我们有一个具有以下技术的Web应用程序:Java,SpringBoot,Docker,微服务,Jhipster。前端容器的端口号是80。
我正在尝试为前端微服务禁用保持活动选项,因为SSO身份验证服务器要求将此参数设置为false。
我试图用maven创建前端容器:mvn -Pqpm,no-liquibase -Dhttp.keepAlive=false clean verify jib:dockerBuild
我也试图在前端容器的pom.xml中禁用它:
<http.keepAlive>false</http.keepAlive>
<https.keepAlive>false</https.keepAlive>
但是当我发送http请求时,keep-alive选项保持启用状态:
Connecting to qwerty.xyz|10.10.219.200|:80... connected.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
Date: Mon, 06 Apr 2020 21:14:50 GMT
Server: Apache
Last-Modified: Fri, 21 Oct 2016 08:42:15 GMT
ETag: "4107-84-53f5c04e1c7c0"
Accept-Ranges: bytes
Content-Length: 132
Cache-Control: max-age=0, no-store
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
Length: 132 [text/html]
Saving to: `/dev/null'
0K 100% 15.7M=0s
2020-04-06 23:14:50 (15.7 MB/s) - `/dev/null' saved [132/132]
我的Springboot配置:
<!-- Dependency versions -->
<jhipster-dependencies.version>3.0.1</jhipster-dependencies.version>
<!-- The spring-boot version should match the one managed by
https://mvnrepository.com/artifact/io.github.jhipster/jhipster-dependencies/${jhipster-dependencies.version} -->
<spring-boot.version>2.1.4.RELEASE</spring-boot.version>
您能帮我禁用它吗?
我终于找到了解决方案。我们这样做的方法是实现一个过滤器,并将该过滤器添加到SecurityConfig.config方法。
KeepAliveFilter.java
public class KeepAliveFilter implements Filter {
public void init(final FilterConfig filterConfig) { }
public void destroy() { }
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException {
final HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.setHeader("Connection", "close");
chain.doFilter(request, response);
}
}
SecurityConfiguration.java
private final KeepAliveFilter keepAliveFilter;
public SecurityConfiguration(final KeepAliveFilter keepAliveFilter, ...)
{
this.keepAliveFilter = keepAliveFilter;
...
// other property
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.and()
.addFilterBefore(corsFilter, CsrfFilter.class)
.addFilterBefore(keepAliveFilter, CsrfFilter.class)
;
}