[英]GAE HTTPS on local DevAppServer in Eclipse using appengine-maven-plugin
我是一個Java / Web新手,我希望有人可以幫助我。
我正在使用Spring in Eclipse(Juno Windows 7)構建一個GAE應用程序。 該項目是使用Eclipse的Maven插件(使用Maven 3.1.0)和Maven的appengine-maven-plugin(使用GAE SDK 1.8.3)生成的。
我的大多數消息必須通過HTTPS發送,我在Spring配置中強制執行此操作。 但是,我對如何配置本地DevAppServer以支持HTTPS感到茫然。
我從創建證書開始
keytool -keystore myKeystore -genkey -keyalg RSA
我希望提供給服務器。 但是,GAE似乎在自己的Jetty版本中運行,我不清楚是否可以修改它。
我試圖通過命令行參數來推送它
<plugin>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-maven-plugin</artifactId>
<version>${appengine.target.version}</version>
<configuration>
<useJava7>true</useJava7>
<address>127.0.0.1</address>
<port>8080</port>
<compileEncoding>utf-8</compileEncoding>
<jvmFlags>
<jvmFlag>-Xdebug</jvmFlag>
<jvmFlag>-Xrunjdwp:transport=dt_socket,address=1044,server=y,suspend=y</jvmFlag>
<jvmFlag>-Djavax.net.ssl.keyStore=C:\STEVEN-DEV\projects\apps\testserver\src\main\webapp\WEB-INF\myKeystore</jvmFlag>
<jvmFlag>-Djavax.net.ssl.keyStorePassword=testpass</jvmFlag>
</jvmFlags>
</configuration>
</plugin>
我知道正在加載密鑰庫,因為如果路徑錯誤,我會看到異常。 但是,我不確定它被裝入什么,如果這甚至是我想要做的。
當我從Eclipse調試應用程序時,應用程序打包后會出現在我的日志中:
Running C:\Program Files\Java\jdk1.7.0_10\jre\bin\java -javaagent:C:\Users\Steven\.m2\repository\com\google\appengine\appengine-java-sdk\1.8.3\appengine-java-sdk\appengine-java-sdk-1.8.3\lib\agent\appengine-agent.jar -Xbootclasspath/p:C:\Users\Steven\.m2\repository\com\google\appengine\appengine-java-sdk\1.8.3\appengine-java-sdk\appengine-java-sdk-1.8.3\lib\override\appengine-dev-jdk-overrides.jar -Dappengine.fullscan.seconds=5 -classpath C:\Users\Steven\.m2\repository\com\google\appengine\appengine-java-sdk\1.8.3\appengine-java-sdk\appengine-java-sdk-1.8.3\lib\appengine-tools-api.jar -Xdebug -Xrunjdwp:transport=dt_socket,address=1044,server=y,suspend=y -Djavax.net.ssl.keyStore=C:\STEVEN-DEV\projects\apps\testserver\src\main\webapp\WEB-INF\myKeystore -Djavax.net.ssl.keyStorePassword=testpass com.google.appengine.tools.development.DevAppServerMain --allow_remote_shutdown -a 127.0.0.1 -p 8080 C:\STEVEN-DEV\projects\apps\testserver\target/testserver-0.0.1-SNAPSHOT
如果我打開chrome並嘗試訪問
https://localhost:8080/test/retval
我看到“SSL連接錯誤”和“錯誤代碼:ERR_SSL_PROTOCOL_ERROR”
如果我嘗試瀏覽
http://localhost:8080/test/retval
我會轉發給
https://localhost:8443/test/retval
並被告知“此網頁不可用”。
更新2:再看一下我找到的文檔
開發Web服務器不支持HTTPS連接。 它忽略了傳輸保證,因此可以使用與開發Web服務器的常規HTTP連接來測試旨在與HTTPS一起使用的路徑。
所以我的問題似乎是我的Spring配置強制HTTPS。 我可以把它拿出來並允許任何連接類型。 但是,我並不熱衷於這樣做,並且更喜歡配置/破解開發服務器以支持SSL。
(回到舊問題:我一直在嘗試)
我不知道我的錯誤在哪里:GAE,Maven或Spring。
以下是我的完整pom.xml
我一直在閱讀文檔和在網上搜索幾個小時。 任何幫助將非常感激。
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<groupId>com.steven</groupId>
<artifactId>testserver</artifactId>
<properties>
<java.version>1.7</java.version>
<maven.enforcer.plugin-version>1.3.1</maven.enforcer.plugin-version>
<maven.version.range>[2.2.1,3.1.0]</maven.version.range>
<appengine.app.version>1</appengine.app.version>
<appengine.target.version>1.8.3</appengine.target.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<org.springframework-version>3.2.3.RELEASE</org.springframework-version>
<org.springframework.security-version>3.1.4.RELEASE</org.springframework.security-version>
<org.slf4j-version>1.7.5</org.slf4j-version>
<ch.qos.logback-version>1.0.13</ch.qos.logback-version>
<org.codehaus.jackson-version>1.9.12</org.codehaus.jackson-version>
</properties>
<dependencies>
<!-- Compile/runtime dependencies -->
