Mutual authentication with Spark Java

落爺英雄遲暮 提交于 2020-01-06 21:24:50

问题


I am trying to achieve a mutually authenticated REST API server using spark-java and from the documentation I see:

secure(keystoreFilePath, keystorePassword, truststoreFilePath, truststorePassword);

... which looks like exactly what I need. However I am only able to do one way authentication of the server, the client certificate never seems to be verified against the truststore. I'm using version 2.1, any advise or pointers would be greatly appreciated.


回答1:


It seems that Spark in version 2.6.0 has added what you need. Now, there is a second version of secure:

 /**
     (...)
     * @param needsClientCert    Whether to require client certificate to be supplied in
     *                           request
     (...)
     */
public synchronized Service secure(String keystoreFile,
                                       String keystorePassword,
                                       String truststoreFile,
                                       String truststorePassword,
                                       boolean needsClientCert)

It sets setNeedClientAuth(true) and setWantClientAuth(true) on the underlying Jetty webserver SslContextFactory object.



来源:https://stackoverflow.com/questions/41665721/mutual-authentication-with-spark-java

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!