Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I've been able to get an existing application mostly working under Quarkus. The original application uses Undertow and RESTEasy and all endpoints use mutual TLS. Working with Undertow directly, it's relatively straightforward to get mTLS working. But doing the same is Quarkus is not so obvious.
I'm intrigued by what Quarkus is doing, but it seems to lack lower-level access to some of the internals for situations like mTLS and likely other scenarios. Is this type of configuration workable today, is it planned, or is that type of use case not part of the Quarkus charter? Part of me feels like creating a custom Undertow extension, but it would be a lot simpler to simply extend the existing extension. Any pointers are greatly appreciated.
I'm just trying to figure this out, too, and while this isn't mentioned in any Quarkus guide, the configuration options are there:
https://quarkus.io/guides/all-config#quarkus-vertx-http_quarkus.http.ssl.certificate.trust-store-file
https://quarkus.io/guides/all-config#quarkus-vertx-http_quarkus.http.ssl.certificate.trust-store-password
https://quarkus.io/guides/all-config#quarkus-vertx-http_quarkus.http.ssl.client-auth
I implemented a quickstart sample around Mutual TLS with Quarkus.
On server side, the properties to enable are:
SSL configuration
quarkus.ssl.native=true
quarkus.http.ssl.certificate.key-store-file=...
quarkus.http.ssl.certificate.key-store-password=...
Truststore configuration to validate the Client certificate
quarkus.http.ssl.certificate.trust-store-file=...
quarkus.http.ssl.certificate.trust-store-password=...
Activate client configuration
quarkus.http.ssl.client-auth=required
On client side, because Quarkus uses MicroProfile Rest specification, you need to define the following properties:
Server endpoint
org.acme.restclient.tck.GreetingService/mp-rest/url=...
Truststore configuration
org.acme.restclient.tck.GreetingService/mp-rest/trustStore=...
org.acme.restclient.tck.GreetingService/mp-rest/trustStorePassword=...
Client certificate
org.acme.restclient.tck.GreetingService/mp-rest/keyStore=...
org.acme.restclient.tck.GreetingService/mp-rest/keyStorePassword=...
You can find everything on https://github.com/openlab-red/quarkus-mtls-quickstart
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 months ago.
Improve this question
I am trying to deploy my full stack application comprising of react and spring boot but I am not sure what the best approach is. I could either package the react files with in the spring boot jar but I am not sure if that has any implications with respect to security or even performance?
Another option which in my head sounds better is to host the frontend (react) and the backend(springboot) on two different domains but an issue I am facing with that is CORS issue. When running it locally everything was good but as soon I deploy them on two different domains there seems to be a CORS issue?
Any advice would be much appreciated...
If there is a cors issue then add a cors middleware handler on the springboot side to allow the domain
If the devs for react and spring sides are different then deploy them separately. If 1 team is doing both then deploy it together
Put it/them in a docker container and deploy it on a VPS with Digitalocean
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
I use the corda platform and want to use the glassfish server, tell me how to organize the interaction of the corda node and the GlassFish java web server?
Take a look at the Spring Webserver example here for an example of a Spring Boot webserver that interacts with a Corda node. The design will be similar for a GlassFish webserver.
Communicating with the node:
The key file is https://github.com/corda/samples/blob/release-V3/spring-webserver/src/main/kotlin/net/corda/server/NodeRPCConnection.kt. Here, we create a long-lived CordaRPCClient instance. The webserver's controllers use this client to send messages to and from the node, as shown here: https://github.com/corda/samples/blob/release-V3/spring-webserver/src/main/kotlin/net/corda/server/controllers/StandardController.kt.
Dependencies:
The webserver requires dependencies on Corda itself (for the core classes and the RPC client classes). See https://github.com/corda/samples/blob/release-V3/spring-webserver/build.gradle#L47. The webserver will also require dependencies on any CorDapps that contain classes that will be used by the controllers. For example, if you have a controller with an endpoint that extracts IOUStates from the vault, then the IOUCorDapp will be a dependency of your webserver.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I am new to Webservices. We got WSDL files and we need to call its web service using IBM port lets. Someone plz help me on this.
First you need to know to basic idea behind Web Services and how it works:
A short introduction to Web Services
Then, you need to generate Java classes from the given WSDL file:
Creating Java Classes from WSDL file using Apache Axis 2
Generating Java code from a WSDL document
Note: The reference given using Apache Axis 2. There are others ways to do the same task this one of them.
Also, you need to deal with Certificates issue. I can not tell much about it. Since, it depends on your case.
Now you can work with your Java application, where you need to establish SSL connection, send requests and receive response from the Server you are requesting services form it.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
I'm currently working on implementing enterprise authentication mechanisms in our Java web-application, including single sign-on. Windows networks are what we primary target at, and Kerberos sounds a reasonable choice. Sidenote: as far as I understand, the protocol used in web (HTTP) environment to SSO is SPNEGO, and it's basically a wrapper around Kerberos. Thus it sounds that Kerberos HTTP SSO libraries in fact are using SPNEGO -- correct me if I'm wrong.
As I started investigating this topic, I realized that there's no obvious choice. Let me list those:
Spring security Kerberos/SPNEGO extension. This was the first I looked at (as we are already using Spring security), but it seems to be stuck at v1.0.0 second milestone few years ago. Only this SO question gives slight hope it could be used for production.
WAFFLE - Windows Authentication Functional Framework. Seems to be active and feature-rich. It can be 'plugged' as generic servlet, and also as a Spring security filter.
SPNEGO SourceForge. Seems very lightweight, provides HTTP Servlet filter, tutorials are easy to follow.
Are there any particular reasons to choose one option over the other? Are there any other options around?
First of all, your assumption is correct. You need SPNEGO to perform SSO with HTTP.
This can reasonably used in Spring only. If you have it, got for it. We are using it for more that two years. Does its job.
This works on Windows only.
Uses the same JGSS as the Spring stuff but is framework agnostic. This seems to work very well.
If you are using Tomcat 7, there is already built-in support. I have donated appropriate code. You should speficy what you exactly expect. If you have no expectations but the authentication use either 3 or 1 with Spring.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I want to create web proxy . I googled it and even found some tutorial but those were in PHP.
If somebody is having tutorial of web proxy creation in java then please post it here Or simply let me know what approach should i follow to create web proxy. [ i will be using Tomcat { if that matters for your answer } ]
Thanks
Edit
i guess i was not clear in stating what i require. Actually i am trying to develop a site like 'http://proxyug.com/' .
JSocks is a SOCKS proxy server written in Java.
http://jsocks.sourceforge.net/
Have you tried Java Proxy servlet. It's web proxy such as php or glype, but written in java as a servlet
This is simply the method you'd use to create a proxy server. Not sure exactly why you refer to doing it 'in java' but based on the information below you'll just need to configure the appropriate settings for mod_proxy and would probably be better off asking this question on ServerFault:
From The Apache Tomcat 5.5 Servlet/JSP Container
Proxy Support HOW-TO
Apache 1.3 supports an optional module
(mod_proxy) that configures the web
server to act as a proxy server. This
can be used to forward requests for a
particular web application to a Tomcat
5 instance, without having to
configure a web connector such as
mod_jk.
http://tomcat.apache.org/tomcat-5.5-doc/proxy-howto.html