HOWTO Configure JBoss for HTTPS

最新推荐文章于 2018-05-12 17:41:36 发布
最新推荐文章于 2018-05-12 17:41:36 发布
阅读量711 收藏
点赞数
分类专栏: cas

引用:https://wiki.jasig.org/display/CASUM/HOWTO+Configure+JBoss+for+HTTPS


This HOWTO walks you through the HTTPS configuration using a self-signed certificate on a JBoss server.
It was tested on JBoss EAP 4.3 but should work on other versions.  Tomcat users should refer to the excellent instructions contained in the CAS Demo.  To install a certificate from a recognized certificate authority you will need to modify these steps slightly.

Self-signed certificate on JBoss:
  1.  The instructions assume a virgin jBoss install.
  2. Identify the hostname for the computer hosting the server.  I.e.: myHostname for these instructions
  3. Identify the jBoss server type (all, default, production).  I.e.: default for these instructions
  4. jBoss recommends using the same file as both keystore and trustore.  This will be server.keystore.  In a virgin install there should be no server.keystore in the default/conf folder.  If you have one, you must decide whether to delete it (to use these instructions) or whether to adapt the instructions to suit your situation.
  5. Creating the keystore and private key:
    1. Open a command prompt or shell and go to the default/conf folder.
    2. keytool -genkey -alias jbosskey -keypass changeit -keyalg RSA -keystore server.keystore
    3. Answer the prompts.  Use myHostname when asked for first/last name.  This is critical.
    4. server.keystore is generated.
    5. keytool -list -keystore server.keystore
    6. You should see the PrivateKeyEntry named jbosskey in the listing.
  6. Generating and storing the certificate.
    1. keytool -export -alias jbosskey -keypass changeit -file server.crt -keystore server.keystore
    2. server.crt is generated.
    3. keytool -import -alias jbosscert -keypass changeit -file server.crt -keystore server.keystore
    4. You receive a warning that it already exists in the keystore.  Ignore it.  It is because Java expects separate keystore adn trustore files and we are using only one.
    5. keytool -list -keystore server.keystore
    6. You should see a TrustedCertEntry named jbosscert in the listing.
  7. Ensure that you start the server with:
    1. -c default -b 0.0.0.0 -Djavax.net.ssl.trustStore="<C:/yourServerLocation>/server/default/conf/server.keystore"
    2. Where -c specfies your server type
    3. Where -b is required to use the server as anything but localhost, with a server name if you only have 1 network card, with 0.0.0.0 if you have multiple network cards
    4. -Djavax.net.ssl.trustStore specifies the location of your truststore.
    5. In Windows you may place these parameters in a shortcut you use to execute run.bat.
    6. In Unix you may place them in your startup script.
    7. In Eclipse, RAD or any other Eclipse-derivative your best bet is to use the jBossTools plugin.
      1. Go to the jBossServer view
      2. Double-click on the server
      3. Verify that your hostname is set to myHostname
      4. Click OpenLaunchConfiguration
      5. Add to the program arguments.
  8. Enable jBoss' Tomcat for HTTPS:
    1. Edt "<C:/yourServerLocation>/server/default/deploy/jboss-web.deployer/server.xml"
    2. Uncomment the section that begins with <Connector port="8443"
    3. At the end of the section (but still inside of it) add:
      1. keystoreFile="/conf/server.keystore"
      2. keystorePass="changeit"
  9. Post-setup tests:
    1. All of these test should succeed.  If they fail, you probably made a mistake in the previous steps.  Your browser will warn you about untrusted sites/certificates - this is OK, you are using a self-signed certificate. If you want to get rid of the warnings you must get a certificate from a certificate authority.
    2. Vanilla access to jBoss' home page:   _http://myHostname:8080_
    3. HTTPS access to jBoss' home page:  _https://myHostname:8443_
    4. Vanilla access to a non-CAS application:  _http://myHostname:8080/myApp_
    5. HTTPS access to a non-CAS application:  https://myHostname:8443/myApp
    6. Vanilla access to CAS:
      1. _http://myHostname:8080/login_
      2. _http://myHostname:8080/logout_
    7. Access a CAS-enabled application: 
      1. _http://myCAS-enabledApp_
      2. Unprotected pages should be accessible without going to CAS.
      3. You should be redirected to the CAS login the first time you access a protected page.  After the login you should reach the page.
      4. Subsequent accesses to protected pages should not redirect you to the CAS login unless you time out or close your browser.
 Certificate from a Certificate Authority (CA):


 Needed.  Please consider contributing it if you tweak these instructions to install a certificate from a CA.


