`
seafront12
  • 浏览: 4711 次
  • 性别: Icon_minigender_1
  • 来自: 珠海
文章分类
社区版块
存档分类
最新评论

jetty with resteasy http/https

 
阅读更多
import com.google.inject.Inject;
import com.google.inject.Injector;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.ConstraintSecurityHandler;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.security.SecurityHandler;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
import org.eclipse.jetty.security.authentication.DigestAuthenticator;
import org.eclipse.jetty.server.*;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.server.handler.RequestLogHandler;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.security.Credential;
import org.eclipse.jetty.util.security.Password;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher;

import javax.management.*;
import java.io.IOException;
import java.io.InputStream;
import java.lang.management.ManagementFactory;
import java.net.URISyntaxException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.stream.Stream;

import static java.lang.System.getProperty;

public class OmsDBRestful implements OmsDBRestfulMBean {
    private static final String KEY_MANAGER_PASSWORD = "OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v";
    //    private static final String KEY_MANAGER_PASSWORD = "password";
    private static final String KEY_STORE_PASSWORD = "OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v";
    private static final String KEY_STORE_PATH = "/oms-db-restful-auth-keystore.prd";
    public static final String JKS = "JKS";
    //    private static final String KEY_STORE_PASSWORD = "password";
    private final int port;
    private final int sslPort;
    private final ApplicationEvent eventLogger;
    private Server server;
    private final boolean authEnabled;
    private Status status;

    public static void main(String[] args) throws Exception {
        Injector injector = GuiceContext.instance().injector();
        OmsDBRestful process = injector.getInstance(OmsDBRestful.class);
        registerMBean(process);
        process.start().join();
    }


    @Inject
    public OmsDBRestful(OmsDBRestfulConfig config, ApplicationEvent eventLogger) {
        this.eventLogger = eventLogger;
        this.port = config.restfulPort();
        this.sslPort = config.restfulSslPort();
        this.authEnabled = config.isAuthEnabled();
        this.status = Status.STARTING;
    }

    public OmsDBRestful start() throws Exception {
        server = new Server();
        HandlerCollection handlers = new HandlerCollection();
        if (authEnabled) {
            handlers.setHandlers(new Handler[]{servletContextHandlerWithAuth(), servletContextHandler()});
            server.addConnector(httpsConnector());
        } else {
            handlers.setHandlers(new Handler[]{servletContextHandler()});
        }

        server.setHandler(handlers);
        server.addConnector(httpConnector());

        server.start();
        eventLogger.processStarted();
        this.status = Status.UP;
        return this;
    }

    private Connector httpConnector() {
        ServerConnector http = new ServerConnector(server,
                new HttpConnectionFactory());
        http.setPort(port);
        http.setIdleTimeout(30000);
        return http;
    }

    private ServerConnector httpsConnector() throws URISyntaxException, CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException {
        HttpConfiguration httpsConfig = new HttpConfiguration();
        httpsConfig.setSecureScheme("https");
        httpsConfig.setSecurePort(sslPort);
        httpsConfig.setOutputBufferSize(32768);
        httpsConfig.addCustomizer(new SecureRequestCustomizer());

        ServerConnector https = new ServerConnector(server,
                new SslConnectionFactory(sslContextFactory(), HttpVersion.HTTP_1_1.asString()),
                new HttpConnectionFactory(httpsConfig));
        https.setPort(sslPort);
        https.setIdleTimeout(500000);
        return https;
    }

    private SslContextFactory sslContextFactory() throws URISyntaxException, KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(JKS);

        Password realPassword = Password.getPassword("org.eclipse.jetty.ssl.password", KEY_STORE_PASSWORD, null);
        InputStream keyStoreStream = getClass().getResourceAsStream(KEY_STORE_PATH);
        if (keyStoreStream == null) {
            throw new IllegalArgumentException("Can't find keystore: " + KEY_STORE_PATH);
        }
        keyStore.load(keyStoreStream, realPassword.toString().toCharArray());

        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setKeyStore(keyStore);
        sslContextFactory.setKeyManagerPassword(KEY_MANAGER_PASSWORD);
        return sslContextFactory;
    }

    private RequestLogHandler createRequestLogHandler(String logFilePrefix) {
        AsyncNCSARequestLog requestLog = new AsyncNCSARequestLog();
        requestLog.setFilename(getProperty("app.logpath", "local") + "/" + logFilePrefix + "access-yyyy_MM_dd.log");
        requestLog.setLogDateFormat("yyyy-MM-dd HH:mm:ss,sss");
        requestLog.setAppend(true);
%A        requestLog.setExtended(false);
        requestLog.setLogTimeZone("UTC");
        requestLog.setRetainDays(10);
        RequestLogHandler requestLogHandler = new RequestLogHandler();
        requestLogHandler.setRequestLog(requestLog);
        return requestLogHandler;
    }

    private ServletContextHandler servletContextHandler() {
        final ServletHolder restEasyServletHolder = new ServletHolder(new HttpServletDispatcher());
        restEasyServletHolder.setInitOrder(1);
        restEasyServletHolder.setInitParameter("javax.ws.rs.Application", OmsDBRestApplication.class.getCanonicalName());

