Seitenvergleich

...

Der embedded jetty-Server, den jadice server mitbringt, muss so konfiguriert werden, dass dieser die für die Verschlüsselung benötigten Keystores kennt. Dazu erstellen Sie unter server-config/application die Datei jetty-tls.xml mit diesem Inhalt:

Codeblock

language	xml
title	jetty-tls.xml

<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration"
    xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
    xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:cxf="http://cxf.apache.org/core"
    xsi:schemaLocation="
    http://www.springframework.org/schema/beans                  httphttps://www.springframework.org/schema/beans/spring-beans-4.0.xsd
    http://cxf.apache.org/configuration/security                 httphttps://cxf.apache.org/schemas/configuration/security.xsd
    http://cxf.apache.org/transports/http/configuration            httphttps://cxf.apache.org/schemas/configuration/http-conf.xsd
    http://cxf.apache.org/transports/http-jetty/configuration      httphttps://cxf.apache.org/schemas/configuration/http-jetty.xsd
    http://cxf.apache.org/core                                     httphttps://cxf.apache.org/schemas/core.xsd">
    <cxf:bus />
    <httpj:engine-factory bus="cxf">
        <httpj:engine port="9001">
            <httpj:tlsServerParameters>
                <sec:keyManagers keyPassword="password">
                    <sec:keyStore
                        file="C:\path\to\your\keystore.jks"
                        password="password" type="JKS" />
                </sec:keyManagers>
                <sec:trustManagers>
                    <sec:keyStore
                        file="C:\path\to\your\keystore.jks"
                        password="password" type="JKS" />
                </sec:trustManagers>
                <sec:cipherSuitesFilter>
        <!-- these filters ensure that a ciphersuite
                        with export-suitable or null encryption is used, but exclude anonymous Diffie-Hellman
                        key change as this is vulnerable to man-in-the-middle attacks -->
                    <sec:include>.*_EXPORT_.*</sec:include>
                    <sec:include>.*_EXPORT1024_.*</sec:include>
                    <sec:include>.*_WITH_DES_.*</sec:include>
                    <sec:include>.*_WITH_AES_.*</sec:include>

                   <sec:include>.*_WITH_NULL_.*</sec:include>
                    <sec:exclude>.*_DH_anon_.*</sec:exclude>
                </sec:cipherSuitesFilter>
                <sec:clientAuthentication want="true"
                    required="false" />
            </httpj:tlsServerParameters>
            <httpj:handlers>
                <bean class="org.eclipse.jetty.server.handler.DefaultHandler" />
            </httpj:handlers>
        </httpj:engine>
    </httpj:engine-factory>
</beans>

Um die oben erzeugte Konfigurationsdatei in jadice server einzubinden muss in der Datei server-config/application/webservicesserver.xml folgende Zeile ergänzt werden:
Codeblock
language xml
title Ergänzung in webservicesserver.xml
<import resource="jetty-tls.xml"/>
Die Addresse und der Port in der Datei server-config/application/soap.xml entsprechend der Werte im jetty-tls.xml anpassen
Codeblock
language xml
title Anpassung in webservicessoap.xml
<jaxws:endpoint id="jobServiceEndpoint" implementor="#jobService" address="https://${jadice.server.hostname}:90019000/jadiceServer">

Weitere Informationen

...

Nach Stichwort filtern (Inhalt nach Stichwort)

showLabels	false
max	5
spaces
showSpace	false
sort	modified
showSpace	false
reverse	true
type	page
cql	label in ("server","jadice","tls","webservice") and type = "page"
labels	jadice server webservice tls

Versionen im Vergleich

Alte Version 8

Neue Version 9

Schlüssel

Weitere Informationen