Merge branch 'feature/tls' into develop

.gitignore

@@ -42,3 +42,5 @@ proguard/
 *.ear%
 
 .DS_Store
+/websocketClient/src/main/resources/localhost.der
+/websocketClient/src/main/resources/mycert-pub.jks

README.md

@@ -14,8 +14,9 @@
       http://localhost:8080/restApp/sample/persons
    6. curl http://localhost:8080/restApp-1.0-SNAPSHOT/resources/sample/persons/843c8236-6c6b-450e-9aa3-211a9b897403
    7. curl -H "Accept: text/xml" http://localhost:8080/restApp-1.0-SNAPSHOT/resources/sample/persons
+
 ## Import "real" certificate
 
-  openssl x509 -outform der -in localhost.pem -out localhost.der
+  openssl s_client -showcerts -servername localhost -connect localhost:8181 </dev/null | openssl x509 -outform DER > localhost.der
   keytool -import -noprompt -trustcacerts -storepass storepass -alias localhost -keystore mycert-pub.jks -file localhost.der
 

docker-compose.yml

@@ -23,6 +23,13 @@ services:
         H2_OPTIONS: '-ifNotExists -webAllowOthers -tcpAllowOthers -pgAllowOthers -ifNotExists'
     volumes:
       - h2data:/h2-data
-
+  reverse-proxy:
+    environment:
+      - NGINX_HOST=localhost
+    build: docker/nginx
+    volumes:
+      - ./docker/nginx/nginx.conf:/etc/nginx/nginx.conf
+    ports:
+      - "8888:443"
 volumes:
   h2data:
\ No newline at end of file

docker/nginx/Dockerfile

+FROM nginx:1.20.2-alpine
+RUN apk add openssl
+RUN openssl req -x509 -nodes \
+    -days 365 \
+    -subj "/C=CA/ST=QC/O=Company, Inc./CN=localhost" \
+    -addext "subjectAltName=DNS:localhost" \
+    -newkey rsa:2048 \
+    -keyout /etc/ssl/private/nginx-selfsigned.key \
+    -out /etc/ssl/certs/nginx-selfsigned.crt;
\ No newline at end of file

docker/nginx/nginx.conf

+events {
+
+}
+
+http {
+  server {
+    listen 80;
+
+    listen 443 ssl;
+    ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
+    ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
+
+    location /wsapp/ {
+        proxy_pass http://jakartaEE:8686;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+    }
+
+    location / {
+      proxy_pass http://jakartaEE:8080;
+    }
+  }
+}
\ No newline at end of file

jee/wsApp/src/main/java/fr/univtln/bruno/samples/jee91/ws/WSServer.java

@@ -24,6 +24,7 @@ public class WSServer {
     @SpokenLanguage(SpokenLanguage.Language.ENGLISH)
     Hello hello;
 
+
     @Inject
     MainDAO dao1;
 
@@ -36,8 +37,8 @@ public class WSServer {
     }
 
     @OnMessage
-    public void onMessage(Session session,
-                          String message) throws IOException {
+    public void onMessage(String message, Session session
+    ) throws IOException {
         session.getBasicRemote().sendText("Echo :" + message);
     }
 }

websocketClient/src/main/java/fr/univtln/bruno/samples/jee91/wsclient/WsClient.java

@@ -41,7 +41,7 @@ public class WsClient {
     public static void main(String[] args) {
         try {
 
-            final WsClient clientEndPoint = new WsClient(new URI("ws://localhost:8686/wsApp/hellows"));
+            final WsClient clientEndPoint = new WsClient(new URI("wss://localhost:8181/wsApp/hellows"));
             clientEndPoint.sendMessage("Hello 1 !");
             Thread.sleep(5000);
             clientEndPoint.sendMessage("Hello 2 !");

websocketClient/src/main/resources/updateKeystore.sh

+#!/bin/bash
+openssl s_client -showcerts -servername localhost -connect localhost:8181 </dev/null | openssl x509 -outform DER > localhost.der
+keytool -import -noprompt -trustcacerts -storepass storepass -alias localhost -keystore mycert-pub.jks -file localhost.der