This time we will build a web service that supports the secure protocol SSL, namely https.
Let’s review the two encryption methods first, one is symmetric encryption and the other is asymmetric encryption.
Symmetric encryption means that the secret keys for decryption and encryption are the same, and the representative is the AES algorithm. The efficiency of this transmission is higher, but the confidentiality is poor, because the custody of the secret key is very important.
Asymmetric encryption means that the encryption key and the decryption key are not equal, that is, it is divided into a public key and a private key. This can ensure security, but the transmission efficiency will be lower, representative of the RSA algorithm, so in general encryption, we use asymmetric encryption to transmit the symmetric encryption key, and then use AES to transmit the main data.
1. We first use the encryption tool that comes with the JDK to generate the secret key:
keytool -keystore keystore -alias jetty -genkey -keyalg RSA
Enter the corresponding For the secret key, you need to enter two secret keys, respectively, enter password1 and password2.
2. Export the certificate after transfer:
keytool -export -alias jetty -file jetty.crt -keystore keystore
3. Generate OBA file:
java -cp jetty-util-8.1.14.v20131031.jar org.eclipse.jetty.util.security.Password
PS: The jar package corresponds to your own version. Password fill in your own password.
After generation, put jetty.crt and keystore under webapp
Startup code
package quickstart;import org .eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org. eclipse.jetty.util.thread.QueuedThreadPool;
import org.eclipse.jetty.webapp.WebAppClassLoader;
import org.eclipse.jetty.webapp.WebAppContext;/* *
*
* Use Jetty to run and debug the web application, and press Enter in the Console to quickly reload the application.
* @author
*/
public class zuleServer {< br /> Private static final String DEFAULT_WEBAPP_PATH_WIN = "src/main/webapp";
Private static final String WINDOWS_WEBDEFAULT_PATH = "src/test/resources/jetty/webdefault-windows.xml";
Public static final int PORT = 8180;
public static final String CONTEXT = "/zule";public static void main(String[] args) throws Exception {
try {
Server server = createServerInSourc e(PORT, CONTEXT);// Start Jetty
server.start();
System.out.println("[INFO] Server running at https://localhost:" + PORT + CONTEXT) ;
System.out.println("[HINT] Hit Enter to reload the application quickly");
// Waiting for the user to enter the carriage return to reload the application.
, while (true) {< br char c = (char) System.in.read();
if (c =='
') {
br} reloadContext(server);
}
} catch (Exception e) {
e.printStackTrace();
System.exit(-1);
}
}
*
* Create Jetty Server for development, running and debugging, with src/main/webapp as the web application directory.
*/
Private static Server createServerInSource(int port, String contextPath) {< br /> Server server = new Server();
QueuedThreadPool threadPool = new QueuedThreadPool();
ThreadPool.setMaxThreads(3000);
Server.setThreadPool(t hreadPool);
// Set the hook to close Jetty when the JVM exits.
s server.setStopAtShutdown(true);sslContextFactory sslContextFactory = new SslContextFactory();
s sslContextFactory.setKeyPath(DEFAULT_WEBAPP_/>"Store WIN+"/key //key
sslContextFactory.setKeyStorePassword("123456");
// Public key
sslContextFactory.setKeyManagerPassword("123456");
sslContextFactory.setKeyStorePassword("123456");
sslContextFactory.setKeyManagerPassword("123456");
sslConnector ChannelConnectorChannelSelectorSslSelect newConnectorChannel(ConnectorChannel)Ssl ;
httpsConnector.setPort(PORT);// Set access port
httpsConnector.setReuseAddress(false);
s server.addConnector(httpsConnector);
s WebAppContext
WebAppContext new WebAppContext(DEFAULT_WEBAPP_PATH_WIN, contextPath);
• • // Modify webdefault.xml to solve the problem of Jetty Lock live static files under Windows. WebContext.setDefaultsDescriptor(WINDOWS_WEBDEFA_PATH);
Set Context server. Handler );
return server;
}/** * Restart the application quickly, and reload target/classes and target/test-classes.
*/
Private static void reloadContext(Server server) throws Exception {
WebAppContext context = ( WebAppContext) server.getHandler();System.out.println("[INFO] Application reloading");
Context.stop();WebAppClassLoader classLoader = new WebAppClassLoader(context);
classLoader.addClassPath("target/classes");
classLoader.addClassPath("target/test-classes");
Context.setClassLoader(classLoader) ;
Context.start();System.out.println("[INFO] Application reloaded");
System.out.println("[INFO] Server running at http://localhost:" + PORT + CONTEXT);
System.out.println("[HINT] Hit Enter to reload the application quickly");
}
} pre>Start access: https://localhost:818/zule Prompt for insecure certificate, trust can be accessed.