Tomcat服务器始终压缩为gzip(即使没有Accept-Encoding字段)(Tomcat server is always compressing as gzip (even when Accept-Encoding field is absent))
我最近开始使用Apache Tomcat,我的一项任务是在动态Web内容上启用gzip压缩。 虽然我在网上找到了这个功能的一些实现,但最后我选择按照这里的说明( http://viralpatel.net/blogs/enable-gzip-compression-in-tomcat/ )并添加以下行我的server.xml文件的连接器部分。
compression="on" noCompressionUserAgents="gozilla, traviata" compressionMinSize="2048" compressableMimeType="text/html,text/xml,application/json"
编辑完文件并重新启动服务器后,我开始使用Postman测试我的一个servlet。 我发现大于2048的正确MIME类型的所有内容都被压缩 - 即使我没有发送Accept-Encoding:gzip标头。 我测试了几种方法,包括切换压缩几次,调整compressableMimeType值,以及摆弄compressionMinSize,但尽管我可以告诉这个实现不检查是否已包含Accept-Encoding标头。
虽然我可以相信这可能是一个不必要的功能,因为现代浏览器在2000年开始支持压缩,我想确保我覆盖了我的所有基础。 我假设我在这里遗漏了一些小事,因为我无法在网上找到这个问题的答案。 我已经包含了我的server.xml的副本,我正在运行Apache Tomcat 7.0.65,我会感谢任何和所有的帮助,以确定为什么我似乎无法选择不接收来自我新配置的服务器的压缩响应。
<?xml version='1.0' encoding='utf-8'?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <Server port="8005" shutdown="SHUTDOWN"> <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <Listener className="org.apache.catalina.core.JasperListener" /> <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> <GlobalNamingResources> <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources> <Service name="Catalina"> <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" compression="on" noCompressionUserAgents="gozilla, traviata" compressionMinSize="2048" compressableMimeType="text/html,text/xml" /> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> <Engine name="Catalina" defaultHost="localhost"> <Realm className="org.apache.catalina.realm.LockOutRealm"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> </Realm> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="%h %l %u %t "%r" %s %b" /> </Host> </Engine> </Service> </Server>
I recently started working with Apache Tomcat, and one of my assignments was to enable gzip compression on our dynamic web content. While I found a number of implementations for this feature online, in the end I chose to follow the instructions here (http://viralpatel.net/blogs/enable-gzip-compression-in-tomcat/) and add the following lines to the connector section of my server.xml file.
compression="on" noCompressionUserAgents="gozilla, traviata" compressionMinSize="2048" compressableMimeType="text/html,text/xml,application/json"
Once I edited the file and restarted my server I started testing one of my servlets using Postman. I found that everything of the correct MIME types, larger than 2048, was getting compressed – even when I didn’t send the Accept-Encoding:gzip header. I tested this several ways, including toggling compression a few times, adjusting the compressableMimeType value, and fiddling with the compressionMinSize, but as near as I can tell this implementation is not checking to see if the Accept-Encoding header has been included.
While I can believe this may be an unnecessary feature since modern browsers started supporting compression back in 2000, I wanted to ensure I was covering all of my bases. I am assuming I am missing something trivial here because I haven’t been able to find the answer to this question online. I have included a copy of my server.xml, I am running Apache Tomcat 7.0.65, and I would appreciate any and all help as far as determining why I can’t seem to opt out of receiving compressed responses from my newly configured server.
<?xml version='1.0' encoding='utf-8'?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <Server port="8005" shutdown="SHUTDOWN"> <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <Listener className="org.apache.catalina.core.JasperListener" /> <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> <GlobalNamingResources> <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources> <Service name="Catalina"> <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" compression="on" noCompressionUserAgents="gozilla, traviata" compressionMinSize="2048" compressableMimeType="text/html,text/xml" /> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> <Engine name="Catalina" defaultHost="localhost"> <Realm className="org.apache.catalina.realm.LockOutRealm"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> </Realm> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="%h %l %u %t "%r" %s %b" /> </Host> </Engine> </Service> </Server>
原文:https://stackoverflow.com/questions/35948793
最满意答案
众所周知的InstallCert程序的新版本现在支持多个协议的STARTTLS,包括LDAP。
就像这样运行它:
java -jar installcert-usn-20131123.jar host_name:389
它会将您的证书保存在JRE文件树的
jssecacerts
密钥库文件中,也可以保存在当前目录的extracerts
密钥库文件中。 然后,您可以使用Java keytool将证书导出为其他格式。欢迎您访问我的博客页面另一个InstallCert for Java,现在支持STARTTLS下载和说明。
A new revision of the well-known InstallCert program now supports STARTTLS for several protocols, LDAP included.
Just run it like this:
java -jar installcert-usn-20131123.jar host_name:389
and it will save the certificate for you in the
jssecacerts
keystore file in your JRE file tree, and also in theextracerts
keystore file in your current directory. You can then use Java keytool to export the certificate(s) to other formats.You are welcome to visit my blog page Yet another InstallCert for Java, now with STARTTLS support for download and instructions.
