很容易弄清楚如何将使用 Grizzly 的 Jersey 应用程序部署到 Heroku。一旦我安装了基本的应用程序,我决定按照https-clientserver-grizzly中列出的说明进行操作。示例来保护我的端点,但在将其部署到 Heroku 时遇到了一些问题。
一旦部署到 Heroku,服务器就会拒绝响应,关闭所有连接请求而不发送响应。在本地我没有问题,只有当我部署到 Heroku 时才会出现此错误。
我已在下面添加了 Server.java 文件的相关部分。
public class Server extends ResourceConfig {
private static final String DEFAULT_SERVER_PORT = "8443";
private static final String KEY_SERVER_PORT = "server.port";
private static final String KEY_TRUST_PASSWORD = "TRUST_PASSWORD";
private static final String KEYSTORE_SERVER_FILE = "./security/keystore_server";
private static final String LOCALHOST = "https://0.0.0.0:%s/v1";
private static final String TRUSTSTORE_SERVER_FILE = "./security/truststore_server";
private final String endpoint;
private final HttpServer httpServer;
private Server(final String endpoint) throws KeyManagementException,
NoSuchAlgorithmException, KeyStoreException, CertificateException,
FileNotFoundException, IOException, UnrecoverableKeyException {
super();
...
URI.create(this.endpoint),
this,
true,
secure());
this.httpServer.start();
System.out.println(String.format(
"Jersey app started with WADL available at %s/application.wadl",
this.endpoint));
}
/**
* Generates a secure configurator for the server.
* @return A {@link SSLEngineConfigurator} instance for the server.
* @throws IOException If the key or trust store password cannot be read.
* @throws RuntimeException If the configuration is considered invalid.
*/
private static SSLEngineConfigurator secure() throws IOException, RuntimeException {
// Set up security context
final String password = System.getenv(KEY_TRUST_PASSWORD);
if (password == null) {
throw new RuntimeException("Truststore password is not set in the environment");
}
// Grizzly ssl configuration
SSLContextConfigurator sslContext = new SSLContextConfigurator();
// set up security context
sslContext.setKeyStoreFile(KEYSTORE_SERVER_FILE); // contains server keypair
sslContext.setKeyStorePass(password);
sslContext.setTrustStoreFile(TRUSTSTORE_SERVER_FILE); // contains client certificate
sslContext.setTrustStorePass(password);
sslContext.setSecurityProtocol("TLS");
if (!sslContext.validateConfiguration(true)) {
throw new RuntimeException("SSL context is invalid");
}
return new SSLEngineConfigurator(sslContext)
.setClientMode(false)
.setNeedClientAuth(false);
}
}
如果有人经历过这个问题并提出任何建议,我们将不胜感激!
最佳答案
在 Heroku 上,您不需要自己在 Java 应用程序中设置 HTTPS。 Heroku 为您处理 HTTPS,SSL 终止发生在 Heroku 路由器上,因此流量在到达您的应用程序时未加密。
只需访问您的网站 https://.herokuapp.com
关于java - 如何将安全的 Jersey 应用程序部署到 Heroku,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37737086/