• 测试程序
    • 如何加密?

    测试程序

    使用下面命令启动服务器:

    1. mvn -PChatServer clean package exec:exec

    其中项目中的 pom.xml 是配置了 9999 端口。你也可以通过下面的方法修改属性

    1. mvn -PChatServer -Dport=1111 clean package exec:exec

    下面是控制台的主要输出(删除了部分行)

    Listing 11.5 Compile and start the ChatServer

    1. [INFO] Scanning for projects...
    2. [INFO]
    3. [INFO] ------------------------------------------------------------------------
    4. [INFO] Building ChatServer 1.0-SNAPSHOT
    5. [INFO] ------------------------------------------------------------------------
    6. ...
    7. [INFO]
    8. [INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ netty-in-action ---
    9. [INFO] Building jar: D:/netty-in-action/chapter11/target/chat-server-1.0-SNAPSHOT.jar
    10. [INFO]
    11. [INFO] --- exec-maven-plugin:1.2.1:exec (default-cli) @ chat-server ---
    12. Starting ChatServer on port 9999

    可以在浏览器中通过 http://localhost:9999 地址访问程序。图11.5展示了此程序在Chrome浏览器下的用户界面。

    Figure 11.5 WebSockets ChatServer demonstration

    测试程序 - 图1

    图中显示了两个已经连接了的客户端。第一个客户端是通过上面的图形界面连接的,第二个是通过Chrome浏览器底部的命令行连接的。
    你可以注意到,这两个客户端都在发送消息,每条消息都会显示在两个客户端上。

    如何加密?

    在实际场景中,加密是必不可少的。在Netty中实现加密并不麻烦,你只需要向 ChannelPipeline 中添加 SslHandler ,然后配置一下即可。如下:

    Listing 11.6 Add encryption to the ChannelPipeline

    1. public class SecureChatServerIntializer extends ChatServerInitializer { //1
    2. private final SslContext context;
    3. public SecureChatServerIntializer(ChannelGroup group, SslContext context) {
    4. super(group);
    5. this.context = context;
    6. }
    7. @Override
    8. protected void initChannel(Channel ch) throws Exception {
    9. super.initChannel(ch);
    10. SSLEngine engine = context.newEngine(ch.alloc());
    11. engine.setUseClientMode(false);
    12. ch.pipeline().addFirst(new SslHandler(engine)); //2
    13. }
    14. }

    1.扩展 ChatServerInitializer 来实现加密

    2.向 ChannelPipeline 中添加SslHandler

    最后修改 ChatServer,使用 SecureChatServerInitializer 并传入 SSLContext

    Listing 11.7 Add encryption to the ChatServer

    1. public class SecureChatServer extends ChatServer {//1
    2. private final SslContext context;
    3. public SecureChatServer(SslContext context) {
    4. this.context = context;
    5. }
    6. @Override
    7. protected ChannelInitializer<Channel> createInitializer(ChannelGroup group) {
    8. return new SecureChatServerIntializer(group, context); //2
    9. }
    10. public static void main(String[] args) throws Exception{
    11. if (args.length != 1) {
    12. System.err.println("Please give port as argument");
    13. System.exit(1);
    14. }
    15. int port = Integer.parseInt(args[0]);
    16. SelfSignedCertificate cert = new SelfSignedCertificate();
    17. SslContext context = SslContext.newServerContext(cert.certificate(), cert.privateKey());
    18. final SecureChatServer endpoint = new SecureChatServer(context);
    19. ChannelFuture future = endpoint.start(new InetSocketAddress(port));
    20. Runtime.getRuntime().addShutdownHook(new Thread() {
    21. @Override
    22. public void run() {
    23. endpoint.destroy();
    24. }
    25. });
    26. future.channel().closeFuture().syncUninterruptibly();
    27. }
    28. }

    1.扩展 ChatServer

    2.返回先前创建的 SecureChatServerInitializer 来启用加密

    这样,就在所有的通信中使用了 SSL/TLS 加密。和前面一样,你可以使用Maven拉取应用需要的所有依赖,并启动它,如下所示。

    Listing 11.8 Start the SecureChatServer

    1. $ mvn -PSecureChatServer clean package exec:exec
    2. [INFO] Scanning for projects...
    3. [INFO]
    4. [INFO] ------------------------------------------------------------------------
    5. [INFO] Building ChatServer 1.0-SNAPSHOT
    6. [INFO] ------------------------------------------------------------------------
    7. ...
    8. [INFO]
    9. [INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ netty-in-action ---
    10. [INFO] Building jar: D:/netty-in-action/chapter11/target/chat-server-1.0-SNAPSHOT.jar
    11. [INFO]
    12. [INFO] --- exec-maven-plugin:1.2.1:exec (default-cli) @ chat-server ---
    13. Starting SecureChatServer on port 9999

    现在你可以通过 HTTPS 地址: https://localhost:9999 来访问SecureChatServer 了。