gpt4 book ai didi

java - 基于 SSL 的 XML RPC 服务,具有来自 Spring 应用程序的基本身份验证

转载 作者:太空宇宙 更新时间:2023-11-03 14:20:21 29 4
gpt4 key购买 nike

我必须处理以下设置。

我必须从我的 spring 应用程序中通过 ssl(基本身份验证)调用一个在 php 中实现的 xml-rpc 服务接口(interface)。

函数的返回类型是一个简单的字符串。

我尝试使用粗麻布进行调用,但我收到了一个CertificateException。我认为这与自签名服务器端证书有关。我无法使用粗麻布禁用证书验证。

您将使用什么来进行此函数调用以及 spring 配置会是什么样子?

谢谢

调用接口(interface)

/**
*
* @param string $colourID
* @return string colorname
* @throws ApiException
*/
public function getColour($colourID)

端点(SSL/基本认证)

  • hxxps://api.application.com/colour
  • 用户:ExternColour
  • 密码:xxxxxxxxxx

我的代码

界面

public interface IColourService {

/**
*
* @param string $colourID
* @return string colorname
* @throws ApiException
*/
public String getColour(String colourID)

客户通话

public class RemoteServiceTest {

@Autowired
IColourService colourService;

@Test
public String runRemoteService(){
return colourService.getColour("1");
}

配置

Autowiring 工作所以我没有在这里提到它

<bean id="colourService"
class="org.springframework.remoting.caucho.BurlapProxyFactoryBean">
<property name="serviceUrl" value="hxxps://api.application.com/colour" />
<property name="serviceInterface"
value="my.package.IColourService " />
<!-- HOW to configure BASIC AUTH and SSL --->
</bean>

最佳答案

所以,有这样的堆栈跟踪:

Caused by: javax.net.ssl.SSLHandshakeException: 
java.security.cert.CertificateException: No subject alternative DNS name
matching example.com found.
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1623)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:198)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:192)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1074)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:128)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:465)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1147)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1131)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:904)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
at com.caucho.burlap.client.BurlapProxy.invoke(BurlapProxy.java:139)
... 24 more
Caused by: java.security.cert.CertificateException: No subject alternative
DNS name matching example.com found.
at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:193)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:77)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:264)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:250)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1053)
... 36 more

当 SSL 证书与域不匹配时,这是 HttpURLConnection 的常见异常。

我没有创建整个 Spring 环境,但以下测试对我有效:

@Test
public void test7() throws Exception {
final BurlapProxyFactory factory =
new NoSslCertificateCheckBurlapProxyFactory();
final String url = "https://example.com/service";
final Service service = (Service) factory.create(Service.class, url);

service.getColour("5");
}

NoSslCertificateCheckBurlapProxyFactory.java:

import java.io.IOException;
import java.net.URL;
import java.net.URLConnection;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;

import com.caucho.burlap.client.BurlapProxyFactory;

public class NoSslCertificateCheckBurlapProxyFactory
extends BurlapProxyFactory {

private final HostnameVerifier hostnameVerifier;

public NoSslCertificateCheckBurlapProxyFactory() {
hostnameVerifier = new NoCheckHostnameVerifier();
}

@Override
protected URLConnection openConnection(final URL url) throws IOException {
final URLConnection connection = super.openConnection(url);

if (connection instanceof HttpsURLConnection) {
final HttpsURLConnection httpsURLConnection =
(HttpsURLConnection) connection;
httpsURLConnection.setHostnameVerifier(hostnameVerifier);
}

return connection;
}
}

NoCheckHostnameVerifier.java:

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;

public class NoCheckHostnameVerifier implements HostnameVerifier {

@Override
public boolean verify(final String hostname, final SSLSession session) {
return true;
}
}

所以,如果我是对的,您只需要更改 bean 类即可

<bean id="colourService"
class="org.springframework.remoting.caucho.BurlapProxyFactoryBean">

<bean id="colourService"
class="your.package.NoSslCertificateCheckBurlapProxyFactory">

配置基本认证应该如下(我没测试过):

<property name="username" value="user1" />
<property name="password" value="pass1" />

引用资料:

关于java - 基于 SSL 的 XML RPC 服务,具有来自 Spring 应用程序的基本身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/7863283/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com