Hello Phil,
this is not directly related to Jersey - it just "sits" in some
container and waits for incoming requests handed to it by that container
- it is not relevant if it came as https or http request from Jersey
perspective. What you can do is look into GrizzlyServerFactory, method:
public static HttpServer createHttpServer(
final URI u,
final HttpHandler handler,
final boolean secure,
final SSLEngineConfigurator sslEngineConfigurator
especially this part:
final HttpServer server = new HttpServer();
final NetworkListener listener = new NetworkListener("grizzly",
host, port);
listener.setSecure(secure);
if(sslEngineConfigurator != null) {
listener.setSSLEngineConfig(sslEngineConfigurator);
}
server.addListener(listener);
you should be able to create Grizzly HttpServer with more than one
listener (one for http, other one for https). Your resources will be
then accessible via http and https and its up to client to decide which
one he wants to use. (problem here is that all your resources would be
accessible via http without using any authorization).
Anyway, your usecase is still somehow more complicated than what I've
described and I don't see a way how to achieve it by one Grizzly
instance. You might want to look into Grizzly user guide or ask at
users_at_grizzly.java.net; and please share your solution if you find one,
we might modify GrizzlyServerFactory in Jersey to allow these (more
complex) cases.
Thanks,
Pavel
On 4/19/12 11:54 AM, justphilmusic_at_googlemail.com wrote:
> Hello everybody!
>
> I'm about to run some tests with the "https-clientserver-grizzly"
> Jersey example and I'm struggling with the following use case.
>
> I've got a root resource (similar to the one from the example) that
> should mainly be accessible through HTTPS (with client cert auth
> enabled). But this root resource also contains a sub-resource method
> that should be accessible publicly without client cert auth and plain
> HTTP.
>
> But I don't see a way to accomplish this, because according to the
> server startup code (Server.java in the example) Grizzly's HttpServer
> instance is started with the "secure" flag set to "true". So, there's
> no possibility to tell Jersey that some sub-resources should be not
> secured. You can see the server startup code below.
>
>
> I appreciate all hints regarding the problem!
>
> Thanks in advance,
> Phil
>
>
>
>
>
>
> // Grizzly ssl configuration
> SSLContextConfigurator sslContext = new
> SSLContextConfigurator();
>
> // set up security context
> sslContext.setKeyStoreFile("./keystore_server"); // contains
> server keypair
> sslContext.setKeyStorePass("asdfgh");
> sslContext.setTrustStoreFile("./truststore_server"); //
> contains client certificate
> sslContext.setTrustStorePass("asdfgh");
>
> try {
>
> webServer = GrizzlyServerFactory.createHttpServer(
> getBaseURI(),
> null,
> true,
> new
> SSLEngineConfigurator(sslContext).setClientMode(false).setNeedClientAut
> h(true)
> );
>
> // start Grizzly embedded server //
> System.out.println("Jersey app started. Try out " +
> BASE_URI + "\nHit CTRL + C to stop it...");
> context.deploy(webServer);
> webServer.start();
>
> } catch (Exception ex) {
> System.out.println(ex.getMessage());
> }
>