<dependency>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-api-1.0-sdk</artifactId>
<version>${appengine.target.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>jstl</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<!-- Test Dependencies -->
<dependency>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-testing</artifactId>
<version>${appengine.target.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-api-stubs</artifactId>
<version>${appengine.target.version}</version>
<scope>test</scope>
</dependency>
<!-- Spring Core -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${org.springframework-version}</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<!-- Spring Security -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${org.springframework.security-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${org.springframework.security-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${org.springframework.security-version}</version>
</dependency>
<!-- JSON -->
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-mapper-asl</artifactId>
<version>${org.codehaus.jackson-version}</version>
</dependency>
<!-- Logging -->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<version>${org.slf4j-version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${org.slf4j-version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>${ch.qos.logback-version}</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>${ch.qos.logback-version}</version>
</dependency>
</dependencies>
<repositories>
<repository>
<id>springsource-repo</id>
<name>SpringSource Repository</name>
<url>http://repo.springsource.org/release</url>
</repository>
</repositories>
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.eclipse.m2e</groupId>
<artifactId>lifecycle-mapping</artifactId>
<version>1.0.0</version>
<configuration>
<lifecycleMappingMetadata>
<pluginExecutions>
<pluginExecution>
<pluginExecutionFilter>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<versionRange>[1.0.0,)</versionRange>
<goals>
<goal>enforce</goal>
</goals>
</pluginExecutionFilter>
<action>
<ignore />
</action>
</pluginExecution>
</pluginExecutions>
</lifecycleMappingMetadata>
</configuration>
</plugin>
</plugins>
</pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<version>2.5.1</version>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.7</source>
<target>1.7</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.3</version>
<configuration>
<archiveClasses>true</archiveClasses>
<webResources>
<!-- in order to interpolate version from pom into appengine-web.xml -->
<resource>
<directory>${basedir}/src/main/webapp/WEB-INF</directory>
<filtering>true</filtering>
<targetPath>WEB-INF</targetPath>
</resource>
</webResources>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>${maven.enforcer.plugin-version}</version>
<executions>
<execution>
<id>enforce-banned-dependencies</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<bannedDependencies>
<searchTransitive>true</searchTransitive>
<excludes>
<exclude>javassist:javassist</exclude>
<exclude>commons-logging</exclude>
<exclude>aspectj:aspectj*</exclude>
<exclude>hsqldb:hsqldb</exclude>
<exclude>log4j:log4j</exclude>
<exclude>org.slf4j:[1.5, 1.6.5]</exclude>
<exclude>org.springframework:2.*</exclude>
<exclude>org.springframework:3.0.*</exclude>
</excludes>
</bannedDependencies>
