gpt4 book ai didi

javax.xml.ws.Service 通过 SSL 使用 SOAP 服务

转载 作者:太空宇宙 更新时间:2023-11-03 13:28:39 24 4
gpt4 key购买 nike

我想通过 HTTPS 使用 SOAP 服务。我已经写了一个客户端来做到这一点。我没有使用自动类生成,因为目标服务在多个系统上运行,因此服务 URL 在运行时会发生变化。

这是使用 JAX-WS 的实现:

public class SAPClient implements Callable<...> {

private Service service = null;
private SOAPMessage response = null;
private boolean submitted = false;
private boolean successfull = false;
private QName serviceName;
private QName portName;
private SAPResult result = new SAPResult();
private Dispatch<SOAPMessage> dispatch = null;
private SOAPBody resBody = null;
private SapConnector connector;

public SAPClient(EricAgent agent, SapConnector connector) {
this.connector = connector;
serviceName = new QName(connector.getUrl(), Environment.SAP_CLIENT_SERVICE_NAME);
portName = new QName(connector.getUrl(), Environment.SAP_CLIENT_PORT);
this.service = Service.create(serviceName);
service.addPort(portName, SOAPBinding.SOAP11HTTP_BINDING, connector.getUrl());
this.successfull = false;
}

(...)

public synchronized void invoke() throws SOAPException {
try {
dispatch = service.createDispatch(portName, SOAPMessage.class, Service.Mode.MESSAGE);

MessageFactory mf = MessageFactory.newInstance(SOAPConstants.SOAP_1_1_PROTOCOL);
SOAPMessage message = mf.createMessage();
SOAPPart part = message.getSOAPPart();
SOAPEnvelope env = part.getEnvelope();
SOAPBody body = env.getBody();

SOAPElement operation = body.addChildElement(
Environment.SAP_CLIENT_OPERATION_NAME,
Environment.SAP_CLIENT_TARGET_NAMESPACE.getPrefix(),
Environment.SAP_CLIENT_TARGET_NAMESPACE.getURI());

// Add ticket
SOAPElement ticketValue = operation.addChildElement("ITicket");
ticketValue.addTextNode(...);

// Add "Informationsprotokoll"
String resultString = buildEricResultString(agent);
SOAPElement xmlValue = operation.addChildElement("IXml");
xmlValue.addTextNode(resultString);
message.saveChanges();

Response<SOAPMessage> sapResponse = dispatch.invokeAsync(message);

long waitingTime = 0;

while (true) {
if (waitingTime > Environment.SAP_CLIENT_TIME_OUT) {
//... handle timeout
}

if (sapResponse.getContext() != null) {
Environment.LOGGER.debug("got response");
response = sapResponse.get();
submitted = true;
successfull = result.returnCode.equals("0");

//...

break;
}

wait(1000);
waitingTime += 1000;
}
} catch (Throwable ex) {
Environment.LOGGER.error(null, ex);
this.submitted = false;
this.successfull = false;
}
}

}

我现在想通过 SSL 使用此服务。你能解释一下我是如何告诉 Service 类使用特定证书的吗?例如,我如何传递 keystore ......我用谷歌搜索并没有找到令人满意的结果。提前致谢!

更新 1:

通过添加:

    System.setProperty("javax.net.ssl.keyStore", certPath);
System.setProperty("javax.net.ssl.keyStorePassword", certPass);

我可以让 SSL 工作 - 感谢 zuxqoj!

输出看起来像这样,连接超时:

keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: ***
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=***, OU=I0020498236, OU=SAP Web AS, O=SAP Trust Community, C=DE
Issuer: CN=***, OU=I0020498236, OU=SAP Web AS, O=SAP Trust Community, C=DE
Algorithm: RSA; Serial number: 0x20120718050810
Valid from Wed Jul 18 07:08:10 CEST 2012 until Fri Jan 01 01:00:01 CET 2038

trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256

为了传递超时,我必须将此属性传递给 JVM,并且 http(s) 请求已通过:

-Djava.net.preferIPv4Stack=true

最佳答案

在 SOAP 调用之前将其添加到您的代码中

System.setProperty("javax.net.ssl.keyStore",certificatePath);
System.setProperty("javax.net.ssl.keyStorePassword", certificatePassword));
System.setProperty("javax.net.ssl.keyStoreType", "JKS");

您可以从服务器url下载.cer证书并使用命令将其转换为jks

keytool -importcert -file certificate.cer -keystore keystore.jks -alias "Alias"

现在您需要与每个目标服务器相对应的证书,并且在您的系统中某个地方您需要维护服务器 url 和证书之间的映射

关于javax.xml.ws.Service 通过 SSL 使用 SOAP 服务,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/12865915/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com