相关问答
更多-
复制-----BEGIN CERTIFICATE-----和-----END CERTIFICATE----- (包括这些分隔符)之间的所有内容并将其粘贴到新的文本文件中(通常使用扩展名.pem或.pem .crt )。 您可以使用您最喜欢的(纯文本)文本编辑器,例如记事本,Gedit,Vim,Emacs(取决于您使用的系统)。 或者,您可以将输出传输到sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' ,如下所述: echo -n | openssl ...
-
蟒蛇+ LDAP + SSL(Python+LDAP+SSL)[2024-01-03]
经过这样的学习后,我自己找到了一个解决方案 ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) l = ldap.initialize("ldaps://ldap:636") l.set_option(ldap.OPT_REFERRALS, 0) l.set_option(ldap.OPT_PROTOCOL_VERSION, 3) l.set_option(ldap.OPT_X_TLS,ldap.OPT_X_TLS_DEMAN ... -
如何使用StartTLS获取LDAP服务器的SSL证书?(How do I get the SSL certificate for an LDAP server using StartTLS?)[2024-01-27]
众所周知的InstallCert程序的新版本现在支持多个协议的STARTTLS,包括LDAP。 就像这样运行它: java -jar installcert-usn-20131123.jar host_name:389 它会将您的证书保存在JRE文件树的jssecacerts密钥库文件中,也可以保存在当前目录的extracerts密钥库文件中。 然后,您可以使用Java keytool将证书导出为其他格式。 欢迎您访问我的博客页面另一个InstallCert for Java,现在支持STARTTLS下载 ... -
我使用com.sun.mail:javax.mail:1.5.5和(根)证书从(非标准的)pfx文件加载的SMTP连接(不是IMAP)。 Session.getInstance(props)的属性是按以下方式构建的(另请参阅此处和此处的API-docs,我认为您可以使用imap替换大多数属性的smtp ): “mail.transport.protocol”,“smtp” “mail.smtp.host”,“主机名” “mail.smtp.port”,“25” “mail.smtp.connecttimeo ...
-
从System.DirectoryServices中使用StartTLS与LDAP(Using StartTLS with LDAP from System.DirectoryServices)[2022-06-13]
过去有相当多的微妙的LDAP堆栈不兼容,这仍然适用于您的客户可能使用的潜在遗留场景。 以下是关于OpenLDAP和Microsoft LDAP堆栈之间不兼容的最常遇到的问题 (我会在更多信息可用时修改和/或替换这些链接) : OpenLDAP StartTLS问题(ITS#3037) ( 在获取OpenLDAP和Windows LDAP互操作中进行了总结)已触发相应的修补程序: 您无法从运行Windows Server 2003或Windows XP或Windows Vista的计算机向运行OpenLDAP ... -
python和ldap通过SSL(python and ldap via SSL)[2022-04-03]
我正在使用Samba4 DC和python ldap模块进行一些测试,我已经完成了这个例子: #!/usr/bin/env python2 # -*- coding: utf-8 -*- import ldap, ldapurl, subprocess, sys, shlex, os GrupoLDAP = "Domain Users" #Grupo a recuperar CACert = '/etc/cert/ca.cert.pem' #Certificado CA ldap.set_option ... -
问题隐藏在DataInputStream的实现中。 一旦我删除它并使用以下替换read_line () ,它就可以正常工作。 string? read_line (InputStream input) throws Error { var buffer = new uint8[1]; var sb = new StringBuilder (); buffer[0] = '\0'; while (buffer[0] != '\n') { input.read ( ...
-
我找到了使用UnboundID SDK和SSL证书文件连接到Android应用程序中的LDAP服务器以及如何将.cer证书导入java密钥库的解决方案? (Patrick M的回答)。 现在我可以从UI获取证书并通过SSL连接到LDAP :) import com.unboundid.ldap.sdk.LDAPConnection; import com.unboundid.util.ssl.SSLUtil; import org.junit.Test; import org.slf4j.Logger; i ...
-
支持LDAP over SSL(Support for LDAP over SSL)[2023-05-20]
您的Exchange管理员需要设置LDAPS,这是LDAP的安全版本。 I got solution, here are the links...enjoy.. verify LDAP over SSL Enable LDAP over SSL/ LDAPS -
我很确定你的问题是我遇到的问题。 在ldaptor / protocols / pureldap.py中,第1144行声明LDAPExtendedRequest requestValue必须是字符串。 但根据RFC 2251,该值是可选的,特别是不应出现在startTLS请求中。 所以你的方法是正确的; 这只是ldaptor中的一个主要错误。 据我所知,作者只测试了使用简单绑定而没有TLS。 您需要在pureldap.py中注释掉该行。 如果您正在部署此用户期望用户将下载或轻松安装ldaptor,那么您需要 ...