gpt4 book ai didi

java - 使用 HTTPS 的基本身份验证

转载 作者:塔克拉玛干 更新时间:2023-11-02 19:01:22 25 4
gpt4 key购买 nike

我目前正在尝试使用 HTTP 和 HTTPS 访问 URL。我尝试访问的 URL 需要基本身份验证。使用 HTTP 可以正常工作,但使用 HTTPS 则不行。我不确定是否需要使用 HTTPS 添加不同的内容。该 URL 应该向我返回键值格式的文本,我可以将其加载到 Properties 对象中。

这是我到目前为止尝试过的代码。

if (cpUrl.getProtocol().equals("https")) {
out.println("https", 0);
HttpsURLConnection connection = (HttpsURLConnection) cpUrl.openConnection();

TrustManager[] trustAllCerts = new TrustManager[] { new BusinessIntelligenceX509TrustManager() };
SSLContext sc;

try {
sc = SSLContext.getInstance("SSL");
}
catch (NoSuchAlgorithmException noSuchAlgorithmException) {
return;
}

HostnameVerifier hv = new BusinessIntelligenceHostnameVerifier();

try {
sc.init(null, trustAllCerts, new java.security.SecureRandom());
}
catch (KeyManagementException keyManagementException) {

return;
}

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(hv);

connection.setDoInput(true);
connection.setRequestProperty("Authorization", "Basic " + encode);

connection.setRequestMethod("POST");
connection.connect();
stream = connection.getInputStream();
Properties properties = new Properties();
properties.load(stream);

}

这是证书类

   //HTTPS CERTIFICATE CLASSES
class BusinessIntelligenceHostnameVerifier implements HostnameVerifier {

public boolean verify(String arg0, SSLSession arg1) {
return true;
}

}

class BusinessIntelligenceX509TrustManager implements X509TrustManager {

public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}

public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
// no-op
}

public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
// no-op
}

}

当我删除所有证书代码(以及证书代码)时的错误消息:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1057)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1041)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133)
at com.tecsys.bi.install.BiInstall2ControlPanelPromptsProcessor.run(BiInstall2ControlPanelPromptsProcessor.java:117)
at java.lang.Thread.run(Thread.java:595)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
at sun.security.validator.Validator.validate(Validator.java:203)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)
... 12 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
... 17 more

最佳答案

问题似乎出在连接打开之前,SSLContextHostNameVerifier 实例针对连接进行了更改。这是不可能的,因为 SSL/TLS 握手甚至发生在从 InputStream 读取连接内容之前。

换句话说,下面一行

HttpsURLConnection connection = (HttpsURLConnection) cpUrl.openConnection();

应该仅在 SSLContextHostNameVerifier 实例已注册到 HttpsURLConnection 类后执行。

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(hv);

修复此序列应该可以解决问题,因为现在将使用新参数进行握手。

关于java - 使用 HTTPS 的基本身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/6292799/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com