大佬教程收集整理的这篇文章主要介绍了如何使用spring-ws客户端使用不同的密钥库调用相同的Web服务,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
我有一些应用程序需要在同一个应用程序服务器中运行.每个应用程序都需要使用特定于该应用程序的证书通过同一Web服务进行身份验证.
显然,我可以将所有证书放在同一个密钥库中,但是如何指定我必须使用哪个?
对于我正在使用Spring webservicetemplate的调用,我想找到一些可以在spring xml配置文件中轻松配置的东西.
我试图遵循这个:
How can I have multiple SSL certificates for a Java server
整个概念很清楚但我无法理解如何将它与Spring webservicetemplate链接以及如何在调用内部指定我必须使用的证书.
这是神奇的@L_618_12@“CustomSSLhttpClientFactory.java”.
@H_874_20@package foo.bar.services; import java.io.InputStream; import java.net.socket; import java.security.KeyStore; import java.util.Map; import javax.net.ssl.SSLContext; import org.apache.http.client.httpClient; import org.apache.http.config.Registry; import org.apache.http.config.RegistryBuilder; import org.apache.http.conn.httpClientConnectionManager; import org.apache.http.conn.socket.ConnectionSocketFactory; import org.apache.http.conn.socket.PlainConnectionSocketFactory; import org.apache.http.conn.ssl.PrivateKeyDetails; import org.apache.http.conn.ssl.PrivateKeyStrategy; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.conn.ssl.SSLContextBuilder; import org.apache.http.conn.ssl.SSLContexts; import org.apache.http.conn.ssl.TrustSelfSignedStrategy; import org.apache.http.impl.client.CloseablehttpClient; import org.apache.http.impl.client.httpClientBuilder; import org.apache.http.impl.conn.basichttpClientConnectionManager; import org.springframework.beans.factory.@L_618_12@; import org.springframework.core.io.resource; /** * Custom SSL httpClientFactoy. * It allow to specify the certificate for a single specific implementation. * It's needed when you have a single URL to call but different certificate,each one specific for a single page/function/user * * @author roberto.gabrieli * */ public class CustomSSLhttpClientFactory implements @L_618_12@super(); this.keyStoreFile = keyStoreFile; this.keyStorepassword = keyStorepassword; this.keyStoreType = keyStoreType; this.trustStoreFile = trustStoreFile; this.trustStorepassword = trustStorepassword; this.allowedProtocols = allowedProtocols; this.certAlias = certAlias; } /** * Little trick to pass over some stupid contentLength error * * @author roberto.gabrieli */ private class ContentLengthHeaderRemover implements httprequesTinterceptor { @Override public void process(httprequest request,httpContext context) throws httpException,IOException { request.removeHeaders(http.CONTENT_LEN);// fighTing org.apache.http.protocol.requestContent's ProtocolException("Content-Length header already present"); } } /** * Private class to hack the certificate alias choice. * * @author roberto.gabrieli * */ private class AliasPrivateKeyStrategy implements PrivateKeyStrategy { private String alias; public AliasPrivateKeyStrategy(String alias) { this.alias = alias; } /** * This metod return the alias name specified in the constructor. */ public String chooseAlias(Map tocharArray()); keyStore.load(instreamKeys,keyStorepassword.tocharArray()); } finally { instreamKeys.close(); instreamTrust.close(); } SSLContextBuilder sslCtxBuilder = SSLContexts.custom().loadTrustMaterial(trustStore,new TrustSelfSignedStrategy()); PrivateKeyStrategy apks = null; // check if the alias is specified null and "" will mean -no alias- if ( this.certAlias != null && !this.certAlias.trim().equals("") ) { apks = new AliasPrivateKeyStrategy(this.certAlias); sslCtxBuilder = sslCtxBuilder.loadKeymaterial(keyStore,keyStorepassword.tocharArray(),apks); } else { sslCtxBuilder = sslCtxBuilder.loadKeymaterial(keyStore,keyStorepassword.tocharArray()); } SSLContext sslcontext = sslCtxBuilder.build(); //All the stuff for the connection build httpClientBuilder builder = httpClientBuilder.create(); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext,allowedProtocols,null,SSLConnectionSocketFactory.bROWSER_COMPATIBLE_HOSTNAME_VERIFIER); builder.setSSLSocketFactory(sslsf); Registry @H_262_29@
这是“spring-config.xml”中所需的配置
@H_874_20@
以上是大佬教程为你收集整理的如何使用spring-ws客户端使用不同的密钥库调用相同的Web服务全部内容,希望文章能够帮你解决如何使用spring-ws客户端使用不同的密钥库调用相同的Web服务所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。