[英]How do I configure jetty to listen on multiple ports for ssl connections: one with mutualAuth, one without
I'm fairly new to jetty, but I've dug through a lot of pages trying to find the answer to this one. 我对码头还很陌生,但是我已经浏览了很多页面,试图找到答案。
I'd like to have a single jetty instance running a single webapp. 我想让一个码头实例运行一个webapp。 I need it to listen for SSL connections on two ports one that uses mutual ssl, and one that uses normal ssl (I'll be using a different auth method with that one).
我需要它来监听两个端口上的SSL连接,一个使用双向ssl,另一个使用普通的ssl(我将使用与该端口不同的auth方法)。
The closest I found to an answer was this - but it is concerned with regular old http connections - and I think it may be out of date given its age. 我发现一个答案最接近的是这个 -但它关注的是普通的旧的HTTP连接-我想这可能是出于考虑到其年龄日期。
I'm pretty sure this will involve tweaks to jetty-ssl.xml, jetty-ssl-context.xml, and jetty-https.xml . 我很确定这将涉及对jetty-ssl.xml,jetty-ssl-context.xml和jetty-https.xml的调整。 .
。 .
。 but have not been able to put the puzzle pieces together that is both plausible, and doesn't result in a stack trace (let alone doing what I want).
但无法将看起来合理的拼图拼凑在一起,并且不会导致堆栈跟踪(更不用说做我想要的事情了)。
My best guess is that I need to create a second context factory that requires mutual auth (similar to the existing sslContextFactory), and then add another call to addIfAbsentConnectionFactory to wire it in. But while I seem to have the ability to restrict a context factory to require mutual auth - and don't see how I tie the context factories to operate on the separate ports. 我最好的猜测是,我需要创建第二个需要相互身份验证的上下文工厂(类似于现有的sslContextFactory),然后向addIfAbsentConnectionFactory添加另一个调用以将其连接。但是,尽管我似乎有能力限制上下文工厂需要相互身份验证-并且看不到如何将上下文工厂绑定在单独的端口上进行操作。
I think I've figured it out - hopefully this will save someone else a lot of frustration. 我想我已经解决了-希望这可以为其他人节省很多挫败感。 Here is what I did:
这是我所做的:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.