Tomcat6作为Windows服务时的JAVA_OPTS设置
首先,到服务列表中找到Tomcat服务,右击,Properties - General - Path to executable,看到类似:
%TOMCAT_HOME%(指的是Tomcat安装目录,下同)\bin\tomcat6.exe //RS//tomca…
9 years ago
0
Ubuntu14.04下Eclipse开发环境的搭建
下载软件
Eclipse 4.3.2 | http://mirror.bjtu.edu.cn/eclipse/technology/epp/downloads/release/kepler/SR2/eclipse-jee-kepler-SR2-linux-gtk-… |
9 years ago
0
Groovy学习笔记
基础知识
Groovy简介
Groovy诞生于2004年, 它是可选类型的(optionally typed)动态语言,是最流行的JVM语言之一,比起其它语言,Groovy能够与Java无缝集成、相互调用,这是它的最大优势。
Groovy可以作为脚本语言使用(但…
阅读全文
10 years ago
0
Aspject加载时织入示例
问题场景
最近的一个使用DDD风格建模的项目中,遇到这样的一个场景:
- 领域类的抽象类层次,作为Hibernate实体类使用,由于其包含了一些业务逻辑,需要Spring依赖注入的支持,故使用了@Configurable注解+AspectJ编译时织入的方式
- 具体领域…
10 years ago
0
Ubuntu下安装Tomcat7
下载Tomcat压缩包:
解压,并移动到习惯的存储位置:
修改设置:
阅读全文
1 |
wget -O apache-tomcat-7.0.55.tar.gz "http://apache.mirrors.timporter.net/tomcat/tomcat-7/v7.0.55/bin/apache-tomcat-7.0.55.tar.gz" |
1 2 3 |
tar -zxvf apache-tomcat-7.0.55.tar.gz rm tomcat-7.0.55.tar.gz mv apache-tomcat-7.0.55 /usr/local/ |
10 years ago
0
使用log4jdbc记录SQL语句的执行情况
在进行数据库开发时,我们经常需要监测SQL语句的执行情况,一般的手工编码记录、Hibernate日志记录,有如下的缺点:
- 人工记录太麻烦,需要写很多日志记录语句
- 无法获取PreparedStatement的传入参数,只能显示为"?"
11 years ago
0
CXF带SSL支持的客户端示例
WebService接口定义
基于JAX-WS定义的接口:
1 2 3 4 5 6 7 8 9 10 11 12 |
@WebService public interface DataTransService { @WebMethod ( operationName = "sendXML" ) @WebResult ( name = "response" ) String sendXML( @WebParam ( name = "userName" ) String userName, @WebParam ( name = "password" ) String password, @WebParam ( name = "msg" ) String msg ); } |
SSL客户端示例
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
public void send(String username,String password,String xml) { String address = "https://127.0.0.1:5051/dataTransService"; JaxWsProxyFactoryBean proxyFactory = new JaxWsProxyFactoryBean(); proxyFactory.setServiceClass( DataTransService.class ); proxyFactory.setAddress( address ); DataTransService service = (DataTransService) proxyFactory.create(); org.apache.cxf.endpoint.Client client = ClientProxy.getClient( service ); HTTPConduit httpConduit = (HTTPConduit) client.getConduit(); TLSClientParameters tlsParams = initTLSClientParameters(); httpConduit.setTlsClientParameters( tlsParams ); service.sendXML( username, password,xml); } private TLSClientParameters initTLSClientParameters() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, UnrecoverableKeyException { TLSClientParameters tlsParams = new TLSClientParameters(); tlsParams.setDisableCNCheck( true ); CanaryConfig cfg = getCanaryConfig(); { KeyStore trustKeyStore = KeyStore.getInstance( cfg.getString( "https.trustManagers.keyStore.type" ) ); String trustKeyStorePassword = cfg.getString( "https.trustManagers.keyStore.password" ); String url = cfg.getString( "https.trustManagers.keyStore.url" ); File trustKeyStoreFile = CanaryHelper.urlToFile( url ); trustKeyStore.load( new FileInputStream( trustKeyStoreFile ), trustKeyStorePassword.toCharArray() ); TrustManagerFactory trustFactory = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm() ); trustFactory.init( trustKeyStore ); TrustManager[] tm = trustFactory.getTrustManagers(); tlsParams.setTrustManagers( tm ); } { KeyStore priKeyStore = KeyStore.getInstance( cfg.getString( "https.keyManagers.keyStore.type" ) ); String priKeyStorePassword = cfg.getString( "https.keyManagers.keyStore.password" ); String url = cfg.getString( "https.keyManagers.keyStore.url" ); File priKeyStoreFile = CanaryHelper.urlToFile( url ); priKeyStore.load( new FileInputStream( priKeyStoreFile ), priKeyStorePassword.toCharArray() ); KeyManagerFactory keyFactory = KeyManagerFactory.getInstance( KeyManagerFactory.getDefaultAlgorithm() ); keyFactory.init( priKeyStore, cfg.getString( "https.keyManagers.keyPassword" ).toCharArray() ); KeyManager[] km = keyFactory.getKeyManagers(); tlsParams.setKeyManagers( km ); } { FiltersType filter = new FiltersType(); filter.getInclude().add( ".*_EXPORT_.*" ); filter.getInclude().add( ".*_EXPORT1024_.*" ); filter.getInclude().add( ".*_WITH_DES_.*" ); filter.getInclude().add( ".*_WITH_NULL_.*" ); filter.getExclude().add( ".*_DH_anon_.*" ); tlsParams.setCipherSuitesFilter( filter ); } return tlsParams; } |
11 years ago
0
Spring配置:启用Jetty SSL传输的CXF
Spring配置文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 |