        final ServletContextHandler contextHandler = new ServletContextHandler(ServletContextHandler.SESSIONS);
        contextHandler.setContextPath("/oms-db");
        contextHandler.addServlet(restEasyServletHolder, "/*");
        contextHandler.setHandler(createRequestLogHandler(""));
        return contextHandler;
    }

    private ServletContextHandler servletContextHandlerWithAuth() {
        final ServletHolder restEasyServletHolder = new ServletHolder(new HttpServletDispatcher());
        restEasyServletHolder.setInitOrder(2);
        restEasyServletHolder.setInitParameter("javax.ws.rs.Application", OmsDBRestApplication.class.getCanonicalName());

        final ServletContextHandler contextHandler = new ServletContextHandler(ServletContextHandler.SESSIONS);
        contextHandler.setContextPath("/v1/oms-db");
        contextHandler.addServlet(restEasyServletHolder, "/*");
        contextHandler.setHandler(createRequestLogHandler("secured-"));

        contextHandler.setSecurityHandler(
                basicAuth(
                        new UserCredential("support", "support", "OMS Database Restful site"),
                        new UserCredential("COG", "ClientOrderGateway", "OMS Database Restful site")
                )
        );

        return contextHandler;
    }

    public void join() throws InterruptedException {
        server.join();
    }

    public void stop() throws Exception {
        server.stop();
        status = Status.SHUTDOWN;
    }

    private static SecurityHandler basicAuth(UserCredential... userCredentials) {

        HashLoginService l = new HashLoginService();
        Stream.of(userCredentials).forEach(userCredential -> {
            l.putUser(userCredential.userName, Credential.getCredential(userCredential.password), new String[]{"user"});
            l.setName(userCredential.realm);
        });

        Constraint constraint = new Constraint();
        constraint.setName(Constraint.__BASIC_AUTH);
        constraint.setRoles(new String[]{"user"});
        constraint.setAuthenticate(true);

        ConstraintMapping cm = new ConstraintMapping();
        cm.setConstraint(constraint);
        cm.setPathSpec("/*");

        ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
        csh.setAuthenticator(new BasicAuthenticator());
        csh.setRealmName("myrealm");
        csh.addConstraintMapping(cm);
        csh.setLoginService(l);

        return csh;
    }

    private static SecurityHandler digestAuth(UserCredential... userCredentials) {
        HashLoginService l = new HashLoginService();
        Stream.of(userCredentials).forEach(userCredential -> {
            l.putUser(userCredential.userName, Credential.getCredential(userCredential.password), new String[]{"user"});
            l.setName(userCredential.realm);
        });

        Constraint constraint = new Constraint();
        constraint.setName(Constraint.__DIGEST_AUTH);
        constraint.setRoles(new String[]{"user"});
        constraint.setAuthenticate(true);

        ConstraintMapping cm = new ConstraintMapping();
        cm.setConstraint(constraint);
        cm.setPathSpec("/*");

        ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
        csh.setAuthenticator(new DigestAuthenticator());
        csh.setRealmName("myrealm");
        csh.addConstraintMapping(cm);
        csh.setLoginService(l);

        return csh;
    }

    @Override
    public boolean isUp() {
        return getStatus().equals(Status.UP.name());
    }

    @Override
    public String getStatus() {
        return Status.UP.name();
    }

    private static class UserCredential {
        private String userName;
        private String password;
        private String realm;

        public UserCredential(String userName, String password, String realm) {
            this.userName = userName;
            this.password = password;
            this.realm = realm;
        }

        public String userName() {
            return userName;
        }

        public String password() {
            return password;
        }

        public String realm() {
            return realm;
        }
    }

    private static void registerMBean(OmsDBRestful process) throws MalformedObjectNameException, InstanceAlreadyExistsException, MBeanRegistrationException, NotCompliantMBeanException {
        MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
        ObjectName name = new ObjectName("com.hsbc.efx.orders:type=OmsDBRestful");
        mbs.registerMBean(process, name);
    }
}
分享到:
评论
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

    Jetty整合RestEasy开发RESTful web service的例程

    可以从官方网站获取最新版本:Jetty官网(http://www.eclipse.org/jetty/)和RestEasy官网(https://resteasy.jboss.org/)。 1. **配置Jetty** - 解压缩Jetty服务器的下载包,通常包含一个`start.jar`文件,它是...

    jetty-http-9.4.43.v20210629-API文档-中英对照版.zip

    赠送jar包:jetty-http-9.4.43.v20210629.jar; 赠送原API文档:jetty-http-9.4.43.v20210629-javadoc.jar; 赠送源代码:jetty-http-9.4.43.v20210629-sources.jar; 赠送Maven依赖信息文件:jetty-...

    Jetty9 配置使用HTTPS证书

    配置Jetty9服务器使用HTTPS证书的过程涉及多个步骤,包括申请证书、转换证书格式、以及配置Jetty服务器本身。以下详细描述这些步骤。 首先,申请证书部分通常需要借助第三方服务商,如阿里云、腾讯云等,这些服务商...