<requireMavenVersion>
<version>${maven.version.range}</version>
</requireMavenVersion>
<requireJavaVersion>
<version>${java.version}</version>
</requireJavaVersion>
</rules>
<fail>true</fail>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-maven-plugin</artifactId>
<version>${appengine.target.version}</version>
<configuration>
<useJava7>true</useJava7>
<address>127.0.0.1</address>
<port>8080</port>
<compileEncoding>utf-8</compileEncoding>
<jvmFlags>
<jvmFlag>-Xdebug</jvmFlag>
<jvmFlag>-Xrunjdwp:transport=dt_socket,address=1044,server=y,suspend=y</jvmFlag>
<jvmFlag>-Djavax.net.ssl.keyStore=C:\STEVEN-DEV\projects\apps\testserver\src\main\webapp\WEB-INF\myKeystore</jvmFlag>
<jvmFlag>-Djavax.net.ssl.keyStorePassword=testpass</jvmFlag>
</jvmFlags>
</configuration>
</plugin>
</plugins>
</build>
</project>
更新:我在web.xml中嘗試了這個有和沒有安全限制的情況
我不禁想到我需要找到一種方法來配置應用引擎插件使用的Jetty來使用SSL
<?xml version="1.0" encoding="utf-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>Test Server</display-name>
<!-- Spring MVC -->
<servlet>
<servlet-name>mvc-dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvc-dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/mvc-dispatcher-servlet.xml, /WEB-INF/spring-security.xml</param-value>
</context-param>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>test</web-resource-name>
<url-pattern>/test/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
如文檔中所述 ,只需在src / main / webapp / WEB-INF / web.xml文件中添加security-contraint ,以強制僅在應用程序的某些URL上使用SSL(例如/ rest / *):
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
...
<security-constraint>
<web-resource-collection>
<url-pattern>/rest/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
...
</web-app>
您應該能夠在本地使用HTTP和HTTPS。 我不確定是否在localhost上強制實施僅SSL約束。 將應用程序部署到GAE后, 將根據您的web.xml設置對其進行相應的強制執行。
我在上面的回答中將其作為評論發布,但我也應該把它放在這里:
根據文件
https://developers.google.com/appengine/docs/java/config/webxml#Secure_URLs
“開發Web服務器不支持HTTPS連接。它忽略了傳輸保證,因此可以使用與開發Web服務器的常規HTTP連接來測試用於HTTPS的路徑。”
Maven GAE無法執行目標com.google.appengine:appengine-maven-plugin:1.9.12:devserver [...] NoSuchElementException
[英]Maven GAE Failed to execute goal com.google.appengine:appengine-maven-plugin:1.9.12:devserver […] NoSuchElementException
干凈安裝插件上的GAE / Maven錯誤“com.google.appengine:appengine-maven-plugin:1.9.18或其某個依賴項無法解析”
[英]GAE/Maven error on clean install Plugin “com.google.appengine:appengine-maven-plugin:1.9.18 or one of its dependencies could not be resolved”
在插件com.google.appengine:appengine-maven-plugin中找不到目標“運行”
[英]Could not find goal 'run' in plugin com.google.appengine:appengine-maven-plugin
如何告訴“ appengine-maven-plugin”不要將oauth2用於部署到appengine?
[英]How to tell 'appengine-maven-plugin' not to use oauth2 for deploys to appengine?
執行com.google.appengine時,缺少必需的類:appengine-maven-plugin:1.9.4
[英]A required class was missing while executing com.google.appengine:appengine-maven-plugin:1.9.4
com.google.appengine:appengine-maven-plugin:1.9.18:更新失敗。 NoSuchElementException->
[英]com.google.appengine:appengine-maven-plugin:1.9.18:update failed. NoSuchElementException ->
錯誤:appengine-maven-plugin:1.3.2:運行失敗:非零退出:1
[英]ERROR : appengine-maven-plugin:1.3.2:run failed: Non zero exit: 1
在帶有appengine-maven-plugin的appengine上的多模塊maven java項目中部署期間跳過某些模塊
[英]skip certain modules during deploy in multi-module maven java project on appengine w/ appengine-maven-plugin
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.