Java Web应用程序同时提供安全和不安全的资源
[英]Java web app serve both secure and insecure resource
问题描述
I am writing a Java web app (spring 3.2). 
我正在编写一个Java Web应用程序(3.2版本)。
Basically, I have several sites that need to access my web service. 基本上,我有几个站点需要访问我的Web服务。 These sites are a mixture of both secured (ssl) and insecured. 这些站点既是固定的(ssl)又是不固定的。 I have an endpoint /validate/{id} that should respond to both secured requests 我有一个端点/ validate / {id},应该响应两个受保护的请求
(https://localhost:8443/ws/validate/123 and http://localhost:8080/ws/validate/123)
How do I do this? 我该怎么做呢? I've added 我已经添加
<security-constraint>
<web-resource-collection>
<web-resource-name>ws</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
to my web.xml, but that only forces ssl ( calls to 8080 get a 302 FOUND response with a Location header pointing to 8443. 到我的web.xml,但这只会强制ssl(调用8080会得到302 FOUND响应,并且Location头指向8443。
How do I allow both secured and insecured requests on the same endpoint (with different ports)? 如何在同一端点(具有不同端口)上同时允许安全请求和不安全请求?
1 个解决方案
解决方案1
0 已采纳 2013-05-14 18:11:42
<transport-guarantee>NONE</transport-guarantee>
似乎已经解决了问题...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.