使用相互SSL的SOAP – 如何通过凭据发送?
public class ResLookupGetService extends Service { ServerServicePortType getServerServicePort(); } public interface ServerServicePortType { ServerServiceResponse doSoapMethod(RequestObject request, ParamObject parameters); } ServerServicePortType service = new ServerServiceGetService().getServerServicePort(); ServerServiceResponse response = service.doSoapMethod(request, parameters);
上述代码适用于在需要相互SSL加密之前调用我的SOAP服务。
一旦打开,我尝试创建一个SSL上下文并设置如下:
ServerServicePortType service = new ServerServiceGetService().getServerServicePort(); BindingProvider bindingProvider = (BindingProvider) service; bindingProvider.getRequestContext().put( "com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory", getSslContext().getSocketFactory()); ServerServiceResponse response = service.doSoapMethod(request, parameters);
以及创建SSLContext
的代码:
public SSLContext getSslContext(String keyStorePath, String keyStoreType, String trustStorePath) { KeyStore keyStore = KeyStore.getInstance(keyStoreType); InputStream ksis = ClassLoader.getSystemResourceAsStream(keyStorePath); keyStore.load(ksis, "mypassword".toCharArray()); ksis.close(); KeyStore trustStore = KeyStore.getInstance("JKS"); InputStream tsis = ClassLoader.getSystemResourceAsStream(trustStorePath); trustStore.load(tsis, "mypassword".toCharArray()); tsis.close(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(trustStore); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(keyStore, "mypassword".toCharArray()); sslContext = SSLContext.getInstance("TLS"); sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); return sslContext; }
但它似乎没有正确传递我的凭据。 我正确设置了吗?
谢谢
事实certificate,使用BindingProvider
什么都不做(或者至少我不能将它用于它产生差异的地方)。
在调用Web服务的调用之前,我只需设置这些系统属性:
private void setSystemProps() { String keyStoreFileName = "ssl/clientKeyStore.jks"; String keyStorePath = ClassLoader.getSystemResource(keyStoreFileName).getPath(); String keyStoreType = "JKS"; String keyStorePassword = "mypassword"; String trustStoreFileName = "ssl/clientTruststore.jks"; String trustStorePath = ClassLoader.getSystemResource(trustStoreFileName).getPath(); String trustStoreType = "JKS"; String trustStorePassword = "mypassword"; Properties systemProps = System.getProperties(); systemProps.put("javax.net.ssl.keyStore", keyStorePath); systemProps.put("javax.net.ssl.keyStorePassword", trustStorePassword); systemProps.put("javax.net.ssl.keyStoreType", keyStoreType); systemProps.put("javax.net.ssl.trustStore", trustStorePath); systemProps.put("javax.net.ssl.trustStoreType", trustStoreType); systemProps.put("javax.net.ssl.trustStorePassword", keyStorePassword); System.setProperties(systemProps); }
然后我可以像平常一样进行服务调用:
ServerServicePortType service = new ServerServiceGetService().getServerServicePort(); ServerServiceResponse response = service.doSoapMethod(request, parameters);
值得注意的是,当我设置系统属性时,它们接受任何Object
作为值,并且我最初错误地将其设置为URL对象而不是String。
因此, trustStorePath
和keyStorePath
变量被设置为.getPath()
值,这是一个绝对文件路径,例如:
"/Users/username/path/to/directory/with/ssl/clientKeyStore.jks"
现在一切正常。