Python中文网

一个关于 编程问题的解答网站.

有 Java 编程相关的问题?

你可以在下面搜索框中键入要查询的问题!

java Soap SSL握手

1 周,3 日 Questions & Answers

我的客户端正在通过HTTP成功地从服务器获得响应

SOAPConnectionFactory sfc = SOAPConnectionFactory.newInstance();
SOAPConnection connection = sfc.createConnection();

SOAPMessage soapMessageResponse = connection.call(soapRequest, new URL(serviceLocation));

我需要客户端/服务器之间的SSL通信

在另一个项目中,我成功地从KeyStoreTrustManagerFactory创建了SSLSocketFactory,用于SSL握手

如何在webservice客户端中使用SSLSocketFactory代码使客户端SSL通信成功以调用服务器


共 (3) 个答案

  1. # 1 楼答案

    我很确定它会使用默认的SSLContext。你可以用SSLContext来改变这一点。setDefault()

    SSLContext c = SSLContext.getInstance("SSL");
TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
tmf.init(yourKeystore);
TrustManager tm = tmf.getTrustManagers()[0];
tm.
c.init(null, tm, null);

    下面是上面字符串参数的一些other values

    如果需要更完整的控制,可以实现自己的SSLContext子类,该子类返回自己的SSLSocketFactory实现,并将该SSLContext设置为默认值:

    public class MySSLContext extends SSLContext {

    private SSLContext wrapped;
    private SSLSocketFactory mySocketFactory;

    public MySSLContext(SSLContext toWrap, SSLSocketFactory mySocketFactory) {
        wrapped = toWrap;
        this.mySocketFactory = mySocketFactory;
    }

    public SSLSocketFactory getSocketFactory() {
        return mySocketFactory;
    }

    public SSLSessionContext getClientSessionContext() {
        return wrapped;
    }

    // other delegates

}
  2. # 2 楼答案

    您好,如果您添加此代码,您的Web服务类ı认为您的问题将得到解决

         `

   //just put it your somewhere 
 public static class miTM implements javax.net.ssl.TrustManager,
    javax.net.ssl.X509TrustManager {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
    return null;
}

public boolean isServerTrusted(
        java.security.cert.X509Certificate[] certs) {
    return true;
}

public boolean isClientTrusted(
        java.security.cert.X509Certificate[] certs) {
    return true;
}

public void checkServerTrusted(
        java.security.cert.X509Certificate[] certs, String authType)
        throws java.security.cert.CertificateException {
    return;
}

public void checkClientTrusted(
        java.security.cert.X509Certificate[] certs, String authType)
        throws java.security.cert.CertificateException {
    return;
}
    }





 // CAll This function in your webservice class .
private static void trustAllHttpsCertificates() throws Exception {

// Create a trust manager that does not validate certificate chains:

javax.net.ssl.TrustManager[] trustAllCerts =

new javax.net.ssl.TrustManager[1];

javax.net.ssl.TrustManager tm = new miTM();

trustAllCerts[0] = tm;

javax.net.ssl.SSLContext sc =

javax.net.ssl.SSLContext.getInstance("SSL");

sc.init(null, trustAllCerts, null);

javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(

sc.getSocketFactory());

    }
  3. # 3 楼答案

    这行代码在SSL的情况下不起作用

    SOAPMessage soapMessageResponse = connection.call(soapRequest, new URL(serviceLocation));

    here创建信任管理器和密钥管理器

    为了通过SSL从axis2 webservice获得响应,您需要打开流,比如给定的here