1. 首页
  2. 问答
  3. OWASP AppSensor - 部署Java后端API

OWASP AppSensor - 部署Java后端API

2017-09-13 177 views
0

我想使用AppSensor框架以将入侵检测和自动化响应添加到我的C#Web应用程序。OWASP AppSensor - 部署Java后端API

但我不知道如何让AppSensor API运行,所以我可以通过我的C#应用​​程序通过RESTful访问它。

让我先告诉你,我不与Java/Maven的/摇篮太familiair,但我知道如何从C#访问REST API。

我试图遵循Getting Started页面,并通过Git Bash命令行从GitHub下载AppSensor项目:git clone https://github.com/jtmelton/appsensor.git

然后我通过GIT中的Bash导航到AppSensor目录(我的电脑上):cd appsensor

我在AppSensor目录我后,我通过安装多模块父:mvn -N install

它的后安装它告诉我,构建是成功的,然后我决定运行测试与命令:mvn test

而当这一切完成Git Bash告诉我,每一个测试都取得了成功。但是现在我陷入了一种不知道下一步该做什么的风格。我想'部署'我的AppSensor API,以便我可以在我的C#应用​​程序中使用它。

某处GitHub的文档上是说mvn spring-boot:run应该运行/部署的组件。然而,当我在appsensor父目录并运行此命令时,它给了我这个错误:

[ERROR] No plugin found for prefix 'spring-boot' in the current project and in the plugin groups [org.apache.maven.plugins, org.codehaus.mojo] available from the repositories [local (C:\Users\dbr\.m2\repository), central (https://repo.maven.apache.org/maven2)] -> [Help 1] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. 
[ERROR] Re-run Maven using the -X switch to enable full debug logging. 
[ERROR] For more information about the errors and possible solutions, please read the following articles: 
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/NoPluginFoundForPrefixException

我做了一些研究,发现该命令mvn deploy应该部署的组件?但是,当我输入部署命令时,它会在第一个组件(appsensor-parent)中给我一个构建错误并停止部署。这也好心给我这个错误:

[ERROR] Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.3:deploy (injected-nexus-deploy) on project appsensor-parent: Execution injected-nexus-deploy of goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.3:deploy failed: Server credentials with ID "ossrh" not found! -> [Help 1] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. 
[ERROR] Re-run Maven using the -X switch to enable full debug logging. 
[ERROR] For more information about the errors and possible solutions, please read the following articles: 
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/PluginExecutionException

我也试图只把组件我need(AppSensor核心,分析引擎,存储,配置,门禁控制器,REST客户端,REST服务器)到一个文件夹。然后试图通过这样只有这些部件在<modules>...</modules>但也没有工作对我来说改变POM.XML文件来部署它。

但是什么工作是DemoSetup,但我不知道在哪里可以运行这个演示时发现的REST API(通过我的浏览器)。

谁能帮我通过获取运行,这样我可以用我的C#应用​​程序通过浏览器访问它,也是REST API服务器?

来源

2017-09-13 Damien Brils

回答

0

我挖得更深一些到AppSensors GitHub的页面,发现我应该能够通过部署AppSensor WS REST服务器达到API,: /example-apps/appsensor-ws-rest-server-boot

我通过插入下面的命令进入其部署混帐击:

cd appsensor 
cd sample-apps 
cd appsensor-ws-rest-server-boot 
mvn spring-boot:run

当时我能够前往http://localhost:8085/api/v1.0/responses

一个我一直在页面上达到从我的浏览器的API它给了我这样的通知:

Page requires sending configured client application identification header.

所以,一切似乎是好的,但是当我刷新页面,整个页面变成白色和Git的Bash给了我这个错误:当我用Google Chromes Advanced REST client extension并导航到

09:22:15.473 [http-nio-8085-exec-3] ERROR o.g.j.s.ServerRuntime$Responder - An I/O error has occurred while writing a response message entity to the container output stream. 
java.lang.IllegalStateException: The output stream has already been closed. 
     at org.glassfish.jersey.message.internal.CommittingOutputStream.setStreamProvider(CommittingOutputStream.java:146) ~[jersey-common-2.14.jar:na] 
     at org.glassfish.jersey.message.internal.OutboundMessageContext.setStreamProvider(OutboundMessageContext.java:798) ~[jersey-common-2.14.jar:na] 
     at org.glassfish.jersey.server.ContainerResponse.setStreamProvider(ContainerResponse.java:372) ~[jersey-server-2.14.jar:na] 
     at org.glassfish.jersey.server.ServerRuntime$Responder.writeResponse(ServerRuntime.java:606) [jersey-server-2.14.jar:na] 
     at org.glassfish.jersey.server.ServerRuntime$Responder.processResponse(ServerRuntime.java:377) [jersey-server-2.14.jar:na] 
     at org.glassfish.jersey.server.ServerRuntime$Responder.process(ServerRuntime.java:420) [jersey-server-2.14.jar:na] 
     at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:277) [jersey-server-2.14.jar:na] 
     at org.glassfish.jersey.internal.Errors$1.call(Errors.java:271) [jersey-common-2.14.jar:na] 
     at org.glassfish.jersey.internal.Errors$1.call(Errors.java:267) [jersey-common-2.14.jar:na] 
     at org.glassfish.jersey.internal.Errors.process(Errors.java:315) [jersey-common-2.14.jar:na] 
     at org.glassfish.jersey.internal.Errors.process(Errors.java:297) [jersey-common-2.14.jar:na] 
     at org.glassfish.jersey.internal.Errors.process(Errors.java:267) [jersey-common-2.14.jar:na] 
     at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:297) [jersey-common-2.14.jar:na] 
     at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:254) [jersey-server-2.14.jar:na] 
     at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:1030) [jersey-server-2.14.jar:na] 
     at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:377) [jersey-container-servlet-core-2.14.jar:na] 
     at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:381) [jersey-container-servlet-core-2.14.jar:na] 
     at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:344) [jersey-container-servlet-core-2.14.jar:na] 
     at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:221) [jersey-container-servlet-core-2.14.jar:na] 
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-embed-websocket-8.0.26.jar:8.0.26] 
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) [spring-web-4.1.7.RELEASE.jar:4.1.7.RELEASE] 
     at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.1.7.RELEASE.jar:4.1.7.RELEASE] 
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85) [spring-web-4.1.7.RELEASE.jar:4.1.7.RELEASE] 
     at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.1.7.RELEASE.jar:4.1.7.RELEASE] 
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [na:1.8.0_144] 
     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [na:1.8.0_144] 
     at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.0.26.jar:8.0.26] 
     at java.lang.Thread.run(Thread.java:748) [na:1.8.0_144]

然而API给了我一个200 OK。这应该意味着它的工作原理和错误发生,因为它是空的?

来源

2017-09-14 07:24:12

0

所以正从AppSensor的开发者(庞大的喊出来约翰·梅尔顿)一些帮助后,我能够正常访问API。

所有我需要做的就是在将要使用的API客户端的请求头添加X-Appsensor-Client-Application-Name2: myclientapp

当您添加到您的请求的头它会吐出你问从REST服务器的信息。我甚至能够将它实现到我的C#Rest Client中,并且它给了我正确的信息!

来源

2017-09-15 14:04:58

相关问题

 相关问题