{"id":1506,"date":"2023-09-25T17:29:15","date_gmt":"2023-09-25T09:29:15","guid":{"rendered":"http:\/\/blog.sway.com.cn\/?p=1506"},"modified":"2023-09-25T17:38:22","modified_gmt":"2023-09-25T09:38:22","slug":"jboss-eap-7-4-%e4%bf%ae%e6%94%b9%e5%9c%a8standalone%e4%b8%8b%e9%bb%98%e8%ae%a4%e7%9a%84https%e8%af%81%e4%b9%a6","status":"publish","type":"post","link":"http:\/\/blog.sway.com.cn\/?p=1506","title":{"rendered":"JBOSS EAP 7.4 \u4fee\u6539\u5728standalone\u4e0b\u9ed8\u8ba4\u7684HTTPS\u8bc1\u4e66"},"content":{"rendered":"\n

jboss\u5728standalone\u6a21\u5f0f\u4e0b\u7684\u914d\u7f6e\u6587\u4ef6\u662f\u5728\/standalone\/configuration\/standalone.xml\uff0c\u6240\u4ee5\u63a5\u4e0b\u6765\u7684\u64cd\u4f5c\u90fd\u5728\u8fd9\u4e2a\u6587\u4ef6\u4e2d\u8fdb\u884c\u3002<\/p>\n\n\n\n

\u786e\u8ba4JBOSS\u7684HTTPS\u542f\u7528\u60c5\u51b5<\/h2>\n\n\n\n

\u6253\u5f00\u914d\u7f6e\u6587\u4ef6\uff0c\u786e\u4fdd\u4ee5\u4e0b\u914d\u7f6e\u4e2d\u7684https\u7684\u914d\u7f6e\u662f\u5b58\u5728\u7684\uff0c\u4e14\u662f\u4f60\u60f3\u8981\u7684\uff1a<\/p>\n\n\n\n

    <socket-binding-group name=\"standard-sockets\" default-interface=\"public\" port-offset=\"${jboss.socket.binding.port-offset:0}\">\n        <socket-binding name=\"ajp\" port=\"${jboss.ajp.port:8009}\"\/>\n        <socket-binding name=\"http\" port=\"${jboss.http.port:8080}\"\/>\n        <socket-binding name=\"https\" port=\"${jboss.https.port:8443}\"\/>\n        <socket-binding name=\"management-http\" interface=\"management\" port=\"${jboss.management.http.port:9990}\"\/>\n        <socket-binding name=\"management-https\" interface=\"management\" port=\"${jboss.management.https.port:9993}\"\/>\n        <socket-binding name=\"txn-recovery-environment\" port=\"4712\"\/>\n        <socket-binding name=\"txn-status-manager\" port=\"4713\"\/>\n        <outbound-socket-binding name=\"mail-smtp\">\n            <remote-destination host=\"${jboss.mail.server.host:localhost}\" port=\"${jboss.mail.server.port:25}\"\/>\n        <\/outbound-socket-binding>\n    <\/socket-binding-group><\/pre>\n\n\n\n\u914d\u7f6e\u4f60\u7684SSL\u8bc1\u4e66<\/h2>\n\n\n\n\u627e\u5230security-realms\u5bf9\u5e94\u7684\u914d\u7f6e\uff1a<\/p>\n\n\n\n
        <security-realms>\n            <security-realm name=\"ManagementRealm\">\n                <authentication>\n                    <local default-user=\"$local\" skip-group-loading=\"true\"\/>\n                    <properties path=\"mgmt-users.properties\" relative-to=\"jboss.server.config.dir\"\/>\n                <\/authentication>\n                <authorization map-groups-to-roles=\"false\">\n                    <properties path=\"mgmt-groups.properties\" relative-to=\"jboss.server.config.dir\"\/>\n                <\/authorization>\n            <\/security-realm>\n            <security-realm name=\"ApplicationRealm\">\n                <server-identities>\n                    <ssl>\n                        <keystore path=\"application.keystore\" relative-to=\"jboss.server.config.dir\" keystore-password=\"password\" alias=\"server\" key-password=\"password\" generate-self-signed-certificate-host=\"localhost\"\/>\n                    <\/ssl>\n                <\/server-identities>\n                <authentication>\n                    <local default-user=\"$local\" allowed-users=\"*\" skip-group-loading=\"true\"\/>\n                    <properties path=\"application-users.properties\" relative-to=\"jboss.server.config.dir\"\/>\n                <\/authentication>\n                <authorization>\n                    <properties path=\"application-roles.properties\" relative-to=\"jboss.server.config.dir\"\/>\n                <\/authorization>\n            <\/security-realm>\n        <\/security-realms><\/pre>\n\n\n\n\u5728security-realms\u5185\u589e\u52a0\u4f60\u7684security-realm\uff0c\u5982\uff1aMySecurityRealm\uff08\u5176\u5b9e\u4ee5\u4e0b\u4ee3\u7801\u662f\u62f7\u8d1dApplicationRealm\u540e\u4fee\u6539\u5176keystore\u7684\u914d\u7f6e\u4ee5\u53ca\u589e\u52a0\u4e86truststore\u7684\u914d\u7f6e\uff0c\u5177\u4f53\u89c1\u9ad8\u4eae\u884c\uff09<\/p>\n\n\n\n
            <security-realm name=\"MySecurityRealm\">\n                <server-identities>\n                    <ssl>\n                        <keystore path=\"D:\\xxx\\yourKeyStore.jks\" keystore-password=\"123456\" alias=\"yourKeyAlias\" key-password=\"123456\"\/>\n                    <\/ssl>\n                <\/server-identities>\n                <authentication>\n                    <local default-user=\"$local\" allowed-users=\"*\" skip-group-loading=\"true\"\/>\n                    <properties path=\"application-users.properties\" relative-to=\"jboss.server.config.dir\"\/>\n                    <truststore path=\"D:\\xxx\\yourKeyStore.jks\" keystore-password=\"123456\"\/>\n                <\/authentication>\n                <authorization>\n                    <properties path=\"application-roles.properties\" relative-to=\"jboss.server.config.dir\"\/>\n                <\/authorization>\n            <\/security-realm><\/pre>\n\n\n\n\u4fee\u6539\u4f60\u9700\u8981\u914d\u7f6e\u7684subsystem\u5bf9\u5e94\u7684security-realm<\/h2>\n\n\n\n\u5927\u5bb6\u4e00\u822c\u90fd\u662f\u6839\u76ee\u5f55\u90e8\u7f72\uff0c\u6240\u4ee5\u4e00\u822c\u662f\u641c\u7d22\u201cdefault-host\u201d\u5173\u952e\u5b57\u6765\u627e\u5230\u5bf9\u5e94\u7684subsystem\u3002<\/p>\n\n\n\n
        <subsystem xmlns=\"urn:jboss:domain:undertow:12.0\" default-server=\"default-server\" default-virtual-host=\"default-host\" default-servlet-container=\"default\" default-security-domain=\"other\" statistics-enabled=\"${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}\">\n            <buffer-cache name=\"default\"\/>\n            <server name=\"default-server\">\n                <http-listener name=\"default\" socket-binding=\"http\" redirect-socket=\"https\" enable-http2=\"true\"\/>\n                <https-listener name=\"https\" socket-binding=\"https\" security-realm=\"ApplicationRealm\" enable-http2=\"true\"\/>\n                <host name=\"default-host\" alias=\"localhost\">\n                    <location name=\"\/\" handler=\"welcome-content\"\/>\n                    <http-invoker security-realm=\"ApplicationRealm\"\/>\n                <\/host>\n            <\/server>\n            <servlet-container name=\"default\">\n                <jsp-config\/>\n                <websockets\/>\n            <\/servlet-container>\n            <handlers>\n                <file name=\"welcome-content\" path=\"${jboss.home.dir}\/welcome-content\"\/>\n            <\/handlers>\n        <\/subsystem><\/pre>\n\n\n\n\u4ece\u4e0a\u8ff0\u4ee3\u7801\u7247\u6bb5\u4e2d\u53ef\u4ee5\u627e\u5230\u5bf9\u5e94\u7684\u201csecurity-realm\u201d\u7684\u540d\u79f0\u662f\u201cApplicationRealm\u201d\uff0c\u5c06\u4ed6\u4fee\u6539\u6210\u201cMySecurityRealm\u201d\u3002<\/p>\n\n\n\n
\u91cd\u542fJBOSS<\/h2>\n\n\n\n\u91cd\u542f\u4ee5\u8ba9\u914d\u7f6e\u751f\u6548\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
jboss\u5728standalone\u6a21\u5f0f\u4e0b\u7684\u914d\u7f6e\u6587\u4ef6\u662f\u5728\/standalone\/configuration\/sta […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1506","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"http:\/\/blog.sway.com.cn\/index.php?rest_route=\/wp\/v2\/posts\/1506","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/blog.sway.com.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.sway.com.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.sway.com.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.sway.com.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1506"}],"version-history":[{"count":3,"href":"http:\/\/blog.sway.com.cn\/index.php?rest_route=\/wp\/v2\/posts\/1506\/revisions"}],"predecessor-version":[{"id":1509,"href":"http:\/\/blog.sway.com.cn\/index.php?rest_route=\/wp\/v2\/posts\/1506\/revisions\/1509"}],"wp:attachment":[{"href":"http:\/\/blog.sway.com.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1506"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.sway.com.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1506"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.sway.com.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1506"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}