1. Tomcat configuration
These configurations are shown below. Refer to Appenddix A.Common application properties section for complete configurations.
II. HTTPS Configuration
Because of the security of HTTPS, HTTPS is often used in the development. For the individual developer, an HTTPS certificate is still very expensive. Some domestic cloud server manufacturers provide free HTTPS certificates, and one account can apply for several. However, a Java digital certificate management tool keytool is provided in JDK. Under the jdk/bin directory, a digital certificate can be generated by this tool:
D:\Program Files\Java\jdk1.8.0_201\bin>keytool.exe -genkey -alias tomcathttps -keyalg RSA -keysize 2048 -keystore sang.p
12 -validity 365
Order Interpretation:
- genkey indicates that a new secret key is to be created
- alias represents an alias for keystore
- keyalg denotes RSA, an asymmetric encryption algorithm
- keysize represents the length of the secret key
- keystore represents the location where the secret key is stored
- Validity denotes the validity period of the secret key in days:
Put the key file in the project root directory, and then configure it. They are the name of the key, the alias and the password when generating the secret key, as follows:
Visit http://localhost:8080/hello:
Because the certificate is self-generated and not recognized by the browser, it is considered to be an insecure connection. Just go ahead at this time!
So what should we do when traditional HTTP protocol can't be accessed? Because SpringBook does not support launching HTTP and HTTPS simultaneously in configuration, HTTP can be redirected to HTTPS requests:
@Configuration public class TomcatConfig { @Bean TomcatServletWebServerFactory tomcatServletWebServerFactory(){ TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory(){ @Override protected void postProcessContext(Context context) { SecurityConstraint constraint = new SecurityConstraint(); constraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); constraint.addCollection(collection); context.addConstraint(constraint); } }; factory.addAdditionalTomcatConnectors(createTomcatConnector()); return factory; } private Connector createTomcatConnector(){ Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); connector.setPort(8080); connector.setSecure(false); connector.setRedirectPort(8081); return connector; } }
3. Jetty Configuration and Undertow
In addition to Timcat, you can configure Jetty in SpringBoot in the following way:
<dependencyManagement> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-dependencies</artifactId> <version>2.0.4.RELEASE</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> <!-- Remove default Tomcat --> <exclusions> <exclusion> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-tomcat</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-jetty</artifactId> </dependency> </dependencies>
Undertow is an open source Java server from Red Hat. It has good performance and is well supported in SpringBook. It is configured in the same way as Jetty.