This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git
The following commit(s) were added to refs/heads/master by this push:
new db2f476807 TOMEE-3925 - Fix Websocket TLS Basic Auth
db2f476807 is described below
commit db2f476807d6aa9172357946144edda5ee7c3b87
Author: Richard Zowalla <[email protected]>
AuthorDate: Mon Apr 25 19:32:33 2022 +0200
TOMEE-3925 - Fix Websocket TLS Basic Auth
---
examples/websocket-tls-basic-auth/README.adoc | 11 ++++----
examples/websocket-tls-basic-auth/README_pt.adoc | 11 ++++----
examples/websocket-tls-basic-auth/pom.xml | 10 ++++----
.../src/main/conf/keystore.jks | Bin 3734 -> 2744 bytes
.../src/main/conf/server.crt | 21 ++++++++++++++++
.../src/main/conf/server.key | 28 +++++++++++++++++++++
.../src/main/conf/server.xml | 15 +++++++----
.../src/main/conf/snippets.sh | 8 ++++++
8 files changed, 84 insertions(+), 20 deletions(-)
diff --git a/examples/websocket-tls-basic-auth/README.adoc
b/examples/websocket-tls-basic-auth/README.adoc
index 63d1b2d698..18dc0bc528 100644
--- a/examples/websocket-tls-basic-auth/README.adoc
+++ b/examples/websocket-tls-basic-auth/README.adoc
@@ -1,12 +1,13 @@
-:index-group: Unrevised :jbake-type: page :jbake-status:
-status=published = Websocket TLS Basic Auth
+:index-group: Websocket TLS Basic Auth
+:jbake-type: page
+:jbake-status: status=published
-== websocket-tls-basic-auth
+= Websocket TLS Basic Auth
Websocket example project using SSL and basic authentication.
-This was originally created for TomEE 8.0.0. using Jave EE 8 and Websocket
-API 1.1.
+This was originally created for TomEE 9 using Jakarta EE 9 and Websocket
+API 2.0.
The example was created with a server to server typo of connection in
mind. For Browser to server connections, you will need to refer to your
diff --git a/examples/websocket-tls-basic-auth/README_pt.adoc
b/examples/websocket-tls-basic-auth/README_pt.adoc
index 5e8c08f66c..17a8711fb5 100644
--- a/examples/websocket-tls-basic-auth/README_pt.adoc
+++ b/examples/websocket-tls-basic-auth/README_pt.adoc
@@ -1,12 +1,13 @@
-:index-group: Unrevised :jbake-type: page :jbake-status:
-status=published = Websocket TLS Basic Auth
+:index-group: Websocket TLS Basic Auth
+:jbake-type: page
+:jbake-status: status=published
-== websocket-tls-basic-auth
+= Websocket TLS Basic Auth
Projeto de exemplo de Websocket usando SSL e autenticação básica.
-Isto foi originalmente criado para o TomEE 8.0.0. usando o Java EE 8 e o
Websocket
-API 1.1.
+Isto foi originalmente criado para o TomEE 9. usando o Jakarta EE 9 e o
Websocket
+API 2.0.
O exemplo foi criado com um servidor para o tipo de conexão do servidor em
mente.
Para conexões do navegador ao servidor, você precisará consultar um
diff --git a/examples/websocket-tls-basic-auth/pom.xml
b/examples/websocket-tls-basic-auth/pom.xml
index 186199fea0..00a0de66ba 100644
--- a/examples/websocket-tls-basic-auth/pom.xml
+++ b/examples/websocket-tls-basic-auth/pom.xml
@@ -26,9 +26,9 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<jakartaee-api.version>9.1-M2-SNAPSHOT</jakartaee-api.version>
- <javax.websocket-api.version>1.1</javax.websocket-api.version>
+ <jakarta.websocket-api.version>2.0.0</jakarta.websocket-api.version>
<tomee.classifier>webprofile</tomee.classifier>