    Jetty配置支持https

    ### Jetty配置支持HTTPS及受信网站证书生成详解 #### 一、概述 在现代Web应用开发中,HTTPS协议已经成为标配。它不仅提供了安全的数据传输通道,还增强了用户对网站的信任度。对于使用Jetty服务器的项目来说,配置...

    ahcj8-jetty-resteasy:异步 HTTP 客户端调用 kvish

    标题 "ahcj8-jetty-resteasy:异步 HTTP 客户端调用 kvish" 提到了一个关于使用 Jetty 和 RestEasy 进行异步 HTTP 客户端调用的项目。这个项目很可能是为了演示如何在 Java 环境中高效地处理网络请求,特别是利用 ...

    jetty+maven webapp,http,https实现的简单demo

    **Jetty + Maven Webapp 实现HTTP与HTTPS的简要介绍** 在Web应用程序开发中,Jetty是一个轻量级、高性能的嵌入式Java HTTP服务器和Servlet容器。它被广泛用于快速开发、测试和部署Java Web应用。Maven则是一个项目...

    Jetty嵌入项目代码中示例

    把${jetty_home}/lib/jsp-2.1目录复制到${project_home}/jetty/lib目录下(如果不复制jsp-2.1或jsp-2.0也可以正常启动,只是不能解析jsp,打开主页时提示 JSP not support)。 同样把jetty-6.1.14.jar、jetty-util-...

    jetty-distribution-9.4.47.v20220610

    jetty9.4.47用于部署或替换jar升级jetty解决安全漏洞 下载镜像地址https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.47.v20220610/

    jetty-distribution-9.3.18.v20170406

    从官方网站同步的jetty9,http://central.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.3.18.v20170406/jetty-distribution-9.3.18.v20170406.zip

    jetty-9.4.2

    Jetty是一款轻量级、高性能且开源的Java Web服务器和HTTP服务器库,广泛应用于各种规模的Web应用程序。标题"jetty-9.4.2"指的是Jetty的第9.4.2版本,这是一个重要的软件发布,通常包含了新功能、性能优化以及对之前...

    jetty-io-9.4.43.v20210629.jar

    Jetty 是一个开源的servlet容器,它为基于Java的web内容,例如JSP和servlet提供运行环境。Jetty是使用Java语言编写的,它的API以一组JAR包的形式发布。开发人员可以将Jetty容器实例化成一个对象,可以迅速为一些独立...

    resteasy helloworld demo

    完成上述步骤后,你可以通过运行应用服务器或使用 Maven 的 `jetty:run` 或 `tomcat7:run` 插件启动应用。一旦应用运行起来,你可以通过访问 `http://localhost:8080/hello` 来测试你的 REST 服务,如果一切正常,你...

    Spring整合RestEasy示例工程源码

    - **Jetty服务器**:作为轻量级的HTTP服务器,Jetty可以快速部署和测试REST服务。 **6. 示例源码解析** 在`resteasy-spring-test`中,`MyService`接口定义了REST方法,`MyServiceImpl`实现了这些方法,并可能使用...

    jetty-distribution-9.4.12.v20180830

    Jetty是一款轻量级、高性能的开源HTTP服务器和Servlet容器,与Tomcat类似,它用于部署和运行Java Web应用程序。Jetty由Eclipse基金会维护,是Java社区中的一个重要组件,尤其在嵌入式系统和微服务领域中备受青睐。...

    jetty启动器资源配置文件

    DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> ``` 其中,“`-//Jetty//Configure//EN`”表示DTD的系统标识符,而“`...

    jetty.rar(clipse/myeclipse/STS等开发工具的jetty插件-通用版本)

    Jetty是一款轻量级、高性能的Java Web服务器和Servlet容器,广泛用于开发、测试和部署Web应用程序。在Eclipse、MyEclipse或Spring Tool Suite (STS) 等开发环境中,Jetty插件是一个非常实用的工具,它允许开发者快速...

    Java向苹果服务器推送消息(Java实现HTTP/2协议发送APNS)

    3. **建立HTTP/2连接**:使用Jetty或OkHttp等库创建一个HTTP/2客户端,配置SSLContext,连接到APNs服务器(生产环境为`api.push.apple.com`,开发环境为`api.development.push.apple.com`,端口均为443)。...

    jetty的安装与使用

    例如,你可以访问`https://www.eclipse.org/jetty/download.html`获取。下载完成后,解压缩到你选择的目录,例如`/opt/jetty`。 **2. 配置环境变量** 为了方便操作,可以配置系统环境变量。在Linux或Unix系统中,...

    jetty2016/10最新jar

    它支持HTTP、HTTPS、WebSocket等协议,并且能够处理HTTP/1.1和即将推出的HTTP/2。 2. **Servlet容器**:Jetty作为Servlet容器,可以运行符合Servlet规范的Java Web应用程序。它提供了一个沙盒环境,使得Web应用程序...

Magicbox
Global site tag (gtag.js) - Google Analytics