So here is what I did to get SSL to work with Jetty.
1) Generate a certificate with the JDK keytool:
$JAVA_HOME/bin/keytool -keystore keystore -alias jetty -genkey -keyalg RSA
It will put the keystore file in the $JAVA_HOME/bin directory, but certainly
you can move it to anywhere on the server that you wish.
2) Change security.xml in src/main/webapp/WEB-INF:
Change the line that reads like this:
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
to this:
/**=httpSessionContextIntegrationFilter,channelProcessingFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
Next, search for the property forceHttps and if it's set to false change it
to true.
Finally, search for "/**=REQUIRES_INSECURE_CHANNEL" and change it to
"/**=REQUIRES_SECURE_CHANNEL".
3) Change the Jetty plugin element in pom.xml to read like so (adding the
section after "</scanTargets>"):
<connectors>
<connector
implementation="org.mortbay.jetty.security.SslSocketConnector">
<port>8443</port>
<maxIdleTime>30000</maxIdleTime>
<keystore>PATH TO YOUR KEYSTORE</keystore>
<password>KEYSTORE PASSWORD</password>
<keyPassword>KEYSTORE PASSWORD</keyPassword>
<truststore>PATH TO YOUR KEYSTORE</truststore>
<trustPassword>KEYSTORE PASSWORD</trustPassword>
</connector>
</connectors>
4) Restart the server and you should be good. Go to http://localhost:8443
and verify that the padlock icon shows up in your browser of choice.
Currently, I have it set to be SSL on every page, but that can be changed.
Hope that helps,
Matt
mraible wrote:
>
> AppFuse shouldn't need anything special for SSL. I've configured
> Tomcat with SSL before, but not Jetty. Sorry I can't be of more
> assistance. Please post your findings if you figure out how to do it.
>
> Matt
>
> On 7/5/07, mbrz2477 <[EMAIL PROTECTED]> wrote:
>>
>> Any ideas guys?
>>
>>
>> mbrz2477 wrote:
>> >
>> > I'm wondering if there is a good site out there that describes how to
>> > setup SSL with Appfuse/Jetty. I found this link through Google:
>> > http://docs.codehaus.org/display/JETTY/How+to+configure+SSL, but I'm
>> > unsure as to which file I should be editing in Step 4 or if there are
>> any
>> > special configurations needed with Appfuse.
>> >
>> > Thanks,
>> > Matt
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Appfuse-Jetty-SSL-configuration-tf4019140s2369.html#a11447489
>> Sent from the AppFuse - User mailing list archive at Nabble.com.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>
>
> --
> http://raibledesigns.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Appfuse-Jetty-SSL-configuration-tf4019140s2369.html#a11483664
Sent from the AppFuse - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