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:cxf="http://cxf.apache.org/core" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd "> <import resource="classpath:META-INF/cxf/cxf.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-jaxws.xml" /> <cxf:bus> <cxf:features> <cxf:logging /> </cxf:features> </cxf:bus> <bean id="cfg" class="sparknet.canary.core.cfg" init-method="init"> <property name="params"> <value> <![CDATA[ http.port=5050 https.port=5051 https.keyManagers.keyStore.type=JKS https.keyManagers.keyPassword=sparknet https.keyManagers.keyStore.password=sparknet https.keyManagers.keyStore.url=#{@cfg.baseDirUrl}/work/security/key/platform.jks https.trustManagers.keyStore.type=JKS https.trustManagers.keyStore.password=sparknet https.trustManagers.keyStore.url=#{@cfg.baseDirUrl}/work/security/cert/trust.jks http.minThreads=5 http.maxThreads=50 ]]> </value> </property> </bean> <bean name="dataTransServiceImplHttp" class="cc.gmem.demo.ws.DataTransServiceImpl" autowire="byName"> <property name="https" value="false" /> </bean> <bean name="dataTransServiceImplHttps" class="cc.gmem.demo.ws.DataTransServiceImpl" autowire="byName"> <property name="https" value="true" /> </bean> <jaxws:endpoint id="dataTransServiceHttp" implementor="#dataTransServiceImplHttp" address="http://0.0.0.0:#{@cfg.params['http.port']}/dataTransService" publish="true" /> <jaxws:endpoint id="dataTransServiceHttps" implementor="#dataTransServiceImplHttps" address="https://0.0.0.0:#{@cfg.params['https.port']}/dataTransService" publish="true" /> <httpj:engine-factory bus="cxf"> <httpj:identifiedThreadingParameters id="threadPool"> <httpj:threadingParameters minThreads="#{@cfg.params['http.minThreads']}" maxThreads="#{@cfg.params['http.maxThreads']}" /> </httpj:identifiedThreadingParameters> <httpj:engine port="#{@cfg.params['http.port']}"> <httpj:threadingParametersRef id="threadPool" /> <httpj:connector> <bean class="org.eclipse.jetty.server.bio.SocketConnector"> <property name="port" value="#{@cfg.params['http.port']}" /> </bean> </httpj:connector> </httpj:engine> <httpj:engine port="#{@cfg.params['https.port']}"> <httpj:tlsServerParameters> <sec:keyManagers keyPassword="#{@cfg.params['https.keyManagers.keyPassword']}"> <sec:keyStore type="#{@cfg.params['https.keyManagers.keyStore.type']}" url="#{@cfg.params['https.keyManagers.keyStore.url']}" password="#{@cfg.params['https.keyManagers.keyStore.password']}" /> </sec:keyManagers> <sec:trustManagers> <sec:keyStore type="#{@cfg.params['https.trustManagers.keyStore.type']}" url="#{@cfg.params['https.trustManagers.keyStore.url']}" password="#{@cfg.params['https.trustManagers.keyStore.password']}" /> </sec:trustManagers> <sec:cipherSuitesFilter> <sec:include>.*_EXPORT_.*</sec:include> <sec:include>.*_EXPORT1024_.*</sec:include> <sec:include>.*_WITH_DES_.*</sec:include> <sec:include>.*_WITH_AES_.*</sec:include> <sec:include>.*_WITH_NULL_.*</sec:include> <sec:exclude>.*_DH_anon_.*</sec:exclude> </sec:cipherSuitesFilter> <sec:clientAuthentication want="true" required="true" /> </httpj:tlsServerParameters> <httpj:threadingParametersRef id="threadPool" /> <httpj:connector> <bean class="org.eclipse.jetty.server.ssl.SslSocketConnector"> <property name="port" value="#{@cfg.params['https.port']}" /> <property name="password" value="#{@cfg.params['https.keyManagers.keyStore.password']}" /> <property name="trustPassword" value="#{@cfg.params['https.trustManagers.keyStore.password']}" /> <property name="keyPassword" value="#{@cfg.params['https.keyManagers.keyPassword']}" /> <property name="protocol" value="TLS" /> <property name="keystore" value="#{@cfg.params['https.keyManagers.keyStore.url']}" /> <property name="keystoreType" value="#{@cfg.params['https.keyManagers.keyStore.type']}" /> <property name="truststore" value="#{@cfg.params['https.trustManagers.keyStore.url']}" /> <property name="truststoreType" value="#{@cfg.params['https.trustManagers.keyStore.type']}" /> <property name="wantClientAuth" value="false" /> <property name="needClientAuth" value="false" /> </bean> </httpj:connector> </httpj:engine> </httpj:engine-factory> </beans> |
使用JDK的keytool密钥对
使用JDK自带的keytool命令可以生成JKS(Java KeyStore)文件,作为数字证书库使用。在配置SSL时,一般需要用到两个JKS:信任库、证书库(对应上节配置文件中的truststore、keystore)。
下面是生成证书库的示例:
1 |
keytool -genkey -alias platform -keyalg RSA -keypass key_password -storepass store_password -dname "CN=DataTrans Platform, OU=, O=Gmem.cc, L=Nan Jing, ST=Jiang Su, C=CN" -validity 3650 -keystore platform.jks |
11 years ago
0