Ja vaWeb development environment to build
Installed Tomcat server
- Download Tomcat: http://tomcat.apache.org/
- Find download
3.
5. After the download is complete, unzip to any directory, it is recommended that all regard the environment encountered in the study installed in the same directory
6. Start tomcat
7. After the successful launch of interface
Note: black tomcat window will close off
Access Tomcat server
By localhost: 8080 Access
can open the page in a web page, Congratulations, you have completed the tomcat installation, and start-up.
Second, configure Tomcat server port
All configuration of Tomcat conf folder are placed among the inside server.xml file is the core configuration file.
If you want to change the port to modify the port to start the Tomcat server, you can Connector node in the configuration file server.xml conducted
For example: will start the Tomcat server port by default port 8080 into 8081
Tomcat server startup default configuration port
1 <Connector port="8080" protocol="HTTP/1.1"
2 connectionTimeout="20000"
3 redirectPort="8443" />
The port Tomcat server startup modified to port 8081
1 <Connector port="8081" protocol="HTTP/1.1"
2 connectionTimeout="20000"
3 redirectPort="8443" />
这样就把原来默认Tomcat默认的的8080端口改成了8081端口了,需要注意的是,一旦服务器中的*.xml文件改变了,则Tomcat服务器就必须重新启动,重新启动之后将重新读取新的配置信息。因为已经在server.xml文件中将Tomcat的启动端口修改成了8081,所以Tomcat服务器启动时就以8081端口启动了,如下图所示:
访问Tomcat服务器也必须以新的访问端口去访问:http://localhost:8081/,如下图所示:
使用IDEA搭建Web开发环境
- 打开IDEA
- 创建一个Web项目
- 配置Tomcat服务器
二、互联网上的加密原理
Tomcat服务器启动时候会启动多个Connector(连接器),而Tomcat服务器的连接器又分为加密连接器和非加密连机器,比如:
这里访问的就是使用8080端口的那个连接器
1 <Connector port="8080" protocol="HTTP/1.1"
2 connectionTimeout="20000"
3 redirectPort="8443" />
这个Connector是一个没有加密的连接器,使用"http://localhost:8080/JavaWebDemoProject/Web/1.jsp"去请求服务器上的web资源的这个过程中,我们的请求是不加密的,要是想以一种加密的方式来访问Tomcat服务器,那么就要在Tomcat里面配置一个加密的Connector。要配置一个加密连接器,首先应该把互联网上的加密原理弄清楚。
3.1、对称加密
采用单钥密码系统的加密方法,同一个密钥可以同时用作信息的加密和解密,这种加密方法称为对称加密,也称为单密钥加密。
需要对加密和解密使用相同密钥的加密算法。由于其速度快,对称性加密通常在消息发送方需要加密大量数据时使用。对称性加密也称为密钥加密。
所谓对称,就是采用这种加密方法的双方使用方式用同样的密钥进行加密和解密。密钥是控制加密及解密过程的指令。算法是一组规则,规定如何进行加密和解密。
加密的安全性不仅取决于加密算法本身,密钥管理的安全性更是重要。因为加密和解密都使用同一个密钥,如何把密钥安全地传递到解密者手上就成了必须要解决的问题。
常用的对称加密有:DES、IDEA、RC2、RC4、SKIPJACK、RC5、AES算法等
3.2、非对称加密
非对称加密算法需要两个密钥:公开密钥(publickey)和私有密钥(privatekey)。公开密钥与私有密钥是一对,如果用公开密钥对数据进行加密,只有用对应的私有密钥才能解密;如果用私有密钥对数据进行加密,那么只有用对应的公开密钥才能解密。因为加密和解密使用的是两个不同的密钥,所以这种算法叫作非对称加密算法。 非对称加密算法实现机密信息交换的基本过程是:甲方生成一对密钥并将其中的一把作为公用密钥向其它方公开;得到该公用密钥的乙方使用该密钥对机密信息进行加密后再发送给甲方;甲方再用自己保存的另一把专用密钥对加密后的信息进行解密。另一方面,甲方可以使用乙方的公钥对机密信息进行签名后再发送给乙方;乙方再用自己的私匙对数据进行验签。
非对称加密工作原理
1.A要向B发送信息,A和B都要产生一对用于加密和解密的公钥和私钥。
2.A的私钥保密,A的公钥告诉B;B的私钥保密,B的公钥告诉A。
3.A要给B发送信息时,A用B的公钥加密信息,因为A知道B的公钥。
4.A将这个消息发给B(已经用B的公钥加密消息)。
5.B收到这个消息后,B用自己的私钥解密A的消息。其他所有收到这个报文的人都无法解密,因为只有B才有B的私钥
发送方使用接收方的公钥对数据加密,而接收方则使用自己的私钥解密,这样,信息就可以安全无误地到达目的地了,即使被第三方截获,由于没有相应的私钥,也无法进行解密。通过数字的手段保证加密过程是一个不可逆过程,即只有用私有密钥才能解密。
Asymmetric encryption still does not solve the problem of security of data transmission, such as A wants to send data to B, B to generate a pair of keys (public and private) first, and then the public key to A, B to get the hair A he has given public key can use the public key to encrypt data sent to B, but this process is sent to the a's, is likely to be intercepted by a third party public key C in B, C after intercepting the public key of B, also encrypt data using the public key of B, then sent to B, B to receive data after halo, confused because the received data in the end is a or C made of hair, which is one problem, another problem after that, C to B intercepts made public key, C can generate your own pair of keys (public and private), and then sent to a, after B a get public thought it was issued to him, and then send the encrypted data using the public key B, to B, the process of sending down C is intercepted, since a is the public key to encrypt data sent to him by C, and C has the private key can decrypt the contents thus encrypted after the a , and a and B after receiving the data sent to him but untied, because the data is encrypted with the public key C, B C no private , So it can not be decrypted. So, asymmetric encryption there is a problem: A want to send data to B, A to determine how to get the public key of B must be made of it? So how to solve this problem? We can only rely on a third party (CA body, the Certificate Authority (Certificate Authority), also known as a certificate authority) to guarantee. After A wants to send data to B, B first public key to the CA, CA agency to get the public key of B B went home Q: This is your public key you send? After confirmed that B is: yes, my hair! After this time it will do for a CA public key B of guarantee, to generate a digital certificate to B, a digital certificate containing the public key of the security certificate signing CA and B, B to get this CA digital certificate, you a distributed, the a to get a digital certificate, see CA's signature above, we can determine the current public key is to get B's hair, then you can safely use the public key to encrypt data, and then sent to the B .