JBoss AS 5 Performance Tuning.pdf
08-16
JBoss AS 5 Performance Tuning will teach you how to deliver fast applications on the JBoss Application Server and Apache Tomcat, giving you a decisive competitive advantage over your competitors. ...
jboss in action
03-28
In this book, we cover a wide variety of technologies and show you how to configure those technologies specifically for use in the JBoss Application Server. Naturally, this can’t be done in a vacuum,...
jboss各种测试方式归类
weixin_30768661的博客
03-02 118
不跨工程访问(如:HBase) 跨工程访问(如:Business) 不部署到服务器上 部署到服务器上 不部署到服务器上 部署到服务器上 Junit测试 实例化直接调用 true true False (NullPointerException) ...
How to configure Gzip for JBoss?---refer
08-25 93
Question: I think to try to speed up my Web App by reducing the size of transferred data. For example, in Nginx there is a special module. How to enable compression for JBoss server? Answer: ...
How to Configure Tomcat/JBoss and Apache HTTPD for Load Balancing and Failover
02-10 140
http://java.dzone.com/articles/how-configure-tomcatjboss-and In this post we will see how to setup a load balanced JBoss or Tomcat environment with the fail-over capability. This post assumes...
How to configure Copyright Profiles in IntelliJ IDEA
在路上
05-12 5808
How to configure Copyright Profiles in IntelliJ IDEA
JBoss Howto - Configure Ports
vanghoh
02-02 147
https://community.jboss.org/docs/DOC-9376   ConfigurePorts 版本 18   创建于: 2004-6-1 上午3:49 作者 tedtollefson - 最后修改:  2010-5-12 下午3:46 作者 Stelios Koussouris Setting up multiple instanc...
How to configure the C3P0 connection pool in Hibernate
qq_26847293的博客
09-09 855
Connection PoolConnection pool is good for performance, as it prevents Java application create a connection each time when interact with database and minimizes the cost of opening and closing connectio
configure JAAS for jboss 7.1 and mysql--reference
08-07 121
Hello all, In this tutorial we are going to configure JAAS for jboss 7.1 and mysql for Form based authentication to be used in a web application. . We have already covered how toconfigure jaas fo...
How to configure DBCP connection pool in Hibernate
qq_26847293的博客
09-09 608
Note Due to bugs in the old DBCP code, Hibernate is no longer maintain DBCP-based connection provider, read this Hibernate thread. Now, Apache DBCP is back to active development, and many bugs ar
How to integrate Solr and Jboss
Clay's Coding Life
09-11 104
本文转自 http://www.mail-archive.com/solr-user@lucene.apache.org/msg05645.html   Hi, The method works, but has the drawback that you need to configure your solr home inside the war of the web application...
Manning JBoss in Action: Configuring the JBoss Application Server
04-15
It shows how to configure the server's various component containers such as the JBoss Web Server, the EJB 3 server, and JBoss Messaging. It also provides detailed insight into configuring the various...
英文原版-JBoss in Action 1st Edition
09-23
Configuring the JBoss Utility ServerJBoss in Motion is the primary e-book to deal with educating readers intimately how you can use the JBoss utility server. In contrast to different...
陕西省2025年初中学业水平考试实验操作考试试题及评分细则.zip
最新发布
04-25
陕西省2025年初中学业水平考试实验操作考试试题及评分细则.zip
Halcon与C#结合的机器视觉开发:经典案例解析与最佳实践
04-25
