tomcat 結合spring security 配置SSL認證
小結一下tomcat搭配spring security作ssl,其實單tomcat就能夠搞你的應用
ssl認證了,這裏只不過順道使用了spring secruity(若是你的應用是用了
spring security的話)。
1 首先是製做證書了,步驟比較傳統,簡單帶過,不懂的請去google
keytool -genkey -alias MyKeyAlias -keyalg RSA -keystore /home/test.keystore
而後回答一大堆問題,最後生成自簽證書
2 tomcat的conf目錄中的sevrer.xml中,配置以下:
<Connector SSLEnabled='true' keystoreFile='/home/test.keystore' keystorePass='password' port='8443' scheme='https' secure='true' sslProtocol='TLS'/>
3 若是不使用spring security的話,須要這樣在web.xml中配置
<security-constraint>
<web-resource-collection>
<web-resource-name>my-secure-app</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
若是使用spring security,則這樣: java
<filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
<context-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/spring/root-context.xml /WEB-INF/spring/appServlet/application-security.xml </param-value> </context-param>
而後application-security.xml中:web
<?xml version='1.0' encoding='UTF-8'?> <beans:beans xmlns='http://www.springframework.org/schema/security' xmlns:beans='http://www.springframework.org/schema/beans' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:schemaLocation='http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd'> <http auto-config='true' > <intercept-url pattern='/**' requires-channel='https' /> </http> <authentication-manager> </authentication-manager> </beans:beans>
這裏用intercept-url,能夠很方便配置,哪些鏈接要用https,哪些不用了spring
- 1. tomcat 結合spring security 配置SSL認證
- 2. Tomcat 6中配置SSL雙向認證
- 3. TOMCAT-SSL雙向認證-配置實例
- 4. websocket配合spring-security使用token認證
- 5. Tomcat配置 https SSL證書
- 6. Spring Security - 配置免認證訪問 Swagger
- 7. Spring Boot配置ssl證書
- 8. spring-boot配置ssl證書
- 9. Spring boot 配置 SSL證書
- 10. Tomcat配置SSL證書(PFX證書)
- 更多相關文章...
- • Eclipse Debug 配置 - Eclipse 教程
- • Spring Bean的配置及常用屬性 - Spring教程
- • IDEA下SpringBoot工程配置文件沒有提示
- • IntelliJ IDEA 代碼格式化配置和快捷鍵
-
每一个你不满意的现在,都有一个你没有努力的曾经。