Python中文网

一个关于 编程问题的解答网站.

有 Java 编程相关的问题?

你可以在下面搜索框中键入要查询的问题!

启用Java/Groovy URL连接忽略SSL证书错误,不设置setDefaultSSLSocketFactory

1 周,6 日 Questions & Answers

关于如何在Java/Groovy中配置HTTPS以忽略SSL证书错误,这里有几个例子。简言之,它们都创建一个自定义TrustManager,将其添加到SSLContext,然后将生成的SocketFactory安装为HTTPS连接的默认连接工厂。当然,他们还附带了关于MITM攻击的所有必要警告,以及这是多么危险

事实上,在我编写groovy脚本以在Jenkins作业中运行的情况下,设置默认socket工厂非常困难。它的影响将远远超过我的剧本。所以我的问题是,如何为特定的连接或特定的HTTP客户机而不是所有的连接/客户机实现这一点?换句话说,如何将这样的更改本地化为我的一段暂时代码


共 (1) 个答案

  1. # 1 楼答案 

    public class BasicHttpClientFactory implements HttpClientFactory {

    private String proxyHost;
    private Integer proxyPort;
    private boolean isSocksProxy = false;
    HttpClient httpClient;
    final Integer maxConnections = new Integer(10);
    private static final Log logger = LogFactory.getLog(BasicHttpClientFactory.class);

    @Override
    public HttpClient createNewClient() {

    SSLConnectionSocketFactory sslsf = null;
        try {
            SSLContextBuilder builder = SSLContexts.custom();

            builder.loadTrustMaterial(null, new TrustStrategy() {
                @Override
                public boolean isTrusted(X509Certificate[] chain, String authType)
                        throws CertificateException {
                    return true;
                }
            });

            SSLContext sslContext = builder.build();

            sslsf = new SSLConnectionSocketFactory(
                    sslContext, new X509HostnameVerifier() {
                        @Override
                        public void verify(String host, SSLSocket ssl)
                                throws IOException {
                        }

                        @Override
                        public void verify(String host, X509Certificate cert)
                                throws SSLException {
                        }

                        @Override
                        public void verify(String host, String[] cns,
                                String[] subjectAlts) throws SSLException {
                        }

                        @Override
                        public boolean verify(String s, SSLSession sslSession) {
                            return true;
                        }
                    });

        } catch (KeyManagementException e) {
        logger.error(e.getMessage(), e);
        } catch (NoSuchAlgorithmException e) {
            logger.error(e.getMessage(), e);
        } catch (KeyStoreException e) {
            logger.error(e.getMessage(), e);
        }


        Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
                .register("http", new PlainConnectionSocketFactory())
                .register("https", sslsf)
                .build();

    PoolingHttpClientConnectionManager poolingConnManager = new PoolingHttpClientConnectionManager(registry);
    poolingConnManager.setMaxTotal(maxConnections);
    poolingConnManager.setDefaultMaxPerRoute(maxConnections);

    ConnectionKeepAliveStrategy keepAliveStrategy = new ConnectionKeepAliveStrategy() {
        @Override
        public long getKeepAliveDuration(HttpResponse response, HttpContext context) {
            return 60 * 1000;
        }
    };

    if (proxyHost != null) {
        HttpHost proxy = new HttpHost(proxyHost, proxyPort);
        httpClient = HttpClients.custom().setSSLSocketFactory(sslsf).setProxy(proxy).setConnectionManager(poolingConnManager).setKeepAliveStrategy(keepAliveStrategy).build();
    }else {
        httpClient = HttpClients.custom().setSSLSocketFactory(sslsf).setConnectionManager(poolingConnManager).setKeepAliveStrategy(keepAliveStrategy).build();
    }
    return httpClient;
    }

    public void setProxyHost(String proxyHost) {
    this.proxyHost = proxyHost;
    }

    public void setProxyPort(Integer proxyPort) {
    this.proxyPort = proxyPort;
    }

    public void setSocksProxy(boolean isSocksProxy) {
    this.isSocksProxy = isSocksProxy;
    }
}

    和接口:

    import org.apache.http.client.HttpClient;

public interface HttpClientFactory {

    public HttpClient createNewClient();
}

    之后,你可以使用:

    HttpClient httpClient = new BasicHttpClientFactory().createNewClient();

    如果你需要任何关于如何将其合并到项目中的想法,只需发布一些信息——也许我会想出一些想法;)