内容概要:本文详细介绍了如何将Halcon与C#相结合进行机器视觉开发。首先解释了选择Halcon联合C#的原因,强调了两者的互补优势。接着通过多个具体案例展示了如何将Halcon的经典例子转化为C#代码,包括图像读取与显示、阈值分割、形状匹配、图像采集等方面的内容。文中还特别提到了一些常见问题及其解决方案,如内存管理、坐标系转换、线程安全等。此外,作者提供了许多实用技巧,如使用扩展方法处理Halcon的数据类型、封装相机操作类、优化异常处理等。最后,作者分享了一些实战经验,包括环境配置、性能优化、交互设计等方面的建议。 适合人群:具有一定C#编程基础,对机器视觉感兴趣的开发人员。 使用场景及目标:帮助C#开发人员更好地理解和掌握Halcon的使用方法,提高视觉开发效率,减少开发过程中的常见错误和技术难题。 其他说明:文中提供的所有案例代码均已整理在GitHub的HalconSharpToolkit项目中,按功能模块划分,便于学习和参考。
西门子S7-1200 PLC污水处理系统:博途V17版KTp1200屏程序设计与优化
04-25
内容概要:本文详细介绍了西门子S7-1200 PLC在污水处理项目中的应用,涵盖模拟量处理、设备轮换、Modbus通讯以及事件记录等多个方面。文中展示了如何利用博途V17进行程序设计,包括具体的SCL代码实例,如液位检测的滑动窗口滤波法、提升泵的轮换逻辑、Modbus TCP对变频器的控制以及报警信息管理等。此外,还分享了一些实用技巧,如防止信号跳变、避免设备过度磨损、确保通讯稳定性和提高报警记录效率的方法。 适合人群:从事工业自动化领域的工程师和技术人员,尤其是熟悉西门子PLC和博途软件的从业者。 使用场景及目标:适用于污水处理项目的PLC编程和系统集成,旨在提高系统的稳定性和可靠性,减少维护成本并优化设备性能。 其他说明:文中不仅提供了详细的代码示例,还分享了许多来自实际项目的经验教训,帮助读者更好地理解和应用相关技术。
MATLAB实现改进带约束粒子群优化算法(IPSO)及其工程应用
04-25
内容概要:本文详细介绍了改进的带约束粒子群算法(IPSO)在MATLAB环境下的实现细节。首先探讨了IPSO算法中接口设计的独特之处,即通过定义目标函数和约束条件的接口,使算法能够灵活应对不同类型的优化问题。接着阐述了非线性惯性权重和学习因子的设计理念,解释了它们如何帮助算法在搜索过程中更好地平衡全局探索和局部开发。最后讨论了基于MATLAB类编程的优势,强调了此类编程方式带来的代码复用性和维护便捷性。此外,文中还提供了丰富的代码片段作为示例,展示了IPSO算法的具体实现步骤。 适合人群:对优化算法感兴趣的科研人员、工程师以及希望深入了解粒子群算法并应用于实际项目的开发者。 使用场景及目标:适用于需要高效解决带有复杂约束条件的优化问题的场合,如工程设计、物流规划等领域。目标是利用IPSO算法更快地找到全局最优解,同时确保满足所有约束条件。 其他说明:文中不仅分享了理论知识,还包括了许多实用的编码技巧,有助于读者快速掌握IPSO算法的应用方法。
基于分布式ADMM算法与碳排放交易的MATLAB代码:电力系统优化调度
04-25
内容概要:本文介绍了一段基于分布式ADMM算法的MATLAB代码,用于电力系统优化调度,尤其关注碳排放交易的影响。代码首先对电力系统进行分区,接着构建DC-DOPF最优潮流问题,考虑碳排放交易的成本,并利用ADMM算法求解。文中详细解释了各个关键步骤,如系统分区、目标函数设计、碳排放交易成本计算以及ADMM算法的具体实现。此外,代码还包括了多种优化技术和实用技巧,如自适应惩罚因子调整、边界条件处理等,确保算法的有效性和实用性。 适用人群:适用于对电力系统优化调度感兴趣的科研人员、工程师和技术爱好者,尤其是希望深入了解分布式算法和碳排放交易机制的人群。 使用场景及目标:①研究电力系统优化调度的新方法和技术;②探讨碳排放交易对电力系统调度策略的影响;③提高电力系统运行效率和环保性能。 其他说明:代码不仅提供了详细的注释和模块化设计,还展示了丰富的可视化结果,便于理解和进一步研究。同时,文中提到了一些实际应用案例,证明了该方法的有效性和优越性。
How to configure vscode
03-30
As an AI language model, I don't have access to a visual interface but I can provide you with the steps to configure VS Code using command line: 1. Install VS Code: You can download VS Code from the official website. 2. Install extensions: VS Code has a vast collection of extensions that can improve your coding experience. You can install extensions by pressing `Ctrl + Shift + X` and searching for the desired extension. 3. Configure settings: You can configure VS Code settings by pressing `Ctrl + ,`. This will open the settings.json file where you can add your desired settings. 4. Customize key bindings: You can customize key bindings by pressing `Ctrl + K Ctrl + S`. This will open the keybindings.json file where you can add your desired key bindings. 5. Configure workspace: You can configure a workspace by opening a folder in VS Code and then adding your desired settings, extensions, and key bindings. These settings will only apply to the current workspace. 6. Configure debugging: You can configure debugging by adding a launch.json file to your workspace. This file contains configurations for different debugging scenarios. 7. Configure Git: You can configure Git by installing the Git extension and then adding your desired Git settings to the settings.json file. These are some basic steps to configure VS Code. You can further customize and configure VS Code according to your needs.
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值