token punctuation">.</span><span class="token function">setScheme</span><span class="token punctuation">(</span><span class="token string">"http"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> connector<span class="token punctuation">.</span><span class="token function">setPort</span><span class="token punctuation">(</span><span class="token number">8080</span><span class="token punctuation">)</span> <span class="token punctuation">;</span> connector<span class="token punctuation">.</span>setSecure <span class="token punctuation">(</span><span class="token boolean">false</span><span class="token punctuation">)</span><span class="token punctuation">;</span> connector<span class="token punctuation">.</span><span class="token function">setRedirectPort</span><span class="token punctuation">(</span><span class="token number">8081</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token keyword">return</span> connector<span class="token punctuation">;</span> <span class="token punctuation">}</span> <span class="token punctuation">}</span>package com.lmc.config; import org.apache.catalina.Context; import org.apache.catalina.connector.Connector; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration public class TomcatConfig { @Bean TomcatServletWebServerFactory tomcatServletWebServerFactory() { TomcatServletWebServerFactory factory= new TomcatServletWebServerFactory(){ protected void postProcessContext (Context context) { SecurityConstraint constraint = new SecurityConstraint(); constraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); constraint.addCollection(collection) ; context.addConstraint(constraint); } }; factory.addAdditionalTomcatConnectors(createTomcatConnector()); return factory; } private org.apache.catalina.connector.Connector createTomcatConnector () { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(8080) ; connector.setSecure (false); connector.setRedirectPort(8081); return connector; } }
这里首先配置一个TomcatServletWebServerFactory,然后添加一个Tomcat中的Constraint(监听8080端口),并将请求转发到8081上去
其中,pom.xml所需的依赖如下:
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>dependency</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>groupId</span><span class="token punctuation">></span></span>org.springframework.boot<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>groupId</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>artifactId</span><span class="token punctuation">></span></span>spring-boot-starter-tomcat<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>artifactId</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"></</span>dependency</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>dependency</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>groupId</span><span class="token punctuation">></span></span>org.apache.coyote<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>groupId</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>artifactId</span><span class="token punctuation">></span></span>com.springsource.org.apache.coyote<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>artifactId</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>version</span><span class="token punctuation">></span></span>7.0.26<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>version</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"></</span>dependency</span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>dependency</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>groupId</span><span class="token punctuation">></span></span>org.springframework.boot<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>groupId</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>artifactId</span><span class="token punctuation">></span></span>spring-boot-starter-tomcat<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>artifactId</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"></</span>dependency</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>dependency</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>groupId</span><span class="token punctuation">></span></span>org.apache.coyote<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>groupId</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>artifactId</span><span class="token punctuation">></span></span>com.springsource.org.apache.coyote<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>artifactId</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"><</span>version</span><span class="token punctuation">></span></span>7.0.26<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>version</span><span class="token punctuation">></span></span> <span class="token tag"><span class="token tag"><span class="token punctuation"></</span>dependency</span><span class="token punctuation">></span></span><dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-tomcat</artifactId> </dependency> <dependency> <groupId>org.apache.coyote</groupId> <artifactId>com.springsource.org.apache.coyote</artifactId> <version>7.0.26</version> </dependency>
配置完成后,在浏览器输入 http://localhost:8080/,就会自动重定向到 https://localhost:8081/ 上。
原文链接:https://blog.csdn.net/lmchhh/article/details/107239816
© 版权声明
声明📢本站内容均来自互联网,归原创作者所有,如有侵权必删除。
本站文章皆由CC-4.0协议发布,如无来源则为原创,转载请注明出处。
THE END
