<<上篇 | 首页 | 下篇>>

Yale CAS 证书以及Tomcat下配置

Yale CAS证书以及Tomcat下配置

cas server端:
keytool -genkey -alias tomcat -keyalg RSA  //默认生成.keystore
keytool -export -file server.crt -alias tomcat  //生成证书server.crt

 

cas client端://导入证书server.crt到JVM客户端
keytool -import -keystore $JAVA_HOME\jre\lib\security\cacerts -file server.crt -alias tomcat

 


服务器端:
keytool -genkey -alias tomcat -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore -validity 3600 //CN(用户名)输入机器名或域名
keytool -export -trustcacerts -alias tomcat -file server.cer -keystore  server.keystore -storepass changeit
server.xml:
    <Connector port="8443" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
        keystoreFile="F:\server.keystore"
               keystorePass="changeit" />


客户端://将证书导入客户端的JRE里ca证书
keytool -import -trustcacerts -alias tomcat -file server.cer -keystore  $JAVA_HOME/jre/lib/security/cacerts -storepass changeit

客户端web.xml
   <filter-name>CAS Filter</filter-name>
   <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
     <init-param>
        <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
        <param-value>https://dell:8443/cas/login</param-value><!--可以是ip地址-->
     </init-param>
     <init-param>
        <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
        <param-value>https://dell:8443/cas/serviceValidate</param-value><!--cas服务器端,必须是机器名或域名-->
     </init-param>
     <init-param>
        <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
        <param-value>10.200.26.65:8080</param-value><!--cas客户端-->
     </init-param>
  </filter>

标签 :
发表评论 RSS feed for responses to this blog entry
IT瘾于2009年8月28日 下午05时48分10秒发布 #

使用Apache做负载均衡和Web服务器

使用Apache做负载均衡和Web服务器,并启用deflate,gzip压缩。配置httpd.conf如下:


LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so

 LoadModule deflate_module modules/mod_deflate.so

 LoadModule headers_module modules/mod_headers.so


<VirtualHost 10.150.152.102:80>

  ServerName 10.150.152.102

  DocumentRoot C:/

 

  ProxyPass /pfsys/images/ !
  ProxyPass /pfsys/styles/ !
  ProxyPass /pfsys/scripts/ !

  ProxyPass /psmis/images/ !
  ProxyPass /psmis/styles/ !
  ProxyPass /psmis/scripts/ !

  #ProxyPass / balancer://libraryfind/
  #ProxyPassReverse / balancer://libraryfind/
 
  ProxyPass /pfsys balancer://libraryfind/pfsys stickysession=JSESSIONID|jsessionid nofailover=On
  ProxyPassReverse /pfsys balancer://libraryfind/pfsys
  ProxyPass /psmis balancer://psmis/psmis stickysession=JSESSIONID|jsessionid nofailover=On
  ProxyPassReverse /psmis balancer://psmis/psmis
 
   #ProxyPreserveHost On

 AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript

  <Proxy balancer://libraryfind>
     BalancerMember http://10.150.152.102:7001
     #BalancerMember http://10.150.152.102:9001
  </Proxy>
 
 
  <Proxy balancer://psmis>
     BalancerMember http://10.150.152.102:9001
  </Proxy>

  <Directory "C:/">
     Options +FollowSymlinks +ExecCGI
     AllowOverride All
     Order allow,deny
     Allow from all
  </Directory>

  ErrorDocument 500 "<h2>Application error</h2>Rails application failed to start properly"
  ErrorDocument 502 "<h2>Application error</h2>Unable to talk to back-end service"

#SetEnv force-proxy-request-1.0 1
#SetEnv proxy-nokeepalive 1
</VirtualHost>

另一个参考:

 

 

<VirtualHost 192.168.0.107:8080>
  ServerName 192.168.0.107
  DocumentRoot D:/

  ProxyPass /payCardSys/images/ !
  ProxyPass /payCardSys/styles/ !
  ProxyPass /payCardSys/scripts/ !

  ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid scolonpathdelim=On
   #ProxyPreserveHost On
 <Proxy balancer://mycluster>
 BalancerMember http://127.0.0.1:7011 route=node1
 BalancerMember http://127.0.0.1:7012 route=node2
 </Proxy>
  
  <Directory "D:/">
     Options +FollowSymlinks +ExecCGI
     AllowOverride All
     Order allow,deny
     Allow from all
  </Directory>

  ErrorDocument 500 "<h2>Application error</h2>Rails application failed to start properly"
  ErrorDocument 502 "<h2>Application error</h2>Unable to talk to back-end service"

#SetEnv force-proxy-request-1.0 1
#SetEnv proxy-nokeepalive 1
</VirtualHost>

 

 

再附一个参考:

 

Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED

 

<VirtualHost 172.20.12.145:8080>

 

  ServerName 172.20.12.145

 

  DocumentRoot D:/

 

AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript 

 

  ProxyPass /baseSys/images/ !

  ProxyPass /baseSys/styles/ !

  ProxyPass /baseSys/scripts/ !

 

   <Proxy balancer://libraryfind>

     BalancerMember http://172.20.12.145:80 route=app1

     BalancerMember http://172.20.37.249:8080 route=app2

  </Proxy>

  

  ProxyPass /baseSys balancer://libraryfind/baseSys  lbmethod=byrequests  stickysession=ROUTEID nofailover=Off

  ProxyPassReverse /baseSys balancer://libraryfind/baseSys

 

   #ProxyPreserveHost On

 

   <Directory "D:/">

     Options +FollowSymlinks +ExecCGI

     AllowOverride All

     Order allow,deny

     Allow from all

  </Directory>

 

  ErrorDocument 500 "<h2>Application error</h2>Rails application failed to start properly"

  ErrorDocument 502 "<h2>Application error</h2>Unable to talk to back-end service"

 

#SetEnv force-proxy-request-1.0 1

#SetEnv proxy-nokeepalive 1

</VirtualHost>

 

 

 例子:

 <VirtualHost 172.20.13.139:80>

Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED

ProxyPass /req/download/ !

<Proxy balancer://mycluster>

BalancerMember http://172.20.13.139:7003 route=1

BalancerMember http://172.20.13.139:7004 route=2

ProxySet stickysession=ROUTEID

</Proxy>

ProxyPass / balancer://mycluster/

ProxyPassReverse / balancer://mycluster/

 

DocumentRoot D:/req

<Directory "D:/req">

     Options +FollowSymlinks +ExecCGI

     AllowOverride All

     Order allow,deny

     Allow from all

</Directory>

</VirtualHost>

 
标签 : ,
发表评论 RSS feed for responses to this blog entry
IT瘾于2009年8月27日 下午09时52分28秒发布 #

使用Spring的TaskExecutor的线程池执行异步操作

Using a TaskExecutor

使用Spring的TaskExecutor的线程池执行异步操作

Spring's TaskExecutor implementations are used as simple JavaBeans. In the example below, we define a bean that uses the ThreadPoolTaskExecutor to asynchronously print out a set of messages.

import org.springframework.core.task.TaskExecutor;

public class TaskExecutorExample {

  private class MessagePrinterTask implements Runnable {

    private String message;

    public MessagePrinterTask(String message) {
      this.message = message;
    }

    public void run() {
      System.out.println(message);
    }

  }

  private TaskExecutor taskExecutor;

  public TaskExecutorExample(TaskExecutor taskExecutor) {
    this.taskExecutor = taskExecutor;
  }

  public void printMessages() {
    for(int i = 0; i < 25; i++) {
      taskExecutor.execute(new MessagePrinterTask("Message" + i));
    }
  }
}

As you can see, rather than retrieving a thread from the pool and executing yourself, you add your Runnable to the queue and the TaskExecutor uses its internal rules to decide when the task gets executed.

To configure the rules that the TaskExecutor will use, simple bean properties have been exposed.

<bean id="taskExecutor" class="org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor">
  <property name="corePoolSize" value="5" />
  <property name="maxPoolSize" value="10" />
  <property name="queueCapacity" value="25" />
</bean>

<bean id="taskExecutorExample" class="TaskExecutorExample">
  <constructor-arg ref="taskExecutor" />
</bean>
标签 : ,
发表评论 RSS feed for responses to this blog entry
IT瘾于2009年8月2日 上午10时43分49秒发布 #