堆栈内存溢出
  简体   繁体   English

在Raspberry Pi上的Tomcat上保护Web服务

[英]Securing web service on Tomcat on Raspberry Pi

 原文  2016-02-03 16:35:55       java/ web-services/ raspberry-pi/ tomcat7/ jax-ws

问题描述

I am going to secure my web service, based on soap messages but I am thinking to go through rest, deployed on Tomcat 7 on Raspberry Pi 2 (Cpu 900 Mhz, 1Gb Ram). 我将基于肥皂消息保护我的Web服务的安全,但是我想进行一些休息,部署在Raspberry Pi 2(Cpu 900 Mhz,1Gb Ram)的Tomcat 7上。

I tried to set Https with Tomcat 7, it works but the communication with the web service is too much slow. 我尝试使用Tomcat 7设置Https,它可以工作,但是与Web服务的通信速度太慢。 Before I got an answer in around 1,4 seconds, using Https it's around 5,4 seconds. 在我获得大约1.4秒的答案之前,使用Https大约需要5.4秒。 I need a responsive answer for my service and to secure it against sniffing. 我需要为我的服务提供响应迅速的答案,并确保其不会被嗅探。

What alternative technique can you suggest to me? 您可以向我建议什么替代方法?

Thanks 谢谢

1 个解决方案

解决方案1
 0 已采纳  2016-02-04 12:46:44

You do not provide details about how you configured https with Tomcat (what would have been useful to give you a more precise answer). 您没有提供有关如何使用Tomcat配置https的详细信息(为您提供更精确的答案很有用)。 The difference in response time seems to be huge to be caused by SSL processing only, maybe something is not ok with your configuration. 响应时间的差异似乎仅由SSL处理引起,这可能与您的配置不符。

Regardless how you configure https in Tomcat, you may try another approach. 无论您如何在Tomcat中配置https,都可以尝试另一种方法。 You could let tomcat work without https and provide security using a tool like stunnel . 您可以让tomcat在不使用https的情况下工作,并使用stunnel之类的工具提供安全性。 It tunnels the TCP connection you want (it can be your "normal" http connection) through an SSL tunnel. 它通过SSL隧道建立所需的TCP连接(可以是“正常” http连接)。 In this way you can use your raw Tomcat configuration and let other program take care of securing the communication channel. 这样,您可以使用原始的Tomcat配置,并让其他程序负责保护通信通道。

You can install it with: 您可以使用以下方法安装它: 

apt-get install stunnel4

and then in the configuration file in /etc/stunnel/stunnel.conf edit: 然后在/etc/stunnel/stunnel.conf中的配置文件中编辑: 

cert = /etc/ssl/certs/your_public_cert.crt
key = /etc/ssl/private/your_private_cert.pem

[https]
accept  = 8888 
connect = 127.0.0.1:8080

With this you will be able to access your tomcat through https on port 8888. 这样,您就可以通过端口8888上的https访问您的tomcat。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Tomcat 7 和 Java 8 在树莓派上 - Tomcat 7 with Java 8 on Raspberry Pi 保护应用程序中的Web服务 - Securing the web service in app 保护有状态的Web服务 - Securing a stateful web service Raspberry Pi Tomcat开关和LED指示灯在页面上 - Raspberry Pi Tomcat Switch amd LED on page 保护平针织RESTful Web服务 - Securing a jersey RESTful web service 在Web服务器和树莓派之间进行通信 - Communicate between web server and raspberry pi 如何在树莓派上部署Java Web应用程序 - How to deploy a Java web application on raspberry pi Raspberry Pi应用程序的信息网页 - Info Web Page For Raspberry Pi Application 使用令牌(Java)保护REST Web服务 - Securing REST Web Service using token (Java) 使用摘要身份验证Java保护其余Web服务 - securing rest web service with digest authentication java
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM