1
我试图在Tomcat上保护Jersey服务,并且在浏览器中访问它时遇到问题。我已经尝试了几个教程,但没有人有正确的解决方案,所以如果您还没有使用REST,请告诉我问题在哪里。下面是我使用的配置文件:保护REST泽西岛
的web.xml
<security-constraint>
<display-name>Security for Your Enterprise</display-name>
<web-resource-collection>
<web-resource-name>Your Enterprise web Security</web-resource-name>
<description>Redirect all to SSL</description>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description />
<role-name>role1</role-name>
</auth-constraint>
<user-data-constraint>
<description>Protection should be CONFIDENTIAL</description>
<transport-guarantee>INTEGRAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>role1</role-name>
</security-role>
的tomcat sever.xml
<Connector
clientAuth="false"
minSpareThreads="5" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
port="8443"
scheme="https"
secure="true"
SSLEnabled="true"
keystoreFile="serverkey.keystore"
keystorePass="pwd"
protocol="HTTP/1.1"
sslProtocol="TLS"
/>
Tomcat的用户:
<tomcat-users>
<role rolename="role1"/>
<user
username="CN=10.0.25.21,OU=, O=, L=, ST=, C="
password="pwd" roles="role1"
/>
我不明白你的问题。你在问什么? – 2011-04-06 21:53:28
我试图使用SSL来保护REST Jersey但il不起作用,我对文件配置进行了所有更改,因此如果您知道这些步骤请帮助我,我发布了我的文件configurartion – Steben 2011-04-06 21:58:28
因此,您希望使用ssl保护您的宁静网站?正如有请求您的网站通过https? (只是试图确保我理解你,然后我给出答案:)) – 2011-04-06 22:02:47