Warm tip: This article is reproduced from serverfault.com, please click

spring boot-AJP 连接器配置为 secretRequired=“true”,但在升级到 2.2.5 后,密钥属性为 null 或 “”

(spring boot - The AJP Connector is configured with secretRequired="true" but the secret attribute is either null or "" after upgrade to 2.2.5)

发布于 2020-03-03 06:44:48

由以下原因引起:java.lang.IllegalArgumentException:AJP 连接器配置为 secretRequired=“true”,但 secret 属性为 null 或 “”。此组合无效。at org.apache.coyote.ajp.AbstractAjpProtocol.start(AbstractAjpProtocol.java:264) at org.apache.catalina.connector.Connector.startInternal(Connector.java:1035) ...省略 22 个常见帧

将 springboot 从 2.1.9 升级到 2.2.5 后,我看到了上述错误。升级是克服Ghostcat漏洞所必需的,通过将tomcat版本升级到9.0.31,该版本与最新的springboot 2.2.5捆绑在一起。

Questioner
Manjunath
Viewed
0
TechFree 2020-03-03 16:40:33

这是一个解决方案,虽然可能不是最好的解决方案,但我的重点不是这个,只是为了通过错误,我在 Spring Boot 2.2.5.RELEASE 版本上启用了 AJP。添加这个:

((AbstractAjpProtocol) ajpConnector.getProtocolHandler()).setSecretRequired(false);

我的 AJP 配置完整课程:

package com.ssldemo.config;

import org.apache.catalina.connector.Connector;
import org.apache.coyote.ajp.AbstractAjpProtocol;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class TomcatConfiguration {

    @Value("${tomcat.ajp.port}")
    int ajpPort;

    @Value("${tomcat.ajp.remoteauthentication}")
    String remoteAuthentication;

    @Value("${tomcat.ajp.enabled}")
    boolean tomcatAjpEnabled;

    @Bean
    public TomcatServletWebServerFactory servletContainer() {

        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
        if (tomcatAjpEnabled) {
            Connector ajpConnector = new Connector("AJP/1.3");
            ajpConnector.setPort(ajpPort);
            ajpConnector.setSecure(false);
            ajpConnector.setAllowTrace(false);
            ajpConnector.setScheme("http");
            ((AbstractAjpProtocol) ajpConnector.getProtocolHandler()).setSecretRequired(false);
            tomcat.addAdditionalTomcatConnectors(ajpConnector);
        }

        return tomcat;
    }

}

应用程序属性

server.port=8082
tomcat.ajp.port=9090
tomcat.ajp.remoteauthentication=false
tomcat.ajp.enabled=true