- <tomcat.version>9.0.12</tomcat.version>
+ <tomcat.version>10.0.20</tomcat.version>
<junit.version>4.13.2</junit.version>
</properties>
<dependencies>
@@ -51,9 +51,9 @@
<scope>provided</scope>
</dependency>
<dependency>
- <groupId>javax.websocket</groupId>
- <artifactId>javax.websocket-api</artifactId>
- <version>${javax.websocket-api.version}</version>
+ <groupId>jakarta.websocket</groupId>
+ <artifactId>jakarta.websocket-api</artifactId>
+ <version>${jakarta.websocket-api.version}</version>
<scope>provided</scope>
</dependency>
<!--tests-->
diff --git a/examples/websocket-tls-basic-auth/src/main/conf/keystore.jks
b/examples/websocket-tls-basic-auth/src/main/conf/keystore.jks
index 91c6a20965..3781bbbca5 100644
Binary files a/examples/websocket-tls-basic-auth/src/main/conf/keystore.jks and
b/examples/websocket-tls-basic-auth/src/main/conf/keystore.jks differ
diff --git a/examples/websocket-tls-basic-auth/src/main/conf/server.crt
b/examples/websocket-tls-basic-auth/src/main/conf/server.crt
new file mode 100644
index 0000000000..52a80bf902
--- /dev/null
+++ b/examples/websocket-tls-basic-auth/src/main/conf/server.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDgjCCAmqgAwIBAgIJAOa3wxkcmJQBMA0GCSqGSIb3DQEBCwUAMG4xEDAOBgNV
+BAYTB1Vua25vd24xEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24x
+EDAOBgNVBAoTB1Vua25vd24xEDAOBgNVBAsTB1Vua25vd24xEjAQBgNVBAMTCWxv
+Y2FsaG9zdDAgFw0yMjA0MjUxNzIzMjdaGA8yMTIwMTExNzE3MjMyN1owbjEQMA4G
+A1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93
+bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjESMBAGA1UEAxMJ
+bG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN1pG4tD
+HLqYLRNfsrW0S0Qlhj7SR4FQBp8YEiNdjT2UXGPNRWGM3PLsZnWf07qi3vG+I40A
+Q5In0eXMu+EgiONYPRukd6vKH+CefnNeJkLtF/wTVjIKCj4oTeJz1zyAeqzfM05Y
+ynUQquhalcKl/CegrjqsQQOM1gqN1APCrXamcS2X2EA0XKo2vFagUTXQWNf2rXvK
+MhgsotBOIc/eQYRPATJxhB9o1TmtMUFOVCbMn6Ji5kloiGZRKcCM9Gy4YW5Dmofh
+PN1IzW74RlGsgoKEs+GZUUmHefDsevhxnwb+rFsfbvpTZT9ualpA+xkAwedquDET
+6fntpVN0iI4UMwIDAQABoyEwHzAdBgNVHQ4EFgQUqgJuByY0lcvjMsKwNYWs7NH7
+3TQwDQYJKoZIhvcNAQELBQADggEBADUgVyPPKtnYI3JhiNay2ojmQ6M7/qHx7D38
+vntMgODoL+3ELE+nSS6rOH2MxnIdVYI7oLivQKp8FmiC/1bFoWzyTtJU+MdycOhO
+q5c747Ar4CUAcbCGnOmer1ODjVo3k3CV8evOE8U/mlws678HWA5eydXQJk3Yj2GW
+om8yo6j3BgKOq5OYacPrDJcrI6QOEIWnOrio7zmnzgdMb1QeZUQgjPw4xsmOtbOt
+um866YaAFfqVxnbISOKdpReO45M+63QnjvhLC/XuotjQv1zDeQmccuTx6bNO08bV
+NpEVeC/2Rd3OfyH2twGdwnL8Sl0yJmbL4F9CR5FlXhEn13sD6Ns=
+-----END CERTIFICATE-----
diff --git a/examples/websocket-tls-basic-auth/src/main/conf/server.key
b/examples/websocket-tls-basic-auth/src/main/conf/server.key
new file mode 100644
index 0000000000..659ede113f
--- /dev/null
+++ b/examples/websocket-tls-basic-auth/src/main/conf/server.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCg3Wkbi0Mcupgt
+E1+ytbRLRCWGPtJHgVAGnxgSI12NPZRcY81FYYzc8uxmdZ/TuqLe8b4jjQBDkifR
+5cy74SCI41g9G6R3q8of4J5+c14mQu0X/BNWMgoKPihN4nPXPIB6rN8zTljKdRCq
+6FqVwqX8J6CuOqxBA4zWCo3UA8KtdqZxLZfYQDRcqja8VqBRNdBY1/ate8oyGCyi
+0E4hz95BhE8BMnGEH2jVOa0xQU5UJsyfomLmSWiIZlEpwIz0bLhhbkOah+E83UjN
+bvhGUayCgoSz4ZlRSYd58Ox6+HGfBv6sWx9u+lNlP25qWkD7GQDB52q4MRPp+e2l
+U3SIjhQzAgMBAAECggEAI1kj3JKYd7qk79q+/6Uf7h4WZM5vJJlMvXe+MVYmG4A5
+lqezlphd/LtAqS8VpM/xNC5IysUUFsUKDPyDJZHNtWbHn/3wAP/11VVlXoH5YUz5
+jniswxcRz7hi4OJu9A/uZ4aPMVX4+twIgpW2Ogxgru0CSObJrSubifkdu0XsRHNh
+hwYl8wwHIIJPn4AbifAi7EMLYIqFkX85nJ2khHEdtKzIWIUo3QHO2OzwZV2wr57C
+p4TkaNSl6m9lAdWHNvVOuYXyFs+vHV7JPz5B/Ui3wzBI63zfrPycgkLgx8qKF3vw
+EF6w0h0txr60KeYTfULUx60bpa6KhBEqTXkaloQbeQKBgQDeU5hhUWwRMYFibXtv
+ECifF7zUMrAqfEcIBExNmKhLIIPyD7CcBMGl0CadgzZOSyeGTZiCDFCi7z8hP53x
+vopJi/fvXyh9EAOnHNJWRfLBWLz9IO3IkFrgRRFGQtjVVLUROvMlKiQ4i2ituoQA
+uukdefHDPoVWDsgSFepOJTWUZwKBgQC5OrlxKwNiY+T5Ung6zJ72aClhTzD72ICv
+OcoKD/8GF/HJMniwpM87aEV4RYh73GxmZvOtO7lU9u/FEtDwosrHKyIcVDpvaLSc
+IBRfGUNdOBlBUz60glqMRv+zHPSKPyfk3oXf1rFhaEqjvGaSY+BtClABsemZuTYw
+RZhmH60CVQKBgQC67+1DftPwDQEugsHz29FcG/iBL/Gid4a+Pebuo/p12Ow432pv
+dSxiQIgHjyldYaHlMl+WkcZHigU57qTefIkIWDFry0ZfCdUYcYqGUiBQ5E1cRZDK
+QF65Djn9Kv3pOmVZDIkfabS0+rtUwGx3tLGIQF3A/lPczWb6lgTCGlVX5wKBgDDZ
+r/aMpYPZXJX0jgjT1kieB+vF+uEwpB+SWhp1RYjR3850JShRDuZYBZpGnEwuQdhv
+5mwViDdEOM/8umX8SQZl9cUK4a5oKtnSDA1YmE+Jb/+ueKcaic7dGqqeRFABf//4
+P85czMMnwieUlGifNp0LTzZjOXx1QDlS4XJtgC9RAoGBAJmQBxcg8X45TSQ7jmq+
+zkhPO1eVDHeLJL2uBNuNcq1CdnPYAAQGoeB/2GpzHNVsKzWeDx6UapJE3rwxzzlw
+15U/JGLTFJrFmDwmHPAwseCcur6sbHKYjfnrWYSv39fPdUfkDAe83/uF4oWEWZgv
+OEESIKcW2jWI2RlURCI6I6f9
+-----END PRIVATE KEY-----
diff --git a/examples/websocket-tls-basic-auth/src/main/conf/server.xml
b/examples/websocket-tls-basic-auth/src/main/conf/server.xml
index 60807cdeb0..093c1b96a7 100644
--- a/examples/websocket-tls-basic-auth/src/main/conf/server.xml
+++ b/examples/websocket-tls-basic-auth/src/main/conf/server.xml
@@ -86,12 +86,17 @@
Either JSSE or OpenSSL style configuration may be used regardless of
the SSLImplementation selected. JSSE style configuration is used
below.
-->
- <Connector port="8443" protocol="HTTP/1.1"
+ <Connector port="8443" protocol="HTTP/1.1"
SSLEnabled="true" URIEncoding="UTF-8"
maxThreads="250" scheme="https" secure="true"
- keystoreFile="conf/keystore.jks"
- keystorePass="123456" keyAlias="tomcat"
- clientAuth="false" sslProtocol="TLSv1.2" />
+ defaultSSLHostConfigName="localhost">
+ <SSLHostConfig hostName="localhost"
+ protocols="TLSv1.2">
+ <Certificate certificateFile="conf/server.crt"
+ certificateKeyFile="conf/server.key"
+ />
+ </SSLHostConfig>
+ </Connector>
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
This connector uses the APR/native implementation which always uses
OpenSSL for TLS.
@@ -112,7 +117,7 @@
-->
<!-- Define an AJP 1.3 Connector on port 8009 -->
- <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
+ <!-- <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />-->
<!-- An Engine represents the entry point (within Catalina) that processes
diff --git a/examples/websocket-tls-basic-auth/src/main/conf/snippets.sh
b/examples/websocket-tls-basic-auth/src/main/conf/snippets.sh
new file mode 100644
index 0000000000..394faaec76
--- /dev/null
+++ b/examples/websocket-tls-basic-auth/src/main/conf/snippets.sh
@@ -0,0 +1,8 @@
+# Generate self-signed certifacte store
+keytool -genkey -alias tomcat -keyalg RSA -keystore keystore.jks -validity
36000
+
+# Extract CERT
+openssl pkcs12 -info -nodes -in keystore.jks -nokeys 2>&1| sed -ne '/-BEGIN
CERTIFICATE-/,/-END CERTIFICATE-/p' > server.crt
+
+# Extract Key
+openssl pkcs12 -info -nodes -in keystore.jks -nocerts 2>&1| sed -ne '/-BEGIN
PRIVATE KEY-/,/-END PRIVATE KEY-/p' > server.key
\ No newline at end of file
