SSL with Grizzly and Jersey

前端 未结 4 1604
一整个雨季
一整个雨季 2021-02-08 12:30

I\'m trying to get grizzly to use SSL encryption and still work fine with Jersey. I\'ve looked all over the Internet, and I find all kinds of different attempts at SSL with Griz

4条回答
  •  逝去的感伤
    2021-02-08 13:18

    The following code works with Grizzly 2.3.7 and I am using Jersey 1.18 - this includes code for SSL Client Authentication - if you don't have the keystores this feature will simply be ignored.

    /**
     * create a Server based on an url and possibly a ResourceConfig
     * 
     * @param url
     * @param rc
     * @param secure
     *          - true if SSL should be used
     * @param contextPath 
     * @return
     * @throws Exception
     */
    public HttpServer createHttpServer(String url, ResourceConfig rc,
            boolean secure, String contextPath) throws Exception {
        // HttpServer result = GrizzlyServerFactory.createHttpServer(url, rc);
        // http://grepcode.com/file/repo1.maven.org/maven2/com.sun.jersey/jersey-grizzly2/1.6/com/sun/jersey/api/container/grizzly2/GrizzlyServerFactory.java#GrizzlyServerFactory.createHttpServer%28java.net.URI%2Ccom.sun.jersey.api.container.grizzly2.ResourceConfig%29
        HttpServer result = new HttpServer();
        final NetworkListener listener = new NetworkListener("grizzly",
                settings.getHost(), settings.getPort());
        result.addListener(listener);
        // do we need SSL?
        if (secure) {
            listener.setSecure(secure);
            SSLEngineConfigurator sslEngineConfigurator = createSSLConfig(true);
            listener.setSSLEngineConfig(sslEngineConfigurator);
        }
        // Map the path to the processor.
        final ServerConfiguration config = result.getServerConfiguration();
        final HttpHandler handler = ContainerFactory.createContainer(
                HttpHandler.class, rc);
        config.addHttpHandler(handler, contextPath);
        return result;
    }
    
      /**
     * create SSL Configuration
     * 
     * @param isServer
     *          true if this is for the server
     * @return
     * @throws Exception
     */
    private SSLEngineConfigurator createSSLConfig(boolean isServer)
            throws Exception {
        final SSLContextConfigurator sslContextConfigurator = new SSLContextConfigurator();
        // override system properties
        final File cacerts = getStoreFile("server truststore",
                "truststore_server.jks");
        if (cacerts != null) {
            sslContextConfigurator.setTrustStoreFile(cacerts.getAbsolutePath());
            sslContextConfigurator.setTrustStorePass(TRUSTSTORE_PASSWORD);
        }
    
        // override system properties
        final File keystore = getStoreFile("server keystore", "keystore_server.jks");
        if (keystore != null) {
            sslContextConfigurator.setKeyStoreFile(keystore.getAbsolutePath());
            sslContextConfigurator.setKeyStorePass(TRUSTSTORE_PASSWORD);
        }
    
        //
        boolean clientMode = false;
        // force client Authentication ...
        boolean needClientAuth = settings.isNeedClientAuth();
        boolean wantClientAuth = settings.isWantClientAuth();
        SSLEngineConfigurator result = new SSLEngineConfigurator(
                sslContextConfigurator.createSSLContext(), clientMode, needClientAuth,
                wantClientAuth);
        return result;
    }
    

提交回复
热议问题