spring-boot 默认的内嵌容器为 tomcat, 除了 tomcat 之前还可以设置 jetty 和 undertow.
1. 设置 https
spring-boot 默认 http 端口为 8080, 可以在配置文件中通过 server.port 来修改端口值.
- server:
- port: 8080
设置 https 访问只需通过增加配置信息:
- server:
- port: 8080
- ssl:
- key-store: classpath:https.jks
- key-store-type: JKS
- key-store-password: 123456
不过这样设置后 http 访问不了, 只能使用 https 访问了. 我们当然是希望能够兼容, 最好是 http 请求能够自动跳转到 https. 所以我们增加一个自定义的配置项 http.port(因为增加了 https 访问, 所以 server.port 端口属性被 https 使用, 故增加 http 端口)
- http:
- port: 80
- server:
- port: 443
- ssl:
- key-store: classpath:https.jks
- key-store-type: JKS
- key-store-password: 123456
这样配置后, 我们希望无论是 http://localhost 还是 https://localhost 都能正常访问项目, 而且 http://localhost 还能自动跳转到 https://localhost
2.tomcat
spring-boot 内嵌容器默认为 tomcat, 所以我们无需引用其他依赖即可使用
增加配置类
- package com.GitHub.yvanchen;
- import org.apache.catalina.Context;
- import org.apache.catalina.connector.Connector;
- import org.apache.tomcat.util.descriptor.web.SecurityCollection;
- import org.apache.tomcat.util.descriptor.Web.SecurityConstraint;
- import org.springframework.boot.Web.embedded.tomcat.TomcatServletWebServerFactory;
- import org.springframework.boot.Web.servlet.server.ServletWebServerFactory;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import javax.servlet.Servlet;
- /**
- * @author evan.chen
- * @date 2019/11/25 10:29
- */
- @Configuration
- public class TomcatHttpsConfig {
- @Value("${server.port}")
- protected int httpsPort;
- @Value("${http.port}")
- protected int httpPort;
- @Bean
- public ServletWebServerFactory servletWebServerFactory() {
- TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
- @Override
- protected void postProcessContext(Context context) {
- // 开启 HTTP 自动跳转至 HTTPS
- SecurityConstraint securityConstraint = new SecurityConstraint();
- securityConstraint.setUserConstraint("CONFIDENTIAL");
- SecurityCollection collection = new SecurityCollection();
- collection.addPattern("/*");
- securityConstraint.addCollection(collection);
- context.addConstraint(securityConstraint);
- }
- };
- Connector connector = new Connector();
- connector.setPort(httpPort);
- connector.setRedirectPort(httpsPort);
- tomcat.addAdditionalTomcatConnectors(connector);
- return tomcat;
- }
- }
- 3.jetty
需要排除默认 tomcat, 增加 jetty
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-Web</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-tomcat</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-jetty</artifactId>
- </dependency>
增加配置类
- package com.GitHub.yvanchen;
- import org.eclipse.jetty.security.ConstraintMapping;
- import org.eclipse.jetty.security.ConstraintSecurityHandler;
- import org.eclipse.jetty.server.HttpConfiguration;
- import org.eclipse.jetty.server.HttpConnectionFactory;
- import org.eclipse.jetty.server.Server;
- import org.eclipse.jetty.server.ServerConnector;
- import org.eclipse.jetty.util.security.Constraint;
- import org.eclipse.jetty.webapp.AbstractConfiguration;
- import org.eclipse.jetty.webapp.WebAppContext;
- import org.springframework.boot.Web.embedded.jetty.JettyServletWebServerFactory;
- import org.springframework.boot.Web.servlet.server.ServletWebServerFactory;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- /**
- * @author evan.chen
- * @date 2019/11/25 10:29
- */
- @Configuration
- public class JettyHttpsConfig {
- @Value("${server.port}")
- protected int httpsPort;
- @Value("${http.port}")
- protected int httpPort;
- @Bean
- public ServletWebServerFactory servletWebServerFactory() {
- JettyServletWebServerFactory jetty = new JettyServletWebServerFactory();
- jetty.addConfigurations(new AbstractConfiguration() {
- @Override
- public void configure(WebAppContext context) {
- Constraint constraint = new Constraint();
- constraint.setDataConstraint(2);
- ConstraintMapping constraintMapping = new ConstraintMapping();
- constraintMapping.setPathSpec("/*");
- constraintMapping.setConstraint(constraint);
- ConstraintSecurityHandler constraintSecurityHandler = new ConstraintSecurityHandler();
- constraintSecurityHandler.addConstraintMapping(constraintMapping);
- context.setSecurityHandler(constraintSecurityHandler);
- }
- });
- jetty.addServerCustomizers((Server server) -> {
- HttpConfiguration http = new HttpConfiguration();
- http.setSecurePort(httpsPort);
- ServerConnector connector = new ServerConnector(server);
- connector.addConnectionFactory(new HttpConnectionFactory(http));
- connector.setPort(httpPort);
- server.addConnector(connector);
- });
- return jetty;
- }
- }
- 3.undertow
需要排除默认 tomcat, 增加 undertow
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-Web</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-tomcat</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-undertow</artifactId>
- </dependency>
增加配置类
- package com.GitHub.yvanchen;
- import io.undertow.Undertow;
- import io.undertow.servlet.API.SecurityConstraint;
- import io.undertow.servlet.API.SecurityInfo;
- import io.undertow.servlet.API.TransportGuaranteeType;
- import io.undertow.servlet.API.WebResourceCollection;
- import org.springframework.boot.Web.embedded.undertow.UndertowServletWebServerFactory;
- import org.springframework.boot.Web.servlet.server.ServletWebServerFactory;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- /**
- * @author evan.chen
- * @date 2019/11/25 10:29
- */
- @Configuration
- public class UndertowHttpsConfig {
- @Value("${server.port}")
- protected int httpsPort;
- @Value("${http.port}")
- protected int httpPort;
- @Bean
- public ServletWebServerFactory servletWebServerFactory() {
- UndertowServletWebServerFactory undertow = new UndertowServletWebServerFactory();
- undertow.addBuilderCustomizers((Undertow.Builder builder) -> {
- builder.addHttpListener(httpPort, "0.0.0.0");
- });
- undertow.addDeploymentInfoCustomizers(deploymentInfo -> {
- // 开启 HTTP 自动跳转至 HTTPS
- deploymentInfo.addSecurityConstraint(new SecurityConstraint()
- .addWebResourceCollection(new WebResourceCollection().addUrlPattern("/*"))
- .setTransportGuaranteeType(TransportGuaranteeType.CONFIDENTIAL)
- .setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.PERMIT))
- .setConfidentialPortManager(exchange -> httpsPort);
- });
- return undertow;
- }
- }
总结
以上就是对三大内嵌容器设置 https 的过程
来源: http://www.bubuko.com/infodetail-